24 of 24 DemandTrendPermanent NIST Jobs in the Thames Valley

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. More ❯

environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability More ❯

in ICT security management and incident response (CIS and Cyber Essential Plus). Strong technical knowledge of Microsoft 365, Azure, and cloud security. Familiarity with frameworks like ISO 27001, NIST, and CIS. Excellent communication skills and a pragmatic, risk-based mindset. Relevant certifications (e.g. AZ-500, CISSP, CISM, CCSP) are highly desirable. This role offers hyrbid working (1-2 days More ❯

while building your own leadership brand What we’re looking for: Proven experience in cyber strategy, cyber risk, transformation, or security governance Strong understanding of industry frameworks such as NIST CSF, ISO27001, CAF or CRI2.0 Ability to communicate clearly with stakeholders at all levels — from technical teams through to board-level A blend of consulting and hands-on delivery experience More ❯

processes. Promote a positive and proactive cyber security culture. About You: Strong advisory background in cyber security within complex enterprise environments. Knowledge of frameworks and standards such as ISO27001, NIST, NIS Regulations. Understanding of infrastructure, networks, applications and cloud security principles. Excellent communicator with proven stakeholder management experience. Passionate about innovation, problem solving and continuous improvement. Qualifications & Experience: Degree (or More ❯

DSS. Strong understanding of governance, risk management, and regulatory compliance. Proficiency with security monitoring tools and incident management processes. Excellent analytical, communication, and leadership skills. Desirable Knowledge of GDPR, NIST, or other security frameworks. Experience in highly regulated industries such as, technology, finance, telecoms, and maybe healthcare More ❯

forums. Required Experience & Skills Experience as a hands-on individual contributor who can pivot to strategy and delivery. In-depth knowledge of InfoSec and regulatory standards including ISO 27001, NIST, GDPR, HIPAA, GxP, and the EU AI Act. Demonstrated experience leading compliance certification programmes and external audits. Strong understanding of cybersecurity and IT infrastructure within ML/cloud environments. Proven More ❯

the testing process. Collaborate with control owners and stakeholders to gather evidence, clarify control objectives, and support the smooth execution of testing activities. Stay informed on relevant frameworks (e.g., NIST CSF, CIS Controls) and industry best practices to support the evolution of the control testing programme. What you should bring to the role To thrive in this role, the essential More ❯

email security, and other key cybersecurity tools. Manage incident response plans and investigations, coordinating with internal teams and external partners. Ensure compliance with standards like ISO 27001, GDPR, and NIST frameworks. Promote security awareness and training across departments. Requirements: Degree in Cybersecurity, Information Security, or related field. Proven experience in manufacturing, energy, chemicals, or similar sectors. 15 years of experience More ❯

Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security frameworks (e.g., NIST, ISO 27001, CIS Controls) Cloud security experience across major hyperscalers More ❯

practical work such as conducting AI risk assessments, advising on ethical implications, and developing operational policies for clients. A strong understanding of key AI governance standards and regulations (e.g., NIST AI RMF, EU AI Act), ideally demonstrated by a professional qualification such as ISO 42001 or IAPP AIGP. We value practical experience and are committed to supporting the right candidate More ❯

deliver the strategic roadmap for global Cyber GRC. Lead and develop a high-performing team across multiple regions. Oversee risk management, assurance, and compliance aligned with frameworks such as NIST, ISO27001 and CIS. Drive third-party and M&A cyber risk management. Deliver clear, data-driven insights and dashboards for senior stakeholders. Champion a strong security culture and continuous improvement More ❯

Risk Manager, Senior GRC Consultant (Cybersecurity), Cybersecurity Risk and Compliance Lead, Information Security Compliance Manager, Head of InfoSec Governance, ISO 27001 Compliance Lead, ISO 27001 Lead Implementer/Auditor, NIST Cybersecurity Framework, Risk management (cyber/information security), Information Security Management System (ISMS), Control assurance/control testing, Regulatory compliance (GDPR, UK Cyber Essentials), Security governance frameworks REF More ❯

Strong understanding of mail filtering technologies • Strong understanding of Cloud infrastructure technologies, including encryption • Demonstrable experience of working with Microsoft Sentinel, Defender and Purview • Excellent understanding of security frameworks (NIST and Cyber Essentials) • Ability to lead and manage third party providers • Strong understanding of incident response processes and methodologies including leading and managing incidents • Lead on root cause analysis, providing More ❯

an IAM solution across all aspects of the SDLC (Analyse, Design, Develop/Configure, Test, Deploy, Document) Understanding of regulatory frameworks, and their application to IAM, e.g. SOx, ISO27001, NIST, HIPAA, GDPR, PSD2, etc. Ideally, an education in Business, IT, IT security or related field Advantageous: Professional certifications such as CISSP, CISA, ITIL, etc. Product certifications from SailPoint, or other More ❯

and capability growth What We’re Looking For 5+ years in cybersecurity or cyber advisory Experience leading cyber transformation in a consulting or enterprise environment Deep understanding of frameworks: NIST, ISO27001, GDPR, NIS2, CAF Track record managing teams and complex project delivery Executive-level stakeholder management and influencing skills Certifications (CISSP, CISM, CISA, M.Inst.ISP) highly desirable This is a chance More ❯

an IAM solution across all aspects of the SDLC (Analyse, Design, Develop/Configure, Test, Deploy, Document) Understanding of regulatory frameworks, and their application to IAM, e.g. SOx, ISO27001, NIST, HIPAA, GDPR, PSD2, etc. Ideally, an education in Business, IT, IT security or related field Advantageous: Professional certifications such as CISSP, CISA, ITIL, etc. Product certifications from SailPoint, or other More ❯

leaders in a team that values inclusion and ideas 🧠 What we’re looking for Experience leading cyber transformation or strategy engagements, ideally in consulting Strong knowledge of frameworks like NIST CSF, ISO27001, NCSC CAF or NIS2 Able to translate technical cyber risk into business-relevant recommendations Excellent communication and stakeholder management skills (CISO/Board level) Ideally holds certifications like More ❯

Information Security Analyst – NIST Implementation Rate - £500 Inside IR35 (Total to umbrella) Duration – 6 months Location – twice a week on site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber … proactively managing non-compliance issues and mitigating Information Security risks. About You : You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Conducting assessments to identify material gaps, analyzing potential risks, and monitoring progress on maturity uplifting across security functions. Supporting compliance activities with the Group Information … across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF in the financial services sector is highly desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security More ❯

management response is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop simulations … controls and consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company in More ❯

threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies … experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior (I More ❯

clear, meaningful reports for senior business and non-technical audiences. Create Board-level inputs and executive reporting packs with top-level narratives and insight-driven commentary. Ensure alignment with NIST frameworks and internal Cyber Risk Management principles. Identify, connect, and manage data sources, owners, systems, and submission cycles to ensure timely and accurate reporting. Conduct “check and challenge” analysis to … regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. Strong written and verbal communication More ❯

influence the operational and strategic approach to cyber risk across a complex and regulated environment. Key Responsibilities: Lead and support the implementation of security risk management processes aligned with NIST and other regulatory frameworks. Act as a subject matter expert on RSA Archer – configuring, managing, and optimising the platform for enterprise risk use cases. Develop and deliver high-quality risk … We’re Looking For: Mandatory: Strong hands-on experience with RSA Archer – this is essential for the role. Ideally 8+ years experience in similar roles In-depth understanding of NIST frameworks and security risk methodologies. A Cyber Risk Management mindset, with a practical and business-oriented approach to risk. Excellent attention to detail and a methodical, highly organised working style. More ❯