12 of 12 Permanent NIST Jobs in Hampshire

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

and experience: Strong expertise in defining, delivering, and supporting robust, resilient, and secure enterprise infrastructure. Experience with IT audits and compliance frameworks such as CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001. An understanding of network security and compliance in regulated environments. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer More ❯

or critical national systems). Proven experience in shaping technical strategy and leading architecture teams. Deep understanding of secure cloud design, zero trust models, and compliance frameworks such as NIST, DISA STIGs, and NCSC best practice. Expertise in Infrastructure as Code, containerisation (Kubernetes, OpenShift), and automation for secure cloud deployments. Strong knowledge of networking, encryption, IAM, and DevSecOps principles. Excellent More ❯

and compliance Ability to manage workload and meet deadlines Desirable Skills UK Cyber Security Council registration Knowledge of HMG or MoD security policy Secure by Design experience Experience with NIST, CAF, GovAssure or ISO 27001 audits Understanding of supplier assurance Experience reviewing penetration test and vulnerability outputs Additional Requirements SC or DV clearance preferred or willingness to be vetted Right More ❯

and AWS. Conduct posture assessments, gap analyses, and configuration reviews. Design secure architectures aligned with NCSC, CIS, and ISO 27001. Advise on governance, compliance (ISO 27001, Cyber Essentials Plus, NIST). Collaborate with SOC and engineering teams to strengthen detection and identity controls. You’ll need: 4+ years’ experience in security consulting, architecture, or engineering. Strong technical knowledge of Azure More ❯

including context, identifying existing or emerging threat to assets and using that to inform security decisions. Strong understanding of a range of security standards/regulations (e.g. ISO 27001, NIST 800, GovS007, UK GDPR etc) across all areas of information security, and how these can be applied to deliver effective/appropriate/proportionate controls across all areas to minimize More ❯

such as Fortinet, Palo Alto, Juniper, Check Point, or Netskope, and familiarity with SIEM, SOAR, and managed security services. Strong understanding of enterprise security architecture frameworks (e.g. SABSA, TOGAF, NIST, ISO 27001). A confident, engaging personality with the ability to build rapport and credibility with customers at all levels. Excellent communication and presentation skills with the ability to simplify More ❯

Security domains, including TVM, SIEM, EDR, Incident Response, DLP, EASM, Cloud Security, Application Security, WAF, and User Access Management, along with a strong understanding of industry frameworks such as NIST and CIS . This role is primarily remote; however, regular attendance at our Farnborough office is required (typically once per week, usually Thursdays) for in-person collaboration. Responsibilities: Lead the More ❯

function within MOD or Public Sector as part of a managed service. Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework. Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk appetite. Produce informative More ❯

guidelines for cloud deployments, ensuring security, compliance, performance, and maintainability. Lead the design and architecture of complex cloud solutions, considering factors such as security controls, compliance requirements (e.g., FedRAMP, NIST, ITAR), data sovereignty, and resilience in highly sensitive environments. Oversee the creation of detailed architectural diagrams, documentation, and specifications for cloud infrastructure and applications. Provide architectural guidance and oversight throughout … Cloud platforms (e.g., AWS GovCloud, Azure Government, Google Cloud Platform Assured Workloads, private clouds). Security frameworks and compliance standards relevant to defenceand national security (e.g., NCSC best practices, NIST 800-53, DISA STIGs, SOC 2, ISO 27001). Secure cloud architecture patterns (e.zero trust, micro-segmentation, data loss prevention, encryption at rest and in transit). Infrastructure-as-Code … the ability to articulate complex technical solutions to clients and secure new business. Deep understanding of security frameworks and compliance standards relevant to defenceand national security (e.g., NCSC patterns, NIST 800-53, DISA STIGs). Technical Skills Expert-level knowledge of major cloud platforms (e.g.AWS, Azure, GCP) and their services, particularly in their government or secure offerings (e.g. AWS GovCloud More ❯

risks and the ability to oversee the implementation of appropriate controls, assurance mechanisms, and reporting frameworks. Cyber Governance & Advisory - Expertise in leading the adoption of industry cyber frameworks (e.g., NIST, ISO) and providing high-level advisory to boards, executives, and stakeholders on emerging threats and compliance posture. Incident Oversight & Resilience - Executive capability to govern cyber incident response strategies, ensuring the … and regulatory alignment. Knowledge & Experience Deep understanding of enterprise risk management (ERM), governance, and control frameworks In-depth knowledge of security, information assurance, and compliance frameworks (e.g., ISO 27001, NIST CSF, COBIT). Familiarity with legal and regulatory requirements across cyber and operational domains (e.g., GDPR, NIS2, TSA, CSR). Awareness of internal audit methodology, assurance planning, and reporting mechanisms. More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯