1 to 25 of 109 Remote NIST 800 Jobs

the companys information protection requirements. • Performs or coordinates internal security assessments, penetration tests, vulnerability scans, and assess organization cybersecurity maturity Complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standards and regulations. • Provides internal customer support via assigned tickets for security … Computer Science, or similar discipline. • Provides a documented work history that includes a minimum of 5-years experience in Information Security. • Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. • Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware … to manage and continuously improve upon vulnerability management program. • Ability to propose solutions for closing identified vulnerabilities in the infrastructure. Desired Qualifications: • Certified Information System Security Professional (CISSP), NIST Cybersecurity Framework (NCSF), Certified Cloud Security Professional (CCSP) andor Certified Ethical Hacker (CEH) • Knowledge and experience with Microsoft Office and Visio. • Knowledge of WAN technologies including MPLS, SD WAN. More ❯

security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional … and infrastructure domains. Extensive experience working with senior leadership and stakeholders to drive strategic security initiatives, influencing decisions at the enterprise level. Strong understanding of security frameworks, including NIST CSF, SABSA etc, and the ability to apply them in diverse environments. Qualifications and certifications: Degree in a technology discipline (Computer Science, Information … Management, Computer Engineering, Cybersecurity or equivalent) Professional certifications such as CISSP, CISA, CISM, CRISC, SABSA, or equivalent. Deep expertise in risk management frameworks, including ISO 27001, NIST SP 800-53, and SANS Top 20 Critical Security Controls. Experience with cloud security solutions and services Our commitment to employees: At CLS, we celebrate diversity and consider this More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

protection Security operations and incident response Experience in developing and implementing security policies, procedures, and standards. Understanding of legal and regulatory frameworks (e.g., GDPR, ISO 27001, NIST SP 800-171). Excellent communication, collaboration, and interpersonal skills, with the ability to effectively communicate complex technical information to both technical and non-technical audiences. Experience building and More ❯

L1/2, NIST, ISO27001, COBIT, etc.). Operational Technology – Ensure the security of critical infrastructure aligns with industry standards and regulatory requirements (e.g. NIST SP 800-82, CAF, DPA 2018, etc.). As An Experienced Consultant In The Business You’ll Help Set The Direction, Grow Our Business, Model Our Values And Behaviours … is as follows: Working with SOC teams, OT Security, Security Architecture, Security Op Model Transformation projects and Cybersecurity Assessments. Familiarity with core Cybersecurity frameworks and industry frameworks (e.g., NIST CSF, ISO27001, CIS Critical Controls), regulations (e.g., NIS2) and financial regulations (e.g., DORA, FCA, Bank of England, etc.). Have experience (or knowledge) in securing Gen AI for business More ❯

building security. Risk Management: Lead Cyber and Information Security Risk Management for NSoIT(D). Implement and manage cyber security risks in STREAM and ARM. Conduct and manage NIST 800-based Risk Assessments. Oversee cyber and information security architecture within STREAM. Deliver routine cyber and information security risk reporting. Act as secretary to the programme Security More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

3+ years' experience performing IT Audit or security control testing. Knowledge of internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001/27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). More ❯

to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain … certifications Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not essential if experience validates skills. Knowledge of security frameworks (e.g., NIST CSF, ISO 27001, SOC1,2). Prince 2, MSP, APMQ advantageous. A desire to continue learning and developing security skills and qualifications. Our commitment to employees: At CLS, we More ❯

latest trends, solutions, and best practices in the industry e.g. Application Security Posture Management (ASPM), Continuous Cyber and IT controls monitoring (CCM) Thorough understanding of compliance frameworks like NIST and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis … reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber More ❯

latest trends, solutions, and best practices in the industry e.g. Application Security Posture Management (ASPM), Continuous Cyber and IT controls monitoring (CCM) Thorough understanding of compliance frameworks like NIST and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis … reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber More ❯

You will need to login before you can apply for a job. AVP, IT Security Specialist - RSA Archer, NIST, GRC - London - Hybrid AVP, IT Security Specialist – RSA Archer, NIST, GRC – London – Hybrid Join a leading security governance and risk team as an AVP, IT Security Specialist . You'll play a key role in ensuring robust … security controls, compliance, and continuous risk reduction across a regulated enterprise environment. Key Responsibilities: Maintain and evolve security policy, standards, procedures, and frameworks Align security practices with NIST CSF, NIST 800–53 and other industry standards Advise business and technology teams on information security best practices Conduct regular risk assessments and maintain a risk … in Information or Cyber Security, ideally in financial services Solid understanding of security risk management principles and taxonomy Working knowledge of GRC platforms – RSA Archer preferred Familiarity with NIST CSF , NIST 800–53 , ISO 27001 , SOC 1 & 2 Good written and verbal communication skills for technical and non–technical stakeholders Strong documentation and risk More ❯

suppliers to ensure ongoing compliance with MOD standards (e.g., Secure By Design, DefStan 05-138). Conduct information security risk assessment and management using recognized frameworks such as NIST SP800. Perform information security assurance activities and manage incidents. Establish and manage internal and external Security Working Groups. Support Serco Defence projects and design activities, ensuring compliance with MOD … Secure by Design, HMG policy, NCSC guidance, NIST 800, and ISO 27001. Advise on technical requirements and compliance with formal contract security schedules (Security Aspects Letters) and recommend security technologies and controls. Provide advice and guidance to maintain existing cyber security compliances (e.g., ISO 27001, Cyber Essentials Plus), MOD certifications, and HMG security controls. Adopt a More ❯

accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan 05-138 & Defstan More ❯

accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan 05-138 & Defstan More ❯

Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct … penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools More ❯

Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct … penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools More ❯

cryptographic security controls into software development and deployment processes. Support post-quantum cryptography (PQC) readiness by evaluating and preparing for emerging threats to encryption security. Ensure compliance with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN … storage practices. Experience working in financial institutions or other highly regulated industries. Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN More ❯

needs, including DoD, DHS, and the Intelligence Community. Cybersecurity Architecture & Innovation: Oversee the design, development, and implementation of secure, scalable solutions tailored to federal risk management frameworks (e.g., NIST, FedRAMP, CMMC, FISMA). Compliance & Risk Management: Ensure all technologies and systems meet federal regulatory standards and accreditation processes; provide guidance during ATO (Authority to Operate) processes. Federal Partnerships … contracts. Qualifications: Proven experience (10+ years) in technical leadership roles, preferably within a federal systems integrator, cybersecurity firm, or federal agency. Deep understanding of federal cybersecurity frameworks (e.g., NIST 800-53, CMMC, RMF, FISMA, FedRAMP). Strong background in secure cloud infrastructure (AWS GovCloud, Azure Government), zero trust architecture, and emerging threat landscape. Track record of More ❯

across teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines … Def Stan 05-138/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches challenges with innovation and More ❯

specific experience in testing cloud security controls Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001/27002, CIS Controls, COBIT Strong communication and stakeholder management skills Experience with automated testing tools such as Sailpoint, Rapid7, Wiz.io, MS Defender More ❯