21 of 21 Permanent NIST Jobs in Scotland

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks (e.g., NIST, ISO 27001) and compliance requirements Knowledge of container security tools (e.g., Aqua, Twistlock, Trivy) and vulnerability scanners Excellent analytical and communication skills Preferred Qualifications Certifications such as CISSP, CISM, CKS More ❯

pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks (e.g., NIST, ISO 27001) and compliance requirements Knowledge of container security tools (e.g., Aqua, Twistlock, Trivy) and vulnerability scanners Excellent analytical and communication skills Preferred Qualifications: Certifications such as CISSP, CISM, CKS More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated More ❯

or Check Point. Experience with VPNs, IDS/IPS, and network protocols (TCP/IP, DNS, HTTP/S, etc.). Familiarity with security standards such as ISO 27001, NIST, or PCI-DSS is a plus. Relevant certifications such as CISSP, CCNP Security, Palo Alto PCNSE, or Fortinet NSE preferred. Excellent problem-solving skills and attention to detail. Strong communication More ❯

partners to enhance incident response and cyber resilience. Candidate Requirements Experience in a cyber security risk management role. Strong understanding of cyber security frameworks and standards (ISO 27001, SOC2, NIST, GDPR). Excellent analytical, communication, and stakeholder engagement skills. Proficient in risk assessment tools and methodologies. Professional certifications such as CRISC, CISM, or CISSP are desirable. Bright Purple is an More ❯

or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. Why Apply? This is a fantastic opportunity More ❯

or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. Why Apply? This is a fantastic opportunity More ❯

or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. Why Apply? This is a fantastic opportunity More ❯

clearance, or is willing to undergo the security vetting process; Strong academics, including a minimum of 2.1 degree or equivalent experience Familiarity with information security frameworks such as ISO27001, NIST etc; Willingness to operate as part of an 'on-call roster', travelling to assist our UK and EMEA clients when required in an incident management capacity; Connect to your business More ❯

secrets to prevent outages or vulnerabilities. Manage access controls and audit trails for all cryptographic assets. Security & Compliance Ensure KCS operations comply with internal policies and external standards (e.g., NIST, ISO 27001, PCI-DSS). Support internal and external audits by maintaining accurate documentation and logs. Implement and enforce policies for secure key generation, storage, and destruction. Incident Response & Troubleshooting More ❯

maternal and paternity pay, and more. Requirements: Microsoft 365 , Azure certification or equivalent Experience with cloud networking technologies Familiarity with security compliance and standards such as GDPR, ISO 27001, NIST, etc. IT Degree advantageous. A minimum of 5 years experience at least 3 of which must be at 3rd Line Support Engineer/Infrastructure & Network level. At least 2 years More ❯

controls across Microsoft Technologies, such as Entra ID, PIM, Purview, Sentinel, Microsoft Defender for Identity is beneficial Being comfortable with disciplines of Security Policy and Governance and understanding of NIST Cyber Security Framework is beneficialWe are proud to be a Disability Confident Committed employer. If you have a disability and would like to apply to one of our UK roles More ❯

as well as a deep understanding of cyber security regulations as they apply to different sectors Analysis and management of risks and cybersecurity controls. Standards and methodologies: ISO 27000, NIST, SANS CSC, etc. Understanding of Infrastructure, Networking and Cloud environments Knowledge in Identity and Access Management technologies Knowledge in Backup and Recovery technologies At Sword, our core values and culture More ❯

Control Self-Assessment (RCSA) controls. Ensure industry best practices and methodologies are adopted where appropriate in proposed solutions. About the Candidate Exposure to industry frameworks/benchmarks such as NIST and CIS. Experience leading technical delivery and mentoring others. Proactive strategic leadership, demonstrable skills in the design, communication and delivery of end user technologies. Ability to engage and communicate at More ❯

requests, regulatory requirement assessments and third-party security control capability requests. We need you to have 1. Expert knowledge of cyber security governance frameworks, policies, and procedures such as NIST, COBIT, CIS (Center for Internet Security) Controls 2. Understanding of cyber security risk management principles and practices. 3. Awareness of emerging cyber security trends, threats, and technologies. It’s a More ❯

requests, regulatory requirement assessments and third-party security control capability requests. We need you to have 1. Expert knowledge of cyber security governance frameworks, policies, and procedures such as NIST, COBIT, CIS (Center for Internet Security) Controls 2. Understanding of cyber security risk management principles and practices. 3. Awareness of emerging cyber security trends, threats, and technologies. It’s a More ❯

requests, regulatory requirement assessments and third-party security control capability requests. We need you to have 1. Expert knowledge of cyber security governance frameworks, policies, and procedures such as NIST, COBIT, CIS (Center for Internet Security) Controls 2. Understanding of cyber security risk management principles and practices. 3. Awareness of emerging cyber security trends, threats, and technologies. It’s a More ❯

or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation … and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes More ❯

or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation … and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes More ❯

in supporting sales and pre-sales activities across UK-based opportunities. If you're passionate about helping clients navigate complex risk landscapes and have a strong background in ISO, NIST, and NCSC frameworks, we'd love to hear from you. What You'll Do Lead and deliver GRC advisory engagements (SMA, CRA, SDaaS). Act as a trusted advisor to … maintain strong client relationships to drive long-term value. Collaborate with internal teams to evolve service offerings and delivery models. Stay current with regulatory and standards frameworks (ISO 27001, NIST CSF, NCSC). What We're Looking For Proven experience in GRC or cybersecurity consulting. Strong client-facing skills with the ability to communicate complex concepts clearly. Deep familiarity with … ISO 27001 , NIST , and NCSC Cyber Essentials . Experience delivering security assessments and retained advisory services. Ability to contribute to sales cycles , including scoping and proposal development. Comfortable managing multiple engagements in dynamic environments. Nice to Have Certifications such as CISSP , CISM , CRISC , or ISO 27001 Lead Auditor/Implementer . Experience working with UK public sector or regulated industries. More ❯