1 to 25 of 26 Permanent NIST Jobs in Central London

regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. More ❯

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability More ❯

work across strategic, operational, and technical domains. You should have: Cyber Expertise: 4+ years experience in cyber strategy, risk, maturity assessments, and operating models. Knowledge of frameworks such as NIST CSF, ISO27001, NCSC CAF, CRI 2.0. Exposure to regulatory environments including NIS2 and GDPR. Relevant certifications (e.g., CISSP, CISM, CISA, MSc in Cyber Security). Consulting Skills: Strong client-facing More ❯

Information Assurance Risk Assessment and Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native threats. More ❯

while building your own leadership brand What we’re looking for: Proven experience in cyber strategy, cyber risk, transformation, or security governance Strong understanding of industry frameworks such as NIST CSF, ISO27001, CAF or CRI2.0 Ability to communicate clearly with stakeholders at all levels — from technical teams through to board-level A blend of consulting and hands-on delivery experience More ❯

in ICT security management and incident response (CIS and Cyber Essential Plus). Strong technical knowledge of Microsoft 365, Azure, and cloud security. Familiarity with frameworks like ISO 27001, NIST, and CIS. Excellent communication skills and a pragmatic, risk-based mindset. Relevant certifications (e.g. AZ-500, CISSP, CISM, CCSP) are highly desirable. This role offers hyrbid working (1-2 days More ❯

with regulatory expectations and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using More ❯

processes. Promote a positive and proactive cyber security culture. About You: Strong advisory background in cyber security within complex enterprise environments. Knowledge of frameworks and standards such as ISO27001, NIST, NIS Regulations. Understanding of infrastructure, networks, applications and cloud security principles. Excellent communicator with proven stakeholder management experience. Passionate about innovation, problem solving and continuous improvement. Qualifications & Experience: Degree (or More ❯

regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management, scenario-based testing, and oversight of third-party providers. More ❯

and problem-solving skills. Experience of working in a large, complex IT environment (preferably within Financial Services). Strong understanding of IT Security Standards and frameworks (such as ISO, NIST, GDPR). What We Offer Save For Your Future - Equiniti Pension Plan; Equiniti matches your pension contributions up to 10% All Employee Long Term Incentive Plan (LTIP) - Gives all EQ More ❯

email security, and other key cybersecurity tools. Manage incident response plans and investigations, coordinating with internal teams and external partners. Ensure compliance with standards like ISO 27001, GDPR, and NIST frameworks. Promote security awareness and training across departments. Requirements: Degree in Cybersecurity, Information Security, or related field. Proven experience in manufacturing, energy, chemicals, or similar sectors. 15 years of experience More ❯

Strong understanding of mail filtering technologies • Strong understanding of Cloud infrastructure technologies, including encryption • Demonstrable experience of working with Microsoft Sentinel, Defender and Purview • Excellent understanding of security frameworks (NIST and Cyber Essentials) • Ability to lead and manage third party providers • Strong understanding of incident response processes and methodologies including leading and managing incidents • Lead on root cause analysis, providing More ❯

an IAM solution across all aspects of the SDLC (Analyse, Design, Develop/Configure, Test, Deploy, Document) Understanding of regulatory frameworks, and their application to IAM, e.g. SOx, ISO27001, NIST, HIPAA, GDPR, PSD2, etc. Ideally, an education in Business, IT, IT security or related field Advantageous: Professional certifications such as CISSP, CISA, ITIL, etc. Product certifications from SailPoint, or other More ❯

and capability growth What We’re Looking For 5+ years in cybersecurity or cyber advisory Experience leading cyber transformation in a consulting or enterprise environment Deep understanding of frameworks: NIST, ISO27001, GDPR, NIS2, CAF Track record managing teams and complex project delivery Executive-level stakeholder management and influencing skills Certifications (CISSP, CISM, CISA, M.Inst.ISP) highly desirable This is a chance More ❯

IoT, AI, and more Influence system design to be secure by default , not by patch. 🧠 You Should Have: ✔️ 8+ years in security consulting or implementation ✔️ Expertise in frameworks like NIST, RMF, Common Criteria ✔️ Strong grasp of risk management , compliance, and threat mitigation ✔️ Clear communication across technical and business stakeholders ✔️ Curiosity and adaptability to stay on top of emerging technologies. 💡 Preferred More ❯

tools such as Illumio or Guardicore Desirable Experience with legacy infrastructure and operational technology (OT) Understanding of asset management and BAU handover processes Awareness of Zero Trust principles and NIST frameworks Exposure to cloud networking (Azure, AWS, GCP) If this is of interest, please apply with your latest CV and I’ll be in touch. More ❯

an IAM solution across all aspects of the SDLC (Analyse, Design, Develop/Configure, Test, Deploy, Document) Understanding of regulatory frameworks, and their application to IAM, e.g. SOx, ISO27001, NIST, HIPAA, GDPR, PSD2, etc. Ideally, an education in Business, IT, IT security or related field Advantageous: Professional certifications such as CISSP, CISA, ITIL, etc. Product certifications from SailPoint, or other More ❯

leaders in a team that values inclusion and ideas 🧠 What we’re looking for Experience leading cyber transformation or strategy engagements, ideally in consulting Strong knowledge of frameworks like NIST CSF, ISO27001, NCSC CAF or NIS2 Able to translate technical cyber risk into business-relevant recommendations Excellent communication and stakeholder management skills (CISO/Board level) Ideally holds certifications like More ❯

skills to inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an engineer — but More ❯

Job Title: Security Governance Lead – NIST & Archer Expertise Location: London About the Role: Albany Beck is seeking a highly skilled Security Governance Lead to support a key financial services client in advancing its information security governance capabilities. This role requires deep expertise in NIST frameworks and Archer GRC, as well as strong leadership in centralising security policy management, controls, and … and stakeholder engagement. Required Experience and Skills: Proven experience in a security governance or risk management leadership role within the financial services or consulting industry. Strong working knowledge of NIST frameworks (e.g., NIST CSF, NIST 800-53). Hands-on experience with RSA Archer GRC platform, particularly in managing controls, risks, and compliance reporting. Excellent understanding of regulatory compliance requirements More ❯

design and delivery of cyber strategies for large-scale organisations. Develop actionable cyber transformation roadmaps aligned to business needs. Advise on regulatory compliance and governance frameworks (e.g. ISO27001, GDPR, NIST). Engage confidently with stakeholders across technical teams, risk functions, and board level. Oversee cyber risk assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in … cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills, able to present complex topics to senior stakeholders. Previous experience in a client-facing More ❯

threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies … experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior (I More ❯

risk management framework that aligns with the organizations strategic goals and objectives. This will be aligned to COBIT but also take into account other frameworks in use such as NIST and ITIL. Stakeholder Engagement: Engage with external stakeholders, including the Head of Risk Assurance, the Risk Assurance team and our internal audit partners, to ensure effective communication and compliance with … services or high regulation sector (for example Pharma). Demonstrable working knowledge of common IT processes and department functions. Working knowledge of a recognised Risk Management Framework, such as NIST, or as part of a more general framework such as COBIT (preferred) Excellent communication and influencing skills, with the ability to engage stakeholders at all levels. Experience in building risk More ❯

clear, meaningful reports for senior business and non-technical audiences. Create Board-level inputs and executive reporting packs with top-level narratives and insight-driven commentary. Ensure alignment with NIST frameworks and internal Cyber Risk Management principles. Identify, connect, and manage data sources, owners, systems, and submission cycles to ensure timely and accurate reporting. Conduct “check and challenge” analysis to … regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. Strong written and verbal communication More ❯