1 to 25 of 27 Contract NIST Jobs in the South East

of cybersecurity controls is demonstrated by attainment of appropriate qualifications, e.g. CISSP, ISO27001 Lead Implementor or relevant SANS GIAC or equivalent. Knowledge of the NIST framework, PCI DSS, GDPR and NIS as well as NCSC cyber guidance. Experience working in an agile delivery environment would be highly advantageous. Specific cyber ...

e.g., Rapid7, Nessus, Qualys, OpenVAS). Knowledge in scripting languages (e.g., Python, PowerShell) for automation. Knowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS Controls). Skills & Competencies Analytical Skills Ability to conduct risk assessments and prioritise vulnerabilities based on business impact. Experience in creating and interpreting metrics ...

e.g., Rapid7, Nessus, Qualys, OpenVAS). oknowledge in scripting languages (e.g., Python, PowerShell) for automation. oKnowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS Controls). Analytical Skills: oAbility to conduct risk assessments and prioritise vulnerabilities based on business impact. oExperience in creating and interpreting metrics and reports ...

Strong understanding of Active Directory, LDAP, and authentication protocols - Experience with scripting (PowerShell, Python) for automation and reporting - Familiarity with compliance frameworks (ISO 27001, NIST, GDPR) - Excellent problem-solving, communication, and documentation skills If you are interested in this position and would like to learn more, please send through your ...

Understanding of Active Directory privileged account management Experience with SIEM integration for PAM event logging and alerting Working knowledge of security frameworks: ISO 27001, NIST CSF Strong troubleshooting skills for connector and session issues Good documentation skills for technical configurations and runbooks Ability to obtain SC-level national security clearance ...

design solutions for multi-domain, multi-vendor environments Apply risk management and security principles in line with MOD/NCSC standards (e.g. JSP604, NIST, ISO27001) Collaborate across technical, policy, cyber, and delivery functions to ensure integrated, compliant architecture Lead on security governance, controls and assurance within system and platform design ...

privileged account management Experience integrating PAM solutions with SIEM platforms for logging and alerting Working knowledge of security frameworks such as ISO 27001 and NIST CSF Strong troubleshooting skills across PAM connectors, sessions, and platform services Ability to produce clear technical documentation and operational runbooks Ability to obtain SC-level ...

CCNP. Experience of working cross teams i.e., Squad Model. Experience of UK government technology strategies, and policies. A deep understanding of NCSC, CIS, and NIST IT security principles. Expert knowledge of private (VMware), public cloud (AWS/Azure), COTs and GOTs products. Desirable Private and Public cloud development skills and ...

experience in resilience architecture, disaster recovery, or business continuity. - Expertise in cloud technologies, networking, and cybersecurity. - Strong knowledge of resilience frameworks (e.g., ISO 22301, NIST, ITIL). - Excellent analytical and problem-solving skills. - Ability to communicate technical concepts to non-technical stakeholders. - Certifications such as CBCP, CISSP, or TOGAF (preferred ...

this role, you should have: Expertise in designing Technology & Information Security Governance Frameworks and authoring relevant policies. Experience with Risk and Resilience Frameworks (e.g., NIST, ISO27001, COBIT, ITIL). Strong knowledge of UK and European regulations, including ECB, DORA, and FCA/PRA. Exceptional stakeholder engagement and influencing skills. Outstanding ...

Public Sector experience Agile, DevOps, and cross-team (squad model) delivery Cloud platforms (VMware, AWS, Azure) and enterprise infrastructure Strong security knowledge (NCSC, CIS, NIST) Architecture qualifications (e.g. TOGAF, MCSE, CCNP or equivalent) Desirable: DevOps, IaC, containers, microservices, and emerging technology experience Reasonable Adjustments: Respect and equality are core values ...

development practices through guidance, code review input, and vulnerability assessment. Assess risks across technology, processes, and people using frameworks such as ISO 27005 and NIST . Review third-party and cloud service provider integrations to ensure appropriate technical and contractual security controls. Support incident response planning and vulnerability management. Define ...

report on risk posture Collaborate with system owners, architects, SOC teams and assurance functions to manage threats and technical risk Apply frameworks such as NIST CSF, ISO27001, CVSS, and OWASP in a practical, defence-aligned setting Input into security governance, tooling strategy, and continuous improvement What We’re Looking ...

experience in resilience architecture, disaster recovery, or business continuity. Expertise in cloud technologies, networking, and cybersecurity. Strong knowledge of resilience frameworks (e.g., ISO 22301, NIST, ITIL). Excellent analytical and problem-solving skills. Ability to communicate technical concepts to non-technical stakeholders. Certifications such as CBCP, CISSP, or TOGAF (preferred ...

government or defence context Deep understanding of incident lifecycle management, SIEM tooling, threat analysis, and cyber investigation processes Familiarity with frameworks such as NIST 800-61, ISO27035, and MOD JSP604 Experience working across multi-vendor delivery teams and complex supplier ecosystems Active SC clearance is essential ...

security risk, or compliance role Certifications for ISO 27001 (Lead Implementer/Auditor) , would be required Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS , and data protection standards Onboarding/vendor risk management experience Hands-on experience supporting or leading ISO 27001 certification activities Solid understanding ...

of cloud security principles: IAM, KMS, encryption, zero trust, least privilege. Experience implementing policy-as-code and pipeline security controls. Understanding of CIS benchmarks, NIST, ISO27001, compliance frameworks. Cloud Migration Skills Direct experience supporting large-scale on-prem to AWS migrations . Strong understanding of migration waves, application onboarding, and ...

experience in edge AI or constrained/offline deployments. MLOps experience (Sagemaker, Kubeflow, ZenML). Experience building RESTful services around AI pipelines. ISO 27001, NIST SSDF, OWASP SAMM, or GDPR compliance literacy. Experience with AWS Karpenter, Prometheus, or similar observability stacks. Soft Skills Research-driven mindset, eager to experiment and ...

within an Agile Scrum environment, the Technical Security Architect will play a vital part in shaping secure platforms by applying Secure by Design and NIST principles throughout the delivery lifecycle. What you'll do as a Technical Security Architect Lead the design and delivery of secure infrastructure solutions across large ...

lifecycle according to the Security by Design framework and principles. Ensure knowledge and application of relevant standards, including but not limited to (ISO 44001, NIST 800-53, (Apply online only), (Apply online only), NIS2, DEFSTAN, JSP's). Define and follow secure development guidelines. Collaborate with development teams to embed ...

guidance materials. Maintain a structured policy framework that aligns with organisational requirements, legal obligations and external standards (e.g. JSP 440 , JSP 604 , ISO27001 , NCSC , NIST , GDPR ). Collaborate with cyber, risk, legal, assurance and delivery stakeholders to ensure policies are fit-for-purpose and support effective implementation. Track changes … Experience Active SC Clearance Strong understanding of security and cyber policy frameworks including: JSP 440/JSP 604 NCSC Cloud Security Principles ISO27001/NIST Cybersecurity Framework Information assurance, data protection and risk governance in regulated environments Proven experience in writing, reviewing and maintaining formal policy documentation or guidance artefacts. ...

awareness plan to support policy adoption Coordinate messaging across internal teams, suppliers, and delivery partners Translate complex security policy frameworks (e.g. JSP 440, ISO27001, NIST, NCSC ) into audience-appropriate materials Produce clear communication outputs such as FAQs, dashboards, briefing packs and campaign content Track policy updates, engagement gaps, and risks … understanding or uptake Essential Skills & Experience: Background in cybersecurity , cyber policy , or information assurance Familiarity with frameworks such as JSP 440 , JSP 604 , ISO27001 , NIST , and NCSC Cloud Security Principles Experience delivering communications or policy engagement in secure or regulated environments Strong written and verbal communication skills - comfortable engaging both ...

making. Confidence engaging stakeholders of varying technical levels, from engineers to senior non-technical leaders. Familiarity with frameworks and standards such as ISO 27001 , NIST CSF , NIST 800-53 , SOC 2 , PCI DSS , etc. Practical experience applying Large Language Models (LLMs) in security workflows, including: Speeding up risk analysis and ...

and risk reporting Ability to engage effectively with both technical and non-technical stakeholders across the business Familiarity with standards such as PCI-DSS, NIST SP800-53, NIST CSF, ISO 27001, and SOC 2 Practical experience using Large Language Models (LLMs) inday-to-day security risk management activities, including: Accelerating ...

wide range of stakeholders, including both technical/engineering and non-technical roles Familiarity with security standards and frameworks such as PCI-DSS, NIST SP 800-53, NIST CSF, ISO 27001, and SOC 2 Practical experience using Large Language Models (LLMs) in day-to-day security risk management activities, including ...