1 to 25 of 273 Permanent NIST Jobs in England

with SIEM, SOAR, EDR, UTM, and honeypots. Cloud Security: Understanding of cloud platform security measures (AWS, Azure, etc.) Security Frameworks: Advanced knowledge of frameworks such as MITRE ATT&CK, NIST, etc. Consulting Skills: Risk Management: Ability to assess, prioritize, and manage security risks aligned with client needs Strategic Planning: Capable of developing and executing end-to-end security strategies Communication More ❯

experience in information security within financial services Deep understanding of regulatory and compliance requirements for banking and finance Strong track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels More ❯

experience in information security within financial services Deep understanding of regulatory and compliance requirements for banking and finance Strong track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills Outstanding communication skills with the More ❯

in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I) Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I) Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I) Comprehensive understanding of information More ❯

services. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Implement automated compliance controls and continuous More ❯

concepts that clearly communicate value and differentiation. Solution Architecture Design comprehensive security architectures across network, endpoint, identity, cloud, and data protection domains. Ensure alignment with industry frameworks such as NIST, ISO, and CIS, and compliance with regulatory standards (PCI-DSS, HIPAA, etc.). Produce proposals, Bills of Materials (BOMs), high-level designs, and Statements of Work (SOWs). Vendor & Partner More ❯

workflows. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls More ❯

Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security More ❯

Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security More ❯

technical solution design, e.g. Zero Trust, least privilege RBAC, Security by Design, PAM, Segregation of Duties Data Protection and DLP Experience Experience with the following would also be beneficial: NIST, SOC2 and additional compliance and regulatory frameworks Project Management and technical delivery Experience of, or a keen interest in, the business of sport Benefits We offer a benefits package to More ❯

complex cybersecurity challenges while exhibiting solid, pragmatic business acumen. Experience utilizing Agile methodologies. Initiating change and deploying solutions in Fortune 1000 companies. Knowledge of cybersecurity frameworks (e.g., ISO 27000, NIST, FFIEC) and industry relevant regulations that will guide architectural requirements (e.g., GDPR, FFIEC, GLBA). Preferred Qualifications Experience in the development and design of cybersecurity standard methodologies to all layers More ❯

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out More ❯

query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks Understanding of network traffic flows and vulnerability management Exposure to ethical hacking and penetration testing Knowledge of ITIL disciplines (Incident, Problem, Change Management) Experience with ServiceNow Security More ❯

Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out More ❯

experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview in real-world environments. Strong understanding of cloud security architecture, SIEM/SOAR, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and data protection. Familiarity with Azure, Microsoft 365, and hybrid cloud environments. Understanding of security operations, incident response, and threat intelligence. CORE COMPETENCIES & SKILLS Proven experience with Microsoft Sentinel More ❯

OSI model, with the ability to apply layered security controls across infrastructure and cloud environments. Demonstrated ability to assess control effectiveness and identify compliance gaps against frameworks such as NIST, ISO 27001, CIS Benchmarks, and PCI DSS. Experienced in conducting security assessments and aligning solutions with ITSM, ITIL, and service improvement standards. Proven track record in supporting security incidents, implementing More ❯

automated solutions for vulnerability scanning, threat detection, and incident response, with a focus on continuous process improvement. Risk Management & Threat Intelligence Strong familiarity with security frameworks and standards (e.g. NIST, ISO 27001), and deep understanding of security concepts including vulnerability management, threat intelligence, incident response, and offensive security techniques. Experience in gathering and analysing threat intelligence to understand emerging threats More ❯

Qualifications & Experience Strong background in cyber security, with extensive experience in managing security operations, policies, and risk management. Demonstrable knowledge of security standards, frameworks and compliance (e.g. ISO 27001, NIST, Cyber Essentials Plus). Proven experience in developing and delivering cyber security strategies within complex organisations. Hands-on expertise across infrastructure, applications, and cloud environments. Track record of leading incident More ❯

Information Assurance Risk Assessment and Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native threats. More ❯

in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I) Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I) Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I) Comprehensive understanding of information More ❯

and adversarial assessments. Skills & Experience Extensive experience in cybersecurity, including AI/ML security architecture. Strong knowledge of AI/ML models, algorithms, and adversarial mitigation. Familiarity with frameworks: NIST, ISO 27001, TOGAF, SABSA. Certifications: CISSP or CISM. Experience with cloud security (Azure, AWS, or GCP). Excellent communication and stakeholder management skills. Eligible for UK Security Clearance (SC). More ❯

to undergo DV clearance/UK Citizen/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC More ❯

and experience: Strong expertise in defining, delivering, and supporting robust, resilient, and secure enterprise infrastructure. Experience with IT audits and compliance frameworks such as CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001. An understanding of network security and compliance in regulated environments. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer More ❯

hands-on security engineering and resilience experience: Hands-on experience in disaster recovery, failover testing, and IT operational resilience. Solid knowledge of business continuity and security frameworks (ISO27001, ISO22301, NIST etc). Proficiency with infrastructure tooling and at least one scripting language (PowerShell or Python preferred). Experience with Nutanix, VMware, Commvault, and hybrid cloud platforms Azure (preferred), AWS or More ❯