14 of 14 Permanent NIST Jobs in Newport

implement best practices for compliance, data privacy, and protection, while integrating tools and frameworks to assess APIs against OWASP and other relevant security standards (NIST, ISO-27001, PCI-DSS, HIPAA, FedRAMP) Automate security and compliance controls into the platform for continuous monitoring and reporting. Execute MySQL queries to ensure data More ❯

critical assets, and drive security strategy. Provide clear, actionable insights that align security with business goals. Key Skills Required: Strong knowledge of cybersecurity frameworks (NIST, ISO 27001) and risk management methodologies. Technical proficiency in areas like cloud security, network security, and threat analysis. Ability to conduct and interpret vulnerability assessments More ❯

Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security More ❯

security assessments, audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks More ❯

emerging threats, vulnerabilities, and ensuring swift action 📄 Supporting alignment with future certification frameworks such as GovAssure, NCSC CAF, ISO27001 Requirements: 🧠 In-depth knowledge of NIST, ISO27001, ISO27701, NCSC, and Cabinet Office security best practices ✅ Proven track record across full security lifecycle: risk management, governance, incidents, pen testing 🏛️ Experience working in More ❯

in technology and operations, preferably within the financial services or banking industry. Good understanding of security protocols and compliance standards (e.g., PCI-DSS, CIS, NIST). Experience in a Data Centre Operations or other similar critical operations role. Strong and demonstrable process management and development experience in a live operational More ❯

as Microsoft Sentinel, CrowdStrike, Defender, or equivalent Strong technical writing skills for producing post-incident reports Understanding of security frameworks like MITRE ATT&CK, NIST, or similar Eligibility for UK Security Clearance Benefits: Remote role Monday to Friday schedule High-impact position with autonomy and visibility Salary More ❯

for this role, you should have Proven experience in a senior Information Security leadership role. Strong knowledge of security frameworks such as ISO 27001, NIST, GDPR, and other compliance standards. Expertise in risk management, governance, and security architecture. Hands-on experience in designing and implementing security policies and strategies. Strong More ❯

life cycle of a system Provision of authoritative specialist security advice in Risk and threat-based mitigation to system designs Control frameworks such as NIST, ISO, CIS Protective monitoring, Authentication and authorization best practices. Develop excellent working relationships with key stakeholders, peers and subordinates. Communicating effectively verbally and in writing More ❯

ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue … development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain … coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is More ❯

re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP …/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches More ❯

compliance against our information security framework. The ideal candidate will have experience evaluating IT Infrastructure Security technologies, IT general computer controls, industry frameworks (e.g. NIST) and will bring strong information technology audit or security consulting experience to the programme. Location United Kingdom/Europe Main responsibilities The Senior Associate will … Prior experience within a security compliance assurance or auditing position. Understanding of relevant regulatory requirements and assurance processes, including various auditing standards such as NIST and ISO27001 Analytical skills to collect, analyse and interpret information and/or data into useful insight Excellent communication skills, both verbal and written, with More ❯

influence. What You'll Be Working On: You’ll support key client projects across a diverse and exciting portfolio, including: Framework Compliance : ISO 27001, NIST, PCI-DSS Security Assurance : Audit, controls assessment, reporting Third-Party Risk Assurance : Vendor risk reviews, supply chain assessments Cloud Security Advisory : Azure, AWS, Office … finish. You’ll Need: Proven experience in a security consulting role (client-facing or internal consulting) Strong understanding of Information Security frameworks (ISO 27001, NIST, PCI-DSS) Hands-on experience delivering security assessments, audits, or assurance reviews Awareness or experience with cloud platforms (Azure, AWS, Office 365) Ability to engage More ❯

Security Engineer – Bristol (Hybrid) Security Clearance: SC (Eligible) DefStan | NIST | Threat Modelling Are you passionate about securing the future of critical technology? Do you have deep working knowledge of NIST standards and Defence Standards like DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 ? We’re hiring a … at every layer. Applying your hands-on knowledge of DefStan 05-138 and 05-139 to ensure products meet UK defence requirements. Leveraging the NIST 800 series (an absolute must) to establish best-in-class security frameworks. Performing code reviews , penetration testing, and guiding remediation efforts. Producing clear, robust documentation … such as RMADS and Security Assurance artefacts. What You Bring: Proven experience with NIST 800-30, 800-37, 800-53 and related frameworks. (Essential) Practical, working knowledge of Defence Standards , especially DefStan 05-138 and DefStan 05-139 . Familiarity with threat modelling tools and methodologies. Solid understanding of ISO More ❯