23 of 23 Permanent NIST Jobs in the Midlands

compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance gaps. Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls. Familiarity with the use of standard security technology solutions and processes such as user provisioning, directory, SIEM, vulnerability management, Cloud Security More ❯

in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I) Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I) Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I) Comprehensive understanding of information More ❯

with policy and standards teams to integrate compliance findings into documentation Qualifications Experience with compliance, audit coordination, or information security Familiarity with ISO 27001/2, SOC, ISAE, PCI, NIST, CIS or similar benchmarks Experience with cloud platforms such as AWS, Azure, or GCP Experience with IT and security operations, including Windows/Linux/Unix systems, authentication, firewalls, and More ❯

experience in technology risk, technology audit, within a financial institution, licensed money transmitter, or payments related e-commerce function. - A good understanding of IT risk and control frameworks: COBIT, NIST, ISO 27001, ITIL or equivalent. - Understanding of SDLC. PREFERRED QUALIFICATIONS - Certified Information Systems Auditor (CISA) or equivalent IT auditing and risk certification. - Certified Information Security Manager (CISM), Certified in Risk More ❯

prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/Standards (NIST, CIS, ISO27001) Scripting & Automation (PowerShell, Azure CLI, Azure Logic Apps) MITRE ATT&CK, Threat Modelling Knowledge of CVEs and security vulnerabilities SIEM Tools, Cyber Hunting Techniques Operational threat intelligence and More ❯

compliance technical assessments of all applicable standards, policies, regulation, and legislation compliance Creation of security standards and requirements documents for projects and activities to be based on ISO 27001, NIST 800-53 and ISO 22301. Review risks, propose mitigation actions and solutions, and assisting ongoing risk treatment activity. Assist the security testing process from scoping, planning and stakeholder management through More ❯

the ability to articulate and drive a clear vision for information security across the university. Demonstrable expertise in implementing and maintaining formal compliance or certification programmes, such as ISO27001, NIST, COBIT or Cyber Essentials. Experience in assessing, managing, and quantifying information security risks, including the development of metrics and tracking mechanisms. Experience working with senior stakeholders, earning trust and influencing More ❯

the ability to articulate and drive a clear vision for information security across the university. Demonstrable expertise in implementing and maintaining formal compliance or certification programmes, such as ISO27001, NIST, COBIT or Cyber Essentials. Experience in assessing, managing, and quantifying information security risks, including the development of metrics and tracking mechanisms. Experience working with senior stakeholders, earning trust and influencing More ❯

tools to provide applicable insights to partners and guide data-informed decision-making. Implement and enhance internal metrics, including supporting agreement of policies with global regulations, industry standards (e.g., NIST, ISO). Use data analytics to identify gaps, measure policy adoption, and inform continuous improvement programs. Champion the use of automation across the Information Security team to increase efficiency and More ❯

operating security risk/issue management-related processes and services Experience in Risk Management aligned with certification requirements (ISO27001, ISO31000, or similar) Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, etc.) Experience in service build-up is a plus Security Governance/Risk Management certification (CISSP, CGEIT, CISM, CRISC, etc.) is a plus Hitachi Energy is a More ❯

our security posture. Working on design and architecture. You will lead and support IT security projects, ensuring secure, timely, and effective project delivery. The client would like someone with NIST and Cyber Essentials. Strong knowledge of network security, endpoint protection, and threat detection/protection. Always staying one step ahead, investigating cybersecurity tools to ensure strong, up-to-date defences More ❯

security risk/issue management-related processes and services Experience in Risk Management aligned to certification requirements (ISO27001, ISO31000 or similar) required Knowledge of relevant security/governance frameworks (NIST CSF, ISO27001, CobiT, ) required Experience in service build up a plus Security Governance/Risk Management certification (CISSP, CGEIT, CISM, CRISC ) is a plus Accommodations Qualified individuals with a disability More ❯

Drive innovation and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC 2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯

risks and technologies What you bring: Significant experience in security operations across both cloud and on-premise environments In-depth understanding of security monitoring solutions, frameworks, and standards (e.g., NIST, ISO 27001, CIS) Proficiency with automation and scripting to streamline security processes Background in Infrastructure as Code (ideally Terraform), audit/compliance activities, and securing CI/CD pipelines Strong More ❯

AZ-104) or working towards it Excellent troubleshooting, documentation, and communication skills Bonus Points for: Automation & scripting (PowerShell, BASH) Experience with Patch My PC Implementing security baselines (Microsoft, CIS, NIST) Microsoft 365 Certified: Administrator Expert (MS-102) What can we offer you? Through our one of a kind training programme, the Littlefish Academy, you can increase your earnings by More ❯

teams to manage and evidence ITGC (IT General Controls) in Technology systems, processes, and projects. Undertake and evidence testing of Technology, Change and Cyber controls aligned with frameworks including NIST, SOX, and PCI DSS. Maintain an up-to-date record of Technology, Change and Cyber controls, including process flow diagrams, risk matrices, and control narratives to demonstrate adherence to regulatory More ❯

Familiarity with building networks across different technologies (Satelitte, Mobile, Fixed Line etc) - A strong emphasis on security with solutions that align to regulations/standards such as NCSC, NIS, NIST, ISO27001 etc - A background in OT from a Utilities, Telecoms, Engineering, Manufacturing, Automotive or heavily regulated industry More ❯

OT and Cloud platforms. We’re looking for someone with solid experience in assurance, compliance, or audit, with strong knowledge of UK data protection including GDPR. Familiarity with frameworks NIST or Cyber Essentials is essential, along with a sharp eye for detail and the confidence to influence change across teams. This is a brilliant opportunity to join a business that More ❯

cyber security controls, designing solutions that enable defence in depth and services with security controls embedded. Significant experience of implementing enterprise security tooling and platforms in line with the NIST cyber security framework or equivalent, and CIS security controls. Influential and able to lead investigative work into problems and opportunities in existing processes, driving the collection of information and creation More ❯

cyber security controls, designing solutions that enable defence in depth and services with security controls embedded. Significant experience of implementing enterprise security tooling and platforms in line with the NIST cyber security framework or equivalent, and CIS security controls. Influential and able to lead investigative work into problems and opportunities in existing processes, driving the collection of information and creation More ❯

information security compliance program.You will be responsible for ensuring that all corporate and subsidiary operations comply with internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, amongst others.Key Responsibilities: Support the execution and enhancement of the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure … alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and documentation. Monitor changes in global regulations and assess their impact on business operations. Minimum of … Required: Proven experience in information security compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical and problem More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

reporting, and stakeholder engagement. Develop and map out the IT audit universe and associated risks. Contribute to shaping the in-house IT audit strategy and plan. Support the annual NIST Cyber Security Framework audit. Be involved in investigations and whistleblowing matters relating to IT. This is not a “tick-box” role – it’s a chance to make a real impact … to explain technical findings in a clear, practical way. You’ll bring: A strong grounding in IT audit, including knowledge of IT General Controls and ideally exposure to the NIST Cyber Security Framework. Either a completed CISA qualification or a commitment to completing it (with funding support available). Experience from practice (e.g. risk advisory or IT audit) or from More ❯