Bristol, Gloucestershire, United Kingdom Hybrid / WFH Options
Deloitte LLP
risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standardsand risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated More ❯
Experience working with or recommending security tools and technologies Ability to build strong working relationships and influence non-security stakeholders Working knowledge of cybersecurity standardsand frameworks (e.g. OWASP, NIST, CIS) Analytical mindset with strong problem-solving skills Excellent written and verbal communication skills Qualifications: 3+ years of experience in information security, with a focus on application and/or More ❯
an asset. Licensure/Certifications: Industry certification (i.e. AWS CSA, ISC2 ISSAP, SABSA SCF or similar) Knowledge, Skills, Demonstrated Capabilities & Competencies: Familiarity with various security certifications such as ISO2700, NIST, etc., sufficient to provide immediate leadership and guidance to individuals, teams and departments in meeting the organization's security requirements Excellent management, analytical and problem-resolution skills Working knowledge ofMore ❯
of Secure by Design principles Experience in system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001/2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and/or system development environments Effective communication and report-writing skills Ability More ❯
Bristol, Gloucestershire, United Kingdom Hybrid / WFH Options
Babcock Mission Critical Services España SA
Asset Owner forms, Supplier Assurance Questionnaires. Experienced in relevant Security Policy and Cyber Security Frameworks including the GovS 007, MOD Secure by Design (SbD), ISO27001 - Information Security Management Systems, NIST, NCSC IA Guidance Qualifications for the Cyber Security Lead Educated to degree level or holds a relevant professional qualification or equivalent experience. Security Clearance The successful candidate must be able More ❯
Cheltenham, Gloucestershire, United Kingdom Hybrid / WFH Options
Bishop Fleming
internal audits to ensure alignment with policies and best practices Supporting readiness for external audits and accreditations (e.g. Cyber Essentials Plus) Assisting with self-assessments against frameworks such as NISTand CIS Policy andStandards Development Recommending improvements to internal security policies, procedures, and controls Performing retrospective compliance checks and proposing enhancements Threat Intelligence and Research Staying informed on the More ❯
. Security Frameworks & Secure by Design Strong understanding of Secure by Design principles and ability to bake security in from concept through production. Practical experience implementing the NCSC or NIST Cybersecurity Framework (CSF) and/or NIST SP 800-53 controls. Demonstrable understanding of ISO/IEC 27001 requirements and hands-on experience mapping technical controls to ISO clauses, supporting More ❯
Bristol, Gloucestershire, United Kingdom Hybrid / WFH Options
QinetiQ Limited
of action The ability to understand how architects and designers employ technology to build systems of interest Digitally literate (including fluency in Microsoft Office tools) Able to understand relevant NIST frameworks and ISO27001 standardsand how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯
Cheltenham, England, United Kingdom Hybrid / WFH Options
FR Secure
and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and non-technical audiences. Security Clearance eDV clearance is More ❯
gloucester, south west england, united kingdom Hybrid / WFH Options
FR Secure
and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and non-technical audiences. Security Clearance eDV clearance is More ❯
Bristol, Gloucestershire, United Kingdom Hybrid / WFH Options
Deloitte LLP
statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks andstandards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint More ❯
Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach More ❯
Bristol, Gloucestershire, United Kingdom Hybrid / WFH Options
QinetiQ Limited
include: Creating business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government … of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a given … of the Cyber Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standardsand how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯