24 of 24 Permanent NIST Jobs in Bristol

efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/ More ❯

in a hands-on Cyber Security focused role, primarily in the data security domain. A strong & demonstratable knowledge of security frameworks, standards and regulations (NIST, GDPR for example). Familiarity with cloud security principles and experience working with cloud platforms such as AWS and Snowflake. A clear and demonstratable understanding More ❯

li> Collaborate with IT and DevOps teams to harden systems and networks Support compliance efforts (e.g., ISO 27001, NIST, GDPR) Contribute to threat intelligence and detection rule tuning Participate in red/blue team exercises and More ❯

security assessments, audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks More ❯

security assessments, audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks More ❯

at the highest level and exhibit good verbal, written and presentation skills. Experience of working within key Cyber Security principles and standards (ISO 27001, NIST, Cyber Essentials, MITRE). [i] Experience working in a customer-facing role desirable. You should have experience in managing team driven workloads. Demonstrable experience driving More ❯

Enhancement: Contribute to the development and refinement of enterprise security architecture methodologies, such as TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate … Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains:

Identity and Access Management: Expertise in PAM … Control). Microsoft Cybersecurity Expert incl. M365 Security, Azure Security, Identity & Access Management and Security Operations. AWS Security. NIST Cybersecurity Professional (NCSP) Practitioner. ISO27001. Vendor Qualifications - Cisco, VMware, Fortinet, Checkpoint etc. Chartered membership in professional security bodies. More ❯

EntraID or similar platforms. Ddemonstrated ability to engage with auditors, compliance teams, and key business stakeholders. Knowledge of industry frameworks such as ISO 27001, NIST, or other security governance models. Privileged Access Management (PAM) experience. Benefits Motability Operations is a unique organisation, virtually one of a kind. We combine a More ❯

site Support the creation of project-specific security documentation and assurance strategies Skills & Experience: Experience leading ISO 27001 and cybersecurity governance Strong knowledge of NIST CSF, ISO 27005, and DCPP frameworks Confident communicator with a security-first mindset Comfortable being both strategic and hands-on Qualifications like CISSP (preferred), CISM More ❯

site Support the creation of project-specific security documentation and assurance strategies Skills & Experience: Experience leading ISO 27001 and cybersecurity governance Strong knowledge of NIST CSF, ISO 27005, and DCPP frameworks Confident communicator with a security-first mindset Comfortable being both strategic and hands-on Qualifications like CISSP (preferred), CISM More ❯

ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards — this is essential —as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue … development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain … coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) – non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is More ❯

ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue … development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain … coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is More ❯

Experience of working in a collaborative manner with auditors, compliance and other key business stakeholders A strong understanding of framework for example ISO 27001, NIST or similar governance models Strong technical experience in IAM delivery, including authentication, federation (SAML, OIDC, OAuth2), and access lifecycle automation Hands-on background in engineering More ❯

and risk management within defence, government, or high-security environments. Suited candidates must have strong knowledge of security frameworks and standards such as RMADS, NIST, DEF STAN, and policies. You will also have experience with accreditation processes and developing security risk balance cases. Familiarity with codes of connection (CoCo), Secure More ❯

experience in security assurance and risk management within defence, government, or high-security environments. Strong knowledge of security frameworks and standards such as RMADS, NIST, DEF STAN, and policies. Experience with accreditation processes and developing security risk balance cases. Familiarity with codes of connection (CoCo), Secure by Design, and security More ❯

and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing More ❯

My growing defence client is seeking a Security Architect with NIST framework experience. You'll join a leading organisation that develops cutting edge products and technology. Key Accountabilities : Identify security requirements and ensure the integration of security controls during the product development lifecycle. Develop and implement risk management strategies using … . An understanding of MOD ISN 23/09 Secure by Design. Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST … NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good salary & benefits . The client offers flexible working options, with some hybrid/remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST … NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

Security Engineer – Bristol (Hybrid) Security Clearance: SC (Eligible) DefStan | NIST | Threat Modelling Are you passionate about securing the future of critical technology? Do you have deep working knowledge of NIST standards and Defence Standards like DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 ? We’re hiring a … at every layer. Applying your hands-on knowledge of DefStan 05-138 and 05-139 to ensure products meet UK defence requirements. Leveraging the NIST 800 series (an absolute must) to establish best-in-class security frameworks. Performing code reviews , penetration testing, and guiding remediation efforts. Producing clear, robust documentation … such as RMADS and Security Assurance artefacts. What You Bring: Proven experience with NIST 800-30, 800-37, 800-53 and related frameworks. (Essential) Practical, working knowledge of Defence Standards , especially DefStan 05-138 and DefStan 05-139 . Familiarity with threat modelling tools and methodologies. Solid understanding of ISO More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents … or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration More ❯

compliance, and policy. You will be responsible for developing and implementing internal control frameworks and defining policies in line with industry standards such as NIST and ISO 27001. Collaboration with various business units will be key to reducing risk and ensuring compliance with regulations. Key Responsibilities: Focus on risk management … and compliance, including policy and standards development. Map internal controls to industry standards such as NIST and ISO 27001. Build and define security policies, ensuring alignment with organizational goals. Develop and manage compliance frameworks using Microsoft tools such as SharePoint, Power BI, Power Automate, and Risk Automate. Work closely with … various regions. Identify and deliver service/control improvements and contribute lessons learned to future projects. Desired Skills and Qualifications: Certifications: CISA, CISM, CRISC, NIST, ISO 27001. Experience with building compliance frameworks and policies using Microsoft tools. Please apply if interested More ❯

with ideal candidates having good knowledge/understanding of Governance Risk & Compliance (GRC), specifically around HMG/MOD frameworks such as Secure by Design, NIST, and ISO 27001. Because of the nature of the work and customers you could end up supporting, this role would suit a service leaver/… JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment methods Experience with ISO/IEC 27001 audits and cyber security assurance Supplier assurance and supply chain security expertise More ❯

with ideal candidates having good knowledge/understanding of Governance Risk & Compliance (GRC), specifically around HMG/MOD frameworks such as Secure by Design, NIST, and ISO 27001. Because of the nature of the work and customers you could end up supporting, this role would suit a service leaver/… JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment methods Experience with ISO/IEC 27001 audits and cyber security assurance Supplier assurance and supply chain security expertise More ❯

Design Conduct threat modelling exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30/37/53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security documentation like RMADS … and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan 05-138, Def Stan 05-139) Experience with security testing More ❯