7 of 7 Permanent NIST Jobs in the City of London

with regulatory expectations and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using More ❯

regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management, scenario-based testing, and oversight of third-party providers. More ❯

we're looking for: Deep experience working in Security Operations, including working with MDR providers and SOC environments Strong knowledge of relevant frameworks and standards including: PCI-DSS GDPR NIST CSF CIS Critical Security Controls Cyber Essentials Plus Hands-on experience across Cloud Security, Identity and Access Management, Zero Trust, Security Service Edge (SSE), and SASE Proven ability to bridge More ❯

architecture Proven hands-on experience with Microsoft Azure services and cloud-native development Azure Solution Architect Expert certification or equivalent (preferred) Strong understanding of security frameworks (e.g., ISO 27001, NIST) Expertise in tools and services such as: Azure Functions, API Gateway, CosmosDB, Azure SQL, Event Grid, Kubernetes, Azure Maps, Service Fabric, DevBox, Synapse, Logic Apps, PowerBI, Redis Cache, CDN, Azure More ❯

threats. What I'm Looking For: Proven experience completing internal and external cyber risk assessments. Experience conducting 3rd party and vendor risk assessments. Strong understanding of security frameworks (e.g., NIST, ISO 27001). Experience implementing, testing and validating security controls. Ability to assess risk against appetite and communicate findings in a business-solution focused way to technical and non-technical More ❯

closely with DevOps to embed security in CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor … SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption - Strong communication, documentation, and stakeholder engagement skills Benefits: - Join a growing business in a thriving and innovative sector - Join More ❯

risk management framework that aligns with the organizations strategic goals and objectives. This will be aligned to COBIT but also take into account other frameworks in use such as NIST and ITIL. Stakeholder Engagement: Engage with external stakeholders, including the Head of Risk Assurance, the Risk Assurance team and our internal audit partners, to ensure effective communication and compliance with … services or high regulation sector (for example Pharma). Demonstrable working knowledge of common IT processes and department functions. Working knowledge of a recognised Risk Management Framework, such as NIST, or as part of a more general framework such as COBIT (preferred) Excellent communication and influencing skills, with the ability to engage stakeholders at all levels. Experience in building risk More ❯