1 to 25 of 360 Permanent NIST Jobs in the UK

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

with SIEM, SOAR, EDR, UTM, and honeypots. Cloud Security: Understanding of cloud platform security measures (AWS, Azure, etc.) Security Frameworks: Advanced knowledge of frameworks such as MITRE ATT&CK, NIST, etc. Consulting Skills: Risk Management: Ability to assess, prioritize, and manage security risks aligned with client needs Strategic Planning: Capable of developing and executing end-to-end security strategies Communication More ❯

365. Knowledge of information security standards including ISO 27001, PCI-DSS, GDPR. Strong grasp of IT domains including Linux, Windows, networking, containers, IAM, and monitoring. Understanding of ISO27001, ISO27005, NIST security controls, WAF, and network segmentation. Desirable Extras: Experience leading peer reviews and collaborating with cloud solution architects. Ability to positively incorporate feedback into architectural patterns. Certifications Required: Essential: Active More ❯

Web Application Firewalls, Intrusion Detection/Prevention, Incident Response, and Security Information and Event Management (SIEM), Identify and Access Management (IAM) controls. Implementation experience with compliance frameworks such as NIST, PCI-DSS, ISO/IEC 27001, ISO/IEC 27017, FISC, etc Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability More ❯

You'll Bring Prior and proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

workflows. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls More ❯

transformation initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK financial regulations, GDPR, and industry standards (ISO 27001, NIST, PCI DSS, etc). Experience running risk assessments, threat modelling, and security testing programmes. Ability to engage and influence senior stakeholders, balancing security with commercial and operational priorities. Strong communication More ❯

Information Assurance Risk Assessment and Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native threats. More ❯

this role you must have demonstrable hands-on expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including the NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the UK Telecom Security Act would be advantageous More ❯

compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance gaps. Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls. Familiarity with the use of standard security technology solutions and processes such as user provisioning, directory, SIEM, vulnerability management, Cloud Security More ❯

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

evaluate security controls. Ensure solutions comply with 'Secure by Design' principles, corporate policies, and industry frameworks. Assess vulnerabilities, lead risk mitigation, and ensure compliance with industry standards (ISO 27001, NIST, NCSC). Contribute to security design documentation, options papers, and client presentations. Collaborate across 1st, 2nd, and 3rd lines of defense on cyber risk, compliance, and governance. Create and present More ❯

to undergo DV clearance/UK Citizen/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC More ❯

or related field (master’s preferred). Experience in cybersecurity with 3+ years in a security architect or solution designer role. Familiarity with industry standards and frameworks such as NIST, ISO 27001, TOGAF. Strong documentation skills with experience writing SDDs, architecture diagrams, and technical specifications. Certifications such as CISSP, SABSA, TOGAF, CCSP, or AWS/Azure Security are a plus. More ❯

or related field (master’s preferred). Experience in cybersecurity with 3+ years in a security architect or solution designer role. Familiarity with industry standards and frameworks such as NIST, ISO 27001, TOGAF. Strong documentation skills with experience writing SDDs, architecture diagrams, and technical specifications. Certifications such as CISSP, SABSA, TOGAF, CCSP, or AWS/Azure Security are a plus. More ❯

or related field (master’s preferred). Experience in cybersecurity with 3+ years in a security architect or solution designer role. Familiarity with industry standards and frameworks such as NIST, ISO 27001, TOGAF. Strong documentation skills with experience writing SDDs, architecture diagrams, and technical specifications. Certifications such as CISSP, SABSA, TOGAF, CCSP, or AWS/Azure Security are a plus. More ❯

or related field (master’s preferred). Experience in cybersecurity with 3+ years in a security architect or solution designer role. Familiarity with industry standards and frameworks such as NIST, ISO 27001, TOGAF. Strong documentation skills with experience writing SDDs, architecture diagrams, and technical specifications. Certifications such as CISSP, SABSA, TOGAF, CCSP, or AWS/Azure Security are a plus. More ❯

or related field (master’s preferred). Experience in cybersecurity with 3+ years in a security architect or solution designer role. Familiarity with industry standards and frameworks such as NIST, ISO 27001, TOGAF. Strong documentation skills with experience writing SDDs, architecture diagrams, and technical specifications. Certifications such as CISSP, SABSA, TOGAF, CCSP, or AWS/Azure Security are a plus. More ❯

query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks Understanding of network traffic flows and vulnerability management Exposure to ethical hacking and penetration testing Knowledge of ITIL disciplines (Incident, Problem, Change Management) Experience with ServiceNow Security More ❯

/AWS/GCP telemetry, threat intelligence platforms. Expertise in metrics-driven monitoring: defining, tracking, and reporting MTTD, MTTR, false positive rates, and coverage completeness. Familiarity with frameworks like NIST CSF, MITRE ATT&CK, and ISO 27001, with experience applying these to monitoring. Experience in threat hunting, anomaly detection, and behavioral analytics. Strong leadership skills: able to recruit, mentor, and More ❯

About You: Experience & Qualifications Strong working knowledge of global data privacy laws and compliance standards (e.g. GDPR, CCPA, SOC 2) Strong knowledge of security standards, controls, and best practices (NIST, CIS, OWASP) Familiarity with cloud security (AWS, Azure, GCP) Experience with audit management, GRC tools, and security monitoring solutions Excellent problem-solving, communication, and stakeholder management skills Skills & Traits You More ❯

security, and the design and implementation of security solutions Proficient in security modelling, frameworks, and tools (e.g., SparxEA, Archi) with deep knowledge of security principles, methodologies, and industry standards (NIST, ISO 27001, PCI-DSS, GDPR) Skilled in threat and risk modelling, governance, and aligning security controls with business strategy, regulation, and technical constraints Stakeholder engagement and communication skills, with experience More ❯

pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks (e.g., NIST, ISO 27001) and compliance requirements Knowledge of container security tools (e.g., Aqua, Twistlock, Trivy) and vulnerability scanners Excellent analytical and communication skills Preferred Qualifications Certifications such as CISSP, CISM, CKS More ❯