1 to 25 of 60 Permanent NIST Jobs in London

processes Ability to work independently while contributing effectively as part of a team Desirable: Experience working in or alongside a SOC environment Knowledge of NIST, NIS-R and PCI DSS Experience with WAF, IDS/IPS, firewalls and network security tools Exposure to automation or scripting Experience with cybersecurity training ...

of the security domain. Techniques & Tools - Architectural Frameworks: Expert knowledge of SABSA (essential for risk mapping) and TOGAF (desirable). Cyber Standards: Mastery of NIST CSF, ISO 27001, CISM and Cyber Essentials Plus, with the ability to apply them practically in a cloud -native environment. Threat Modelling: Proficiency in applied ...

proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF ...

protect network integrity. Enforce robust security policies to maintain system security standards. Compliance and Audit Support Ensure adherence to compliance standards including ISO27001, NIST, and GDPR through regular audits and risk assessments. Support audit processes by providing necessary documentation and evidence of compliance. Security Awareness and Training Conduct regular training ...

evaluate control effectiveness. Design pragmatic, business‐aligned security improvements, architectures, and operating models. Advise clients on regulatory and standards compliance (e.g., GDPR, ISO 27001, NIST, PCI DSS). Produce clear, concise, executive‐ready reports, presentations, and recommendations. Build and maintain trusted client relationships, managing day‐to‐day workplans and ...

threat intelligence platforms. Expertise in metrics-driven monitoring: defining, tracking, and reporting MTTD, MTTR, false positive rates, and coverage completeness. Familiarity with frameworks like NIST CSF, MITRE ATT&CK, and ISO 27001, with experience applying these to monitoring. Experience in threat hunting, anomaly detection, and behavioral analytics. Strong leadership skills ...

party security controls into vendor governance processes, working closely with Procurement, Legal, Technology, and Risk. Monitor compliance with industry frameworks such as CIS Controls, NIST, GDPR, and sector-specific guidance. Support contract reviews and provide expert input on security clauses, ensuring risk-based decisions are supported by strong security requirements. ...

management, cyber risk, security target operating model, governance, compliance, cyber security maturity assessment, metrics and C-level dashboards) and leading industry-based practices (e.g. NIST CSF, ISO 2700x) Managing the coordination and communication of key findings and results of engagements, producing written reports and supporting oral presentations to senior client ...

technical knowledge with approximately 8 years of experience within the industry. Working experience with common security/technology risk frameworks, for instance, ISO 27000, NIST, CIS Critical Security Controls, COBIT, and IIA GTAGs. Working experience with regulatory standards/requirements (US, UK) ie, GDPR, BCBS 239, FFIEC 101, 3402, CHAP. ...

translate complex strategic topics into structured deliverables. - Deep knowledge of Information security and AI regulations and standards, such as ISO 27001, ISO 42001, NIST AI RMF, EU AI Act - Certifications such as CISSP, CCSP, CISM, CEH, CISA, CCSK, or AI-related certificates are beneficial. - Excellent communication skills with ability ...

technical knowledge with approximately 8+ years of experience within the industry. Working experience with common security/technology risk frameworks, for instance, ISO 27000, NIST, CIS Critical Security Controls, Cloud Controls Matrix, COBIT, and IIA GTAGs. Working experience with regulatory standards/requirements (US, UK) ie, GDPR, BCBS 239, FFIEC ...

Identity, or Microsoft Sentinel. Background in retiring legacy infrastructure like RADIUS or on-prem file shares. Knowledge of Zero Trust architecture and CIS/NIST compliance baselines. Qualifications & Attributes Experience: 5–10 years within IAM, Windows Infrastructure, or Hybrid Cloud Operations. Education: Bachelor’s degree in Computer Science, Cyber Security ...

business stakeholders. Preferred Certifications CISM, CISSP, CISA, CRISC or similar industry-recognised qualifications. Technical Skills Understanding of IT security management systems and frameworks (NIST, ISO 27001). Experience implementing or operating GRC workflows and SAP Process Controls (CCM). Strong knowledge of enterprise applications, particularly ERP and financial systems. ...

cloud and information security roles Strong stakeholder engagement skills Proven ability to influence, lead, and operate effectively in fast-moving environments Working knowledge of NIST CSF, Cyber Assurance Framework (CAF), NSCS Cloud Principles Working knowledge with AWS, Microsoft Azure, Entra ID and M365 ...

Microsoft Visio. Participate in on-call rotations and uphold service level agreements. Strengthen our security posture in line with regulatory standards (PCIDSS, PII, CIS, NIST). Collaborate and Coach: Lead cross-functional projects and communicate effectively with technical and non-technical teams. Mentor junior engineers and foster knowledge-sharing. Build ...

Experience within a consulting firm or large technology environment Deep expertise across multiple cyber security domains Strong understanding of frameworks such as ISO 27001, NIST, CAF, CIS, Cyber Essentials+, SOC 2 At least one major certification (CISSP, CISM, CISA, ISO Lead Auditor/Implementer) Exceptional stakeholder engagement skills and executive ...

robust cloud frameworks and major cloud providers including Azure, AWS, and Google Cloud. Demonstrates proficiency in industry security standards like ISO/IEC 27001, NIST 800-53, and OWASP principles. Expert in executing cloud security solutions, particularly for identity management, networking, and encryption. Possesses solid knowledge of system logging, monitoring ...

Strong background in security risk management within tech or regulated environments Cloud security risk assessment experience (AWS experience a must) Familiarity with ISO 27001, NIST, SOC 2, PCI-DSS Comfortable engaging technical and non-technical stakeholders GRC tooling experience, consulting background, CISM/CRISC/CISSP This is an URGENT ...

Intelligence: Knowledge of modern adversarial ML techniques and supply-chain risks. Cloud & Frameworks: Familiarity with AWS/Azure/GCP security and industry standards (NIST AI RMF, ISO 27001, OWASP Top 10 for LLMs, MITRE ATLAS). Consulting Skills: Ability to translate complex technical risks into actionable guidance for senior ...

governance forums. Key Skills & Experience Deep knowledge of cybersecurity risk management and strong grounding across governance domains. Experience implementing or leveraging frameworks such as NIST CSF, ISO 27001, or similar. Strong understanding of attacker tactics, techniques, and procedures (TTPs) and how they translate into business risk. Ability to break down ...

security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical and business information to assess ...

experience in operational and risk management. Our flagship solution, Policy Monitor previously known as CSPM, is a policy management system that incorporates GDPR, US NIST and UK CE cyber security standards to guide organisations through complex industry-certified accreditation assessments. We evolve safety procedures and protocols, providing security policy management ...

function of the role is toassistus in being compliant based on recommended security practices, including frameworks such as ISO 27001, NCSC Cyber Essentials Plus, NIST, and wider industry standards. This role focuses on the testing and review of controls, both those already in place and those currently being delivered across ...

Hybrid Architecture & Governance: Design and implement security controls across Azure, on-prem servers, and SaaS applications while maintaining hardening standards based on CIS and NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response … tools, and vulnerability management platforms. Security Principles: Practical understanding of Zero Trust architecture and secure-by-design methodologies. Compliance Knowledge: Familiarity with PCI DSS, NIST, and ISO 27001 frameworks. Desirable Skills: Awareness of AWS security fundamentals (Guard Duty, KMS, IAM Identity Center). Experience with Infrastructure as Code (IaC) security ...

Hybrid Architecture & Governance: Design and implement security controls across Azure, on-prem servers, and SaaS applications while maintaining hardening standards based on CIS and NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response … tools, and vulnerability management platforms. Security Principles: Practical understanding of Zero Trust architecture and secure-by-design methodologies. Compliance Knowledge: Familiarity with PCI DSS, NIST, and ISO 27001 frameworks. Desirable Skills: Awareness of AWS security fundamentals (Guard Duty, KMS, IAM Identity Center). Experience with Infrastructure as Code (IaC) security ...