9 of 9 DemandTrendPermanent NIST Jobs in Reading

of working in large, complex technology programmes involving multiple concurrent projects with significant experience of delivering through offshore/nearshore strategic vendors. Knowledge of security frameworks & standards (ISO 27001, NIST, CIS, GDPR, SOC 2) Be experienced in 'hands on' technology software delivery from initiation to implementation. Have knowledge of programme and project management methodology and managing full lifecycle of programmes More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

iDP (identity providers) Email authentication (SPF, DKIM, DMARC) Networking and protocols such as DNS, LDAP, HTTP Experience with security standards and frameworks such as ISO, MITRE and/or NIST CISSP, CCSP or other industry certification is beneficial. In addition to the above, if you have a consultative approach to problem solving and/or have a desire to pivot More ❯

to day-to-day operations. Expereince : Essential Prior experience in cybersecurity, risk management, compliance, or governance. Strong understanding of regulatory requirements, security frameworks, and standards such as ISO 27001, NIST CSF, CIS, and SOC 2. Hands-on experience with ISO 27001 implementation and audit readiness. Experience supporting SOC 2 readiness and evidence collection. Proficient with risk assessment methodologies and control More ❯

the testing process. Collaborate with control owners and stakeholders to gather evidence, clarify control objectives, and support the smooth execution of testing activities. Stay informed on relevant frameworks (e.g., NIST CSF, CIS Controls) and industry best practices to support the evolution of the control testing programme. Base location: Hybrid - Clearwater Court, Reading What you should bring to the role To More ❯

and know how to influence/negotiate technical outcomes with 3rd parties, including conflict resolution due to changing priorities. Experience of using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASP the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks. Actively More ❯

certification, and be compliant with DORA, NIS 2, GDPR, etc. Requirements: ISO 27001 Lead Implementer or Auditor certification Strong knowledge of frameworks like ISO 27001/27002, CAF, eCAF, NIST, GDPR Client and stakeholder management The client is looking for someone with direct experience with utility providers or experience working with providers via Third-Party suppliers. If you're interested More ❯

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯

system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage … certifications. Maintain up-to-date knowledge of legal & regulatory requirements impacting Technology and Operations and its Partners. Apply comprehensive knowledge of legal, regulatory obligations, and industry best practices (e.g., NIST, COBIT, ISO27001, PAS 555) to ensure compliance with technology standards. Schedule and review risk and compliance audits; direct issues to appropriate resources for investigation and resolution. Our people make us … as we continue to deliver for our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player who More ❯