1 to 25 of 36 Permanent NIST Jobs in the South West

infrastructure security roles. Strong technical skills across Microsoft environments (on-prem and cloud). Knowledge of security controls such as IAM, firewalls, and endpoint protection. Familiarity with frameworks like NIST, CIS, ISO 27001, and Cyber Essentials Plus. Experience with monitoring and SIEM tools, threat detection, and incident response. Strong communication and stakeholder management skills. Desirable experience: Security certifications (e.g. CISSP More ❯

Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP, OSCP, CISA, CompTIA Sec+, or More ❯

Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out More ❯

Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out More ❯

Network security fundamentals (firewalls, segmentation, secure remote access). Knowledge of IAM (MFA, RBAC, conditional access) and data protection (classification, encryption) policies. Experience aligning builds to recognised frameworks (e.g., NIST, CIS Controls, ISO 27001, Cyber Essentials Plus). Implementing monitoring/logging/alerting and vulnerability management tools including SIEM. Ability to define security configurations and drive consistent adoption across More ❯

leading a Security Operations or Incident Response function Strong technical background across SIEM, EDR, vulnerability management, and cloud security (Azure preferred) In-depth understanding of security frameworks such as NIST CSF, ISO 27001, and MITRE ATT&CK Excellent stakeholder engagement and vendor management experience Relevant qualifications such as CISSP, CySA+, or MSc in Information Security If this looks of interest More ❯

3rd-party SOC, helping to ensure critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls More ❯

of network security principles including firewalls, segmentation and secure remote access Knowledge of IAM concepts including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers More ❯

of network security principles including firewalls, segmentation and secure remote access Knowledge of IAM concepts including MFA, RBAC and conditional access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers More ❯

security controls within cloud-based infrastructure (e.g Azure, AWS, GCP). This may include design, configuration, or protective monitoring. You have experience working with security control frameworks e.g. ISO27001, NIST, CAF or others. You have demonstrable continuous personal development with relevant certifications and accreditations. You have strong interpersonal skills You have UK security clearance at SC or above or are More ❯

Projects will range from risk assessments and ISO 27001 implementations to developing full ISMS frameworks and supporting clients through accreditation. You'll provide expert guidance across standards such as NIST, CAF, and Secure by Design. Security Consultant role is highly client-facing, requiring excellent communication skills and the ability to collaborate with technical teams. You'll stay ahead of industry More ❯

Projects will range from risk assessments and ISO 27001 implementations to developing full ISMS frameworks and supporting clients through accreditation. You'll provide expert guidance across standards such as NIST, CAF, and Secure by Design. Security Consultant role is highly client-facing, requiring excellent communication skills and the ability to collaborate with technical teams. You'll stay ahead of industry More ❯

. Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing. Experience in risk management, vendor security assessments, and compliance. Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST CSF, and GDPR. Ability to support internal/external audits and drive remediation efforts. UK Permanent Residency or Citizenship Required More ❯

fast, ideas are heard, and progress happens quickly. What you’ll bring: Proven experience leading or managing cyber and information security operations Strong grasp of frameworks such as ISO27001, NIST, GDPR and modern security tooling (e.g. Microsoft 365 Defender, Sentinel, Azure) Excellent communication and influencing skills — able to engage both technical and non-technical stakeholders A practical, business-focused approach More ❯

. Hands-on experience with MFA solutions, virtualisation platforms, and network security appliances. Understanding of SIEM operations, vulnerability management, and endpoint protection. Familiarity with recognised security frameworks (ISO 27001, NIST, CIS, Cyber Essentials). Excellent problem-solving skills and ability to work under pressure. Strong communication skills to engage stakeholders and influence technical decisions. Desirable Proven design and implementation experience More ❯

Architecture, Secure Systems, Network & Cloud Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP More ❯

or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO/IEC 27001. DV clearance (or eligibility to obtain DV as a minimum) is required. Evidence of ongoing professional development aligned with cybersecurity assurance, defence More ❯

or defence-focused discipline. Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO/IEC 27001. DV clearance (or eligibility to obtain DV as a minimum) is required. Evidence of ongoing professional development aligned with cybersecurity assurance, defence More ❯

of Secure by Design principles Experience in system security engineering, ideally in defence, space, or critical infrastructure Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001/2, NIST 800-series, JSP 604) Competence in requirements engineering and systems thinking Practical experience with security in software and/or system development environments Effective communication and report-writing skills Ability More ❯

and secure remote access. Knowledge of identity and access management (IAM), including multi-factor authentication (MFA), RBAC, and conditional access policies. Familiarity with common regulatory and compliance frameworks (e.g. NIST, CIS Controls, ISO 27001, Cyber Essentials Plus). Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging More ❯

cloud services, software, and infrastructure solutions. Identify and mitigate security risks in system designs and products. Apply and maintain compliance with security standards and regulations (e.g., NCSC, ISO, SoC, NIST, PCI, GDPR). Conduct security testing for software and infrastructure using relevant tools. Work within Agile teams to embed security practices across the development lifecycle Communicate complex security concepts clearly More ❯

information security risk management and a working knowledge of cybersecurity technologies Knowledge of common information security management frameworks, such as ISO/IEC 27001, as well as those from NIST, including 800-53 and Cybersecurity Framework Desirable: Relevant accreditations including Cyber Essentials, Cyber Assured, etc. In terms of personal qualities, we will look for a high level of personal integrity More ❯

experience to develop pragmatic solutions and resolve complex issues. Certifications such as CISSP, CEH, OSCP, or GSEC are preferred. Knowledge of security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process More ❯

system development and will be a key member of the change advisory board and business risk steering committee. Main responsibilities include - Assist with the continued certification of ISO27001, CMMC (NIST), Cyber Essentials, etc. Responsible for the delivery of the company cyber security strategy . Work with external partners to ensure their work meets the relevant standards, legislation and regulation. Give More ❯

align with the client's risk profile and operational needs. Guide clients in developing and improving their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001. Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments … years of experience in SIEM consulting, SOC, or security operations roles with a focus on threat detection and response. Strong understanding of threat detection methodologies, security frameworks (e.g., NIST, ISO 27001), and compliance requirements. Experience with SIEM design and architecture, data ingestion, log management, and custom dashboard creation. Familiarity with cloud-native security solutions and knowledge of security practices in More ❯