1 to 25 of 493 Permanent NIST Jobs in the UK

and constructive feedback SKILLS AND EXPERIENCE Functional/Technical Competencies Essential: Good understanding of cybersecurity/IT control frameworks including but not limited to frameworks from SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, and PCI-DSS Good managerial skills Experience of working as an IT auditor, security auditor or governance, risk and compliance analyst Proven understanding of current best practice More ❯

Proven experience leading cyber security operations in a regulated or financial services environment (FCA exposure preferred). Strong understanding of security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as:o Cortex XDR/Palo Alto Networkso Splunk (SIEM and dashboarding)o Abnormal Security (email security)o Prisma More ❯

Proven experience leading cyber security operations in a regulated or financial services environment (FCA exposure preferred). Strong understanding of security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus). Experience with modern security tooling such as: Cortex XDR/Palo Alto Networks Splunk (SIEM and dashboarding) Abnormal Security (email security) Prisma Cloud (cloud security More ❯

automated solutions for vulnerability scanning, threat detection, and incident response, with a focus on continuous process improvement. Risk Management & Threat Intelligence Strong familiarity with security frameworks and standards (e.g. NIST, ISO 27001), and deep understanding of security concepts including vulnerability management, threat intelligence, incident response, and offensive security techniques. Experience in gathering and analysing threat intelligence to understand emerging threats More ❯

the delivery of security advisory services Experience: Knowledge of risk management concepts including risk assessment and risk treatment techniques and methodologies, including: • Risk Assessment methods and frameworks (IRAM2, OCTAVE, NIST, ISO 27005 etc) • Information Security Management System frameworks and standards and their application • Compliance frameworks relevant to financials services including SOX, PCI DSS, SSAE16, etc) • Good working knowledge of one More ❯

modelling, risk assessments, and incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve security More ❯

Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud security monitoring (AWS, Azure, GCP). Knowledge of frameworks such as NIST and MITRE ATT&CK. Qualifications Bachelor’s degree in Cyber Security, IT, or related field. 3–5 years in SOC operations, incident response, or threat intelligence. Practical experience with forensic More ❯

Linux), network protocols, and packet analysis tools. Familiarity with Scripting languages (Python, Bash, PowerShell). Experience with cloud security monitoring (AWS, Azure, GCP). Knowledge of frameworks such as NIST and MITRE ATT&CK. Qualifications Bachelor's degree in Cyber Security, IT, or related field. 3-5 years in SOC operations, incident response, or threat intelligence. Practical experience with forensic More ❯

compensating controls. Maintain asset inventories and ensure patching and configuration baselines are followed. Security Governance & Compliance Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2. Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS). Develop and maintain documentation for policies, procedures, architecture, and runbooks. Collaboration & Knowledge Sharing Work More ❯

compensating controls. Maintain asset inventories and ensure patching and configuration baselines are followed. Security Governance & Compliance Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2. Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS). Develop and maintain documentation for policies, procedures, architecture, and runbooks. Collaboration & Knowledge Sharing Work More ❯

compensating controls. Maintain asset inventories and ensure patching and configuration baselines are followed. Security Governance & Compliance Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2. Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS). Develop and maintain documentation for policies, procedures, architecture, and runbooks. Collaboration & Knowledge Sharing Work More ❯

Strong understanding on Infrastructure-as-Code (IaC) (inc, Bicep/Terraform). Understanding of modern DevOps and CI/CD pipelines (DevSecOps). Knowledge of compliance frameworks (ISO 27001, NIST, CIS Benchmarks) desirable Key Attributes Analytical mindset with strong problem-solving skills. Excellent communication skills like able to explain technical concepts clearly to non-technical stakeholders. Proactive, curious, and continuously More ❯

Leadership & Strategy Define and implement the company's security strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines More ❯

workflows. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls More ❯

services. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Implement automated compliance controls and continuous More ❯

assurance Preferred: Professional certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail More ❯

assurance Preferred: Professional certifications: CISSP, CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic approach to security implementation Detail More ❯

infrastructure security roles. Strong technical skills across Microsoft environments (on-prem and cloud). Knowledge of security controls such as IAM, firewalls, and endpoint protection. Familiarity with frameworks like NIST, CIS, ISO 27001, and Cyber Essentials Plus. Experience with monitoring and SIEM tools, threat detection, and incident response. Strong communication and stakeholder management skills. Desirable experience: Security certifications (e.g. CISSP More ❯

concepts that clearly communicate value and differentiation. Solution Architecture Design comprehensive security architectures across network, endpoint, identity, cloud, and data protection domains. Ensure alignment with industry frameworks such as NIST, ISO, and CIS, and compliance with regulatory standards (PCI-DSS, HIPAA, etc.). Produce proposals, Bills of Materials (BOMs), high-level designs, and Statements of Work (SOWs). Vendor & Partner More ❯

in vulnerability management and patch management (Qualys or similar platforms). Understanding of Email Security platforms (e.g., Darktrace) and Security Awareness & Training platforms. Knowledge of security frameworks (ISO 27001, NIST, GDPR, etc.). Familiarity with SIEM, security system administration, and incident response. Understanding of SOC operations and monitoring. No formal qualifications required, although a security or IT-related certification (e.g. More ❯

Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP, OSCP, CISA, CompTIA Sec+, or More ❯

Detection and Response), and network architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP, OSCP, CISA, CompTIA Sec+, or More ❯

automated solutions for vulnerability scanning, threat detection, and incident response, with a focus on continuous process improvement. Risk Management & Threat Intelligence Strong familiarity with security frameworks and standards (e.g. NIST, ISO 27001), and deep understanding of security concepts including vulnerability management, threat intelligence, incident response, and offensive security techniques. Experience in gathering and analysing threat intelligence to understand emerging threats More ❯

Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security More ❯

Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security More ❯