1 to 25 of 157 Permanent NIST Jobs in the UK

processes Ability to work independently while contributing effectively as part of a team Desirable: Experience working in or alongside a SOC environment Knowledge of NIST, NIS-R and PCI DSS Experience with WAF, IDS/IPS, firewalls and network security tools Exposure to automation or scripting Experience with cybersecurity training ...

Lead experience MOD/GDS Secure by Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ...

of the security domain. Techniques & Tools - Architectural Frameworks: Expert knowledge of SABSA (essential for risk mapping) and TOGAF (desirable). Cyber Standards: Mastery of NIST CSF, ISO 27001, CISM and Cyber Essentials Plus, with the ability to apply them practically in a cloud -native environment. Threat Modelling: Proficiency in applied ...

proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF ...

proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF ...

focusing on high-level incident response and the triaging of complex security issues.• Governance & Risk: Define and maintain security policies in alignment with NCSC, NIST, MITRE, and GDPR frameworks. • Team Development: Mentor junior staff and share technical knowledge to strengthen the team’s overall security posture. • Process Improvement: Drive automation ...

protect network integrity. Enforce robust security policies to maintain system security standards. Compliance and Audit Support Ensure adherence to compliance standards including ISO27001, NIST, and GDPR through regular audits and risk assessments. Support audit processes by providing necessary documentation and evidence of compliance. Security Awareness and Training Conduct regular training ...

evaluate control effectiveness. Design pragmatic, business‐aligned security improvements, architectures, and operating models. Advise clients on regulatory and standards compliance (e.g., GDPR, ISO 27001, NIST, PCI DSS). Produce clear, concise, executive‐ready reports, presentations, and recommendations. Build and maintain trusted client relationships, managing day‐to‐day workplans and ...

strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and ...

threat intelligence platforms. Expertise in metrics-driven monitoring: defining, tracking, and reporting MTTD, MTTR, false positive rates, and coverage completeness. Familiarity with frameworks like NIST CSF, MITRE ATT&CK, and ISO 27001, with experience applying these to monitoring. Experience in threat hunting, anomaly detection, and behavioral analytics. Strong leadership skills ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

and network issues and participate in change management processes Ensure continuous compliance with industry standards and regulations, including ISO 27001, ISA/IEC 62443, NIST, and GDPR, as well as internal corporate policies Translate global cybersecurity policies into practical local procedures tailored to OT constraints such as safety and uptime ...

Information Security certifications in at least one of the following: CISSP, CISM, CRISC, CGRC Demonstrable knowledge of Government Standard 007: Security, ISO 27001 and NIST Problem management and/or ITIL experience. Knowledge of GEOINT and SIGINT, ACINT, MASINT, OSINT, HUMINT and the analysis of the data and information *Formal ...

party security controls into vendor governance processes, working closely with Procurement, Legal, Technology, and Risk. Monitor compliance with industry frameworks such as CIS Controls, NIST, GDPR, and sector-specific guidance. Support contract reviews and provide expert input on security clauses, ensuring risk-based decisions are supported by strong security requirements. ...

management, cyber risk, security target operating model, governance, compliance, cyber security maturity assessment, metrics and C-level dashboards) and leading industry-based practices (e.g. NIST CSF, ISO 2700x) Managing the coordination and communication of key findings and results of engagements, producing written reports and supporting oral presentations to senior client ...

solutions and standards is highly advantageous Competence, knowledge and skills Competence Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. 5 years experience in an Information Security role gained in a financial services or e-commerce environment is preferred Knowledge & Skills Significant experience ...

preferred). Experience in cybersecurity with 3+ years in a security architect or solution designer role. Familiarity with industry standards and frameworks such as NIST, ISO 27001, TOGAF. Strong documentation skills with experience writing SDDs, architecture diagrams, and technical specifications. Certifications such as CISSP, SABSA, TOGAF, CCSP, or AWS/ ...

Security Operations Analyst or AZ-500 Azure Security Engineer Associate Knowledge of cloud security principles and technologies Desirable: Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security ...

Management System Manual for Quality (ISO 9001), InfoSec (ISO 27001) and ESG (ISO 14001). Follow established OT security procedures aligned with IEC 62443, NIST CSF, and company policies. Translate complex technical threats into clear business risks for management and collaborate with GRC (Governance, Risk, and Compliance) teams. Work with ...

CASP) or equivalent Experience within a SOC environment would be highly advantageous Knowledge and understanding of commonplace information security frameworks and standards, e.g. CAF, NIST, NIS2, ISO27001 and preferably experience of implementing policies and tooling in support of these frameworks A background in IT, be it: infrastructure, networks, software ...

of threat vectors, security controls and modern IT architectures. Risk Framework Knowledge: Practical experience using recognised information security and risk management methodologies such as NIST, COBIT and ISO27001. Broader Risk Awareness: Understanding of wider risk management systems and methodologies beyond cyber and technology. Insightful Reporting: Ability to design and produce ...

of threat vectors, security controls and modern IT architectures. Risk Framework Knowledge: Practical experience using recognised information security and risk management methodologies such as NIST, COBIT and ISO27001. Broader Risk Awareness: Understanding of wider risk management systems and methodologies beyond cyber and technology. Insightful Reporting: Ability to design and produce ...

budget, and to technical standards Security & Compliance Oversee implementation of security tools (EDR, MFA, XDR, backup, etc.) Maintain compliance with frameworks (Cyber Essentials, ISO, NIST) Conduct risk assessments and recommend improvements Client Engagement Act as a trusted technical advisor for key clients Attend technical review meetings and present environment health ...

Identity, or Microsoft Sentinel. Background in retiring legacy infrastructure like RADIUS or on-prem file shares. Knowledge of Zero Trust architecture and CIS/NIST compliance baselines. Qualifications & Attributes Experience: 5–10 years within IAM, Windows Infrastructure, or Hybrid Cloud Operations. Education: Bachelor’s degree in Computer Science, Cyber Security ...

business stakeholders. Preferred Certifications CISM, CISSP, CISA, CRISC or similar industry-recognised qualifications. Technical Skills Understanding of IT security management systems and frameworks (NIST, ISO 27001). Experience implementing or operating GRC workflows and SAP Process Controls (CCM). Strong knowledge of enterprise applications, particularly ERP and financial systems. ...