1 to 25 of 154 Remote NIST Jobs

point security tools and data loss prevention controls are highly advantageous Skills and experience Experience working within recognised information security frameworks (e.g. ISO27001, NIST) Proven experience in an information security role, preferably within financial services or e-commerce Strong analytical capability, with the ability to interpret data and support decision ...

threat intelligence (attacks, CVEs, research); Build automated adversarial testing; Assess security of third‐party AI tools and models; Ensure compliance (EU AI Act, NIST AI RMF, ISO 42001); Define AI security policies (access, data, prompts, monitoring); Partner with legal/compliance on governance, consent, and bias; Maintain model documentation, risk ...

and security gap analyses across infrastructure and application layers Define and enforce security standards, reference architectures, and policy controls aligned with frameworks such as NIST, ISO/IEC 27001, and CIS Evaluate, select, and integrate security technologies including: Identity and Access Management (IAM) Security Information and Event Management (SIEM) Endpoint ...

risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry frameworks (e.g., NIST, ISO/IEC 27001, CIS) Evaluate and integrate security technologies, including IAM, SIEM, EDR, DLP, WAF, and encryption solutions Collaborate with engineering, DevOps, and ...

Lead experience MOD/GDS Secure by Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ...

strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and ...

protect network integrity. Enforce robust security policies to maintain system security standards. Compliance and Audit Support Ensure adherence to compliance standards including ISO27001, NIST, and GDPR through regular audits and risk assessments. Support audit processes by providing necessary documentation and evidence of compliance. Security Awareness and Training Conduct regular training ...

Strong understanding of Active Directory, LDAP, and authentication protocols Experience with scripting (PowerShell, Python) for automation and reporting Familiarity with compliance frameworks (ISO 27001, NIST, GDPR) Excellent problemsolving, communication, and documentation skills ...

Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within ...

Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within ...

Compliance & Audit Support internal and external audits and remediate IAM control gaps Demonstrate compliance with FCA/PRA expectations, GDPR, SOX, ISO 27001, and NIST Partner with Risk and Compliance teams to improve identity-related risk posture Stakeholder & Vendor Management Engage senior stakeholders including CIO, CISO, and Head of Risk ...

experience in Software Composition Analysis for dependency scanning (Trivy, Snyk, or similar) is preferred Compliance & Hardening: 2+ years of experience in Security compliance frameworks (NIST, STIG, CIS benchmarks, FedRAMP) is required 2+ years of experience in Security hardening and baseline configuration is required 2+ years of experience in Audit logging ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...

financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk ...