1 to 25 of 34 Contract NIST Jobs in the UK

Lead the design and implementation of secure network architectures for on-premises, cloud, and hybrid environments. Define network security standards, frameworks, and policies aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Develop and maintain secure designs for firewalls, VPNs, intrusion prevention systems (IPS/IDS), network segmentation, and zero trust network access (ZTNA). Collaborate with IT More ❯

security testing (AWS, Azure, or Google Cloud). * Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. * Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful More ❯

ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in More ❯

ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in More ❯

with specific experience in testing cloud security controls. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001/27002, CIS Controls, COBIT. Experience with current automated and manual industry methods for evaluating security controls on Perm and in cloud environments. Capable of communicating More ❯

essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO/IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed … documentation and controls are in place and effective. Essential Skills & Experience: Proven experience in information assurance, cyber security, or risk management roles. Strong knowledge and practical experience with ISO27001, NIST, PRISMA, and CoBIT frameworks. Demonstrated ability to design and implement ISMS in complex, multi-stakeholder environments. Excellent communication and stakeholder engagement skills. Relevant certifications such as CISSP, CISM, ISO27001 Lead More ❯

solution designs aligned with Microsoft security capabilities Conduct capability assesments across Microsoft security tools (i.e Defender, E5, Endpoint, CrowdStrike Evaluate security architecture using industry frameworks (i.e ISO 27001, CIS, NIST) Produce architecture dcumentation, risk assessments and design decision Experience required: Expertise in Microsoft Security Stack (E5 Security, Defender, Endpoint, Sentinel) Strong knowledge of Microsoft Licensing and governance Experiecne designing reusable More ❯

architectures and strategies on GCP. Evaluate and recommend security tools, services and configurations to strengthen cloud security posture. Ensure compliance with security standards and frameworks such as ISO 27001, NIST, CIS, GDPR and others. Lead threat modelling, risk assessments, and security reviews for GCP infrastructure and applications. Define and enforce Identity and Access Management (IAM) policies, including roles, permissions and More ❯

and IaC tools Apply advanced container security and runtime protection strategies Lead threat modeling, risk assessment, and identity governance in the cloud Develop reusable security patterns aligned with CIS, NIST, ISO 27001 standards Successful Candidate Will Need: Hands-on CNAPP experience (CSPM, CWPP, CIEM, DSPM, KSPM) Architect-level cloud certifications + CISSP/CISM Strong knowledge of containers, serverless, and More ❯

Vulnerability Analyst: Proven hands-on Tenable experience is Essential. Experience conducting vulnerability assessments and penetration testing. Strong background in Threat and Vulnerability management. Experience with frameworks such as ISO27001, NIST and CIS. Comfort working with stakeholders or independently. Build VM functions from scratch. Strong analytical and problem-solving skills, and the ability to interpret data and metrics related to cyber More ❯

Vulnerability Analyst: Proven hands-on Tenable experience is Essential. Experience conducting vulnerability assessments and penetration testing. Strong background in Threat and Vulnerability management. Experience with frameworks such as ISO27001, NIST and CIS. Comfort working with stakeholders or independently. Build VM functions from scratch. Strong analytical and problem-solving skills, and the ability to interpret data and metrics related to cyber More ❯

processes Skills & Experience Required: 8+ years of experience in Information Security or IT , with 3+ years in IT Audit or security control testing Familiar with security frameworks such as NIST 800-53, ISO 27001, CIS Controls, COBIT Hands-on experience using RSA Archer, ServiceNow , and familiarity with automation and data-driven testing Working knowledge of cloud environments ( AWS, Azure ) and More ❯

or commercial systems. Degree in engineering, computer science, or related field. Certified security professional (e.g. CISSP, NCSC Certified Professional). Familiar with UK/NATO IA standards (ISO 27000, NIST SP800, JSP440, etc.). Experience with accreditation, security evaluation, and cryptographic systems. Strong communication, leadership, and collaboration skills. Eligible for SC clearance (UK-only caveat). Desirable: DV clearance Understanding More ❯

with stakeholders and deliver clear, actionable insights What You Bring: 8+ years in InfoSec/IT, with 3+ years in control testing or IT audit Strong knowledge of frameworks (NIST, ISO 27001, CIS, COBIT) Certifications: CISA, CISSP, CISM, or ISO 27001 Lead Auditor Excellent analytical, communication, and stakeholder engagement skills Nice to Have: Experience with Sailpoint, Rapid7, Wiz.io, RSA Archer More ❯

into business processes and IT operations. Required Skills & Qualifications: * 3-5 years of experience in cyber security roles, with hands-on involvement in ensuring compliance to security frameworks (ISO27001, NIST, eCAF). * Proven experience in implementing security systems and/or monitoring tools. * Strong knowledge of SIEM, Vulnerability Management, Threat Intelligence, and IAM systems. * Experience contributing to enterprise-level security More ❯

access control, authentication, and encryption standards across platforms. Work with data scientists and engineers to embed security into model development. Stay current on evolving AI regulations (EU AI Act, NIST AI RMF, GDPR, etc.). Support adversarial testing, model bias assessments, and trustworthiness evaluations. Contribute to training and awareness initiatives on AI/ML security best practices. Act as a More ❯

demonstrate excellent communication, documentation, analytical and troubleshooting skills, with the ability to work independently while coordinating across multiple teams. Additional exposure to regulatory frameworks such as NIS, ISO 27001, NIST-800 or Cyber Essentials would be beneficial, as would experience with DevOps and cloud-based PAM strategies. The environment is largely based on Microsoft and VMware on-premises infrastructure, with More ❯

demonstrate excellent communication, documentation, analytical and troubleshooting skills, with the ability to work independently while coordinating across multiple teams. Additional exposure to regulatory frameworks such as NIS, ISO 27001, NIST-800 or Cyber Essentials would be beneficial, as would experience with DevOps and cloud-based PAM strategies. The environment is largely based on Microsoft and VMware on-premises infrastructure, with More ❯

demonstrate excellent communication, documentation, analytical and troubleshooting skills, with the ability to work independently while coordinating across multiple teams. Additional exposure to regulatory frameworks such as NIS, ISO 27001, NIST-800 or Cyber Essentials would be beneficial, as would experience with DevOps and cloud-based PAM strategies. The environment is largely based on Microsoft and VMware on-premises infrastructure, with More ❯

demonstrate excellent communication, documentation, analytical and troubleshooting skills, with the ability to work independently while coordinating across multiple teams. Additional exposure to regulatory frameworks such as NIS, ISO 27001, NIST-800 or Cyber Essentials would be beneficial, as would experience with DevOps and cloud-based PAM strategies. The environment is largely based on Microsoft and VMware on-premises infrastructure, with More ❯

/IT cybersecurity strategies Manage cross-functional cyber transformation programs including external vendors Align security initiatives with business and compliance needs Oversee risk management and adherence to standards (e.g., NIST, IEC 62443) Promote cyber awareness and cultural change across teams Collaborate with stakeholders and report to senior leadership Deep knowledge of SCADA, ICS, IT infrastructure, and cloud security 8+ years More ❯

operational controls (such as back-ups, resilient design, anti-virus) are essential * Knowledge of Threat modelling, control frameworks and Risk assessment techniques (such as ISO2700x, COBIT, COSO, ITIL and NIST Cyber Security Framework) is desirable * Knowledge of Cloud Security practices is desirable Experience in the following areas would be beneficial- * Security Design in projects (setting requirements, reviewing architecture) * Risk assessment More ❯

the Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with … and security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe More ❯

Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with … the Authority Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe More ❯

Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks * Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master * Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities * Liaise with … the Authority * Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities * Cyber Security Assurance * ISO27001 * NIST 800-53 series * MOD Secure by Design * Information assurance * Risk management * High quality of written and verbal communication skills * Experience of working in Secure environments (Highly desirable) * Experience in Safe More ❯