8 of 8 Permanent NIST Jobs in the East Midlands

of threat vectors, security controls and modern IT architectures. Risk Framework Knowledge: Practical experience using recognised information security and risk management methodologies such as NIST, COBIT and ISO27001. Broader Risk Awareness: Understanding of wider risk management systems and methodologies beyond cyber and technology. Insightful Reporting: Ability to design and produce ...

Incident Management: Manage and track security incidents and breaches, ensuring appropriate mitigation and response strategies.About you: Information Security Frameworks: Familiarity with frameworks such as NIST, ISO 27001, SOC 2, and GDPR. Financial Sector Requirements: Knowledge of specific information security needs for financial institutions and building societies. Security Controls and Risk ...

standards, and procedures Partner with IT colleagues and business units to ensure secure configurations Support audits, risk assessments, and compliance initiatives (ISO 27001, GDPR, NIST) Act as a key escalation point for security investigations Maximise the effectiveness of Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across ...

bring Were looking for someone with: Experience of working within a cyber security function. Awareness of cyber security frameworks and best practices such as NIST, CAF and OWASP. Experience providing deep technical insight to IT projects and improving cyber security posture. Experience of analysing and reviewing security requirements and recommending ...

guide and mentor others when needed. A strong understanding of security standards, such as PCI DSS, ISO 27001, Cyber Essentials, NIS CAF and NIST, along with solid knowledge of problem management and third-party risk will help you navigate the role with confidence. This role closes on 27th February ...

external regulations. Assist in the development of the IT annual audit plans and strategy, acting as a key stakeholder in its formulation Work on NIST & cybersecurity reviews for the organisation, with lots of stakeholder management exposure Evaluate the effectiveness of IT controls and recommend improvements. Collaborate with the technology department ...

within regulatory deadlines. Regulatory Compliance Oversight: Ensure adherence to UK GDPR, DPA 2018, PECR and relevant global frameworks such as CCPA, HIPAA, ISO 27001, NIST, PCI‐DSS and SOX. Audits & Assessments: Conduct data protection and information governance audits, gap analyses, and assessments to identify risks and improvement opportunities. Third‐Party … protection requirements and industry best practices. Technical & GRC Skills: Background in information security, GRC, risk management and working with frameworks such as ISO 27001, NIST, CIS and COBIT. Communication Skills: Ability to explain complex technical concepts clearly to non‐technical stakeholders. Stakeholder Influence: Proven experience influencing and engaging stakeholders ...

internal audits across the enterprise Conduct risk-based IT audits in line with the annual IT audit plan, including assurance reviews against frameworks like NIST Cybersecurity Evaluate IT controls , including IT General Controls (ITGCs) and Application Controls Identify IT risks and recommend improvements to strengthen control environments Provide technology assurance … player with independence Desirable: 2+ years of system auditing experience Exposure to FTSE 100/350 or multinational organisations Knowledge of IT security, infrastructure, NIST, and COBIT frameworks Experience providing IT assurance on major change programmes Degree-level education and professional IT audit qualifications (CISA, CISM, CISSP) Why This Role ...