1 to 25 of 95 Permanent NIST 800 Jobs in the UK

will help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and threat … security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits More ❯

company's information protection requirements. Performs or coordinates internal security assessments, penetration tests, vulnerability scans, and assess organization cybersecurity maturity Complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standards and regulations. Provides internal customer support via assigned tickets for security … Computer Science, or similar discipline. Provides a documented work history that includes a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware … to manage and continuously improve upon vulnerability management program. Ability to propose solutions for closing identified vulnerabilities in the infrastructure. Desired Qualifications: Certified Information System Security Professional (CISSP), NIST Cybersecurity Framework (NCSF), Certified Cloud Security Professional (CCSP) andor Certified Ethical Hacker (CEH) Knowledge and experience with Microsoft Office and Visio. Knowledge of WAN technologies including MPLS, SD WAN. More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

role A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) Experience with the design concepts associated with adoption More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

needs (system administration, help desk support). Monitor security tools and respond to alerts and incidents. COMPLIANCE ACTIVITIES: Change Management Incident Management Maintenance Vulnerability scanning Implement NIST SP 800-171 for internal systems. Establish a System Security Plan (SSP) . The SSP needs to go through each NIST SP 800-171 control … SKILLS SET: 20 years experience in emergent technology. Experience in architecting, building, and securing systems at scale. In-depth knowledge of cybersecurity compliance standards such as ISO, SOC, NIST, CMMC, EDRS, and ITAR. Certifications in (ISACA, CISM, CRISC, CISA, ITCA) . Certified Information Security Manager (CISM) is essential. Certified Authorization Professional (CAP) . Information Systems Security Architecture Professional More ❯

operational excellence. Role Overview As a Security Architect, you will be responsible for enhancing the security posture of DXC's client services by ensuring full compliance with the NIST 800-53 framework. You will evaluate existing security controls, map them to NIST standards, and develop new controls and documentation to improve compliance and overall … security. Key Responsibilities Architect and oversee the implementation of security solutions in compliance with NIST 800-53. Work closely with the customer's architecture team to develop and implement security strategies. Identify security risks, define security requirements, and recommend remediation strategies. Develop and enforce security policy standards to ensure compliance with customer security requirements. Provide … solutions. Support incident investigations and security control enhancements. Ensure security architectures align with industry frameworks such as TOGAF and SABSA. Gap Analysis Report: Assessing current security posture against NIST 800-53. Security Control Mapping: Documenting alignment of existing controls with compliance frameworks. Implementation Plans: Designing and deploying new security controls. Updated Security Documentation: Policies, procedures More ❯

3+ years' experience performing IT Audit or security control testing. Knowledge of internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001/27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). More ❯

security restructure programmes, projects of both a GRC and technical nature alongside frameworks such as ISO27001/2:2005/13, DORA, NIS 2, PCI-DSS, GDPR-DPO, NIST CSF SP800-53, PSD-2, FCA/PRA, and MS Azure. Ownership of Strategic, Operational, and Tactical IT Security and Risk Management, technical and legislative mandates ranging from planning More ❯

controls around data security. Keep informed of new and updated industry frameworks and regulations: GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook. Keep informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvement. Translate … CISA, CRISC, CCNA, GIAC, or equivalent or working towards certification is preferred. Knowledge of Risk Management life cycles based on an established framework: ISO 27001, SANS, NIST SP 800-53, CERT, ENISA. Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC More ❯

and standards, such as NIST, ISO 27001, or similar. General understanding of operational risk and risk-related control frameworks and practices such (ISO 27001, NIST SP 800-53, NIST CSF, COBIT, ITIL, etc.). Experience with IAM tools and technologies, such as Microsoft Entra ID (formerly Azure Active Directory), SailPoint, or similar. More ❯

requirements. Policy and Procedure Management: directs, develops or maintains organisational cyber and information security policies, standards and processes, using recognised standards (e.g. the ISO/IEC 27000 family, NIST CSF) where appropriate. Applies recognised cyber and information security standards and controls within an organisation, programme, project or operation. Applies relevant security classification. Risk Management: develops cyber and information … experience in information security, data protection, risk management, enterprise IT, legal or (relevant) compliance roles. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with external stakeholders, including enterprise clients, critical More ❯

Assurance Risk Assessment and Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native … IAM Cloud security concepts, technologies and best practices for delivering security across IaaS, PaaS, SaaS and Serverless architectures Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27k, NIST800-53, CIS, GDPR) Leading security working groups and external security testing (ITHC, Penetration Testing, etc) of cloud solutions at high HMG classification levels (OFFICIAL required, SECRET desirable) or equivalent in More ❯

in Europe & UK • Managing sales, pre-sales and delivery team of consultants for all regional engagements • Manage Cyber Risk engagement on assessment and implementation of frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Executing advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA … organizations) • Should have proven capabilities of executing atleast 3-4 advisory/consulting engagements • Excellent technical capabilities around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP … Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project & Program Management • Excellent written and verbal communications skills • Should be able to travel 70%-80% on short as well as long term engagements. PLATFORM/TOOL EXPERTISE Experience on the below mentioned tools More ❯

the outcome of engagement in real-time. Operational strategy, written process, control policies, and guidelines. Deriving standard Alpha states from standard control frameworks in conformity to NIST SP 800-171 and NIST SP 800-160 . Creating an ecosystem of practices and preparing incremental improvements. Creating information security requirements, classifying information sensitivity More ❯

accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan 05-138 & Defstan More ❯

Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct … penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools More ❯

Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct … penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools More ❯

across teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines … Def Stan 05-138/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches challenges with innovation and More ❯

information assets through robust cybersecurity measures, ensuring adherence to best practices, international standards, and local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as an information … to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications: Minimum 3 years' experience in cybersecurity. Strong knowledge of security frameworks (NIST 800, ISO 27001) and GDPR regulations. Experience with network security infrastructure and SIEM tools (Splunk, SolarWinds). Proficiency in Windows/Linux system administration and virtualization technologies More ❯

information assets through robust cybersecurity measures, ensuring adherence to best practices, international standards, and local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as an information … to implement security policies and controls. Provide cybersecurity training to ensure staff awareness and compliance. Skills & Qualifications: Minimum 3 years' experience in cybersecurity. Strong knowledge of security frameworks (NIST 800, ISO 27001) and GDPR regulations. Experience with network security infrastructure and SIEM tools (Splunk, SolarWinds). Proficiency in Windows/Linux system administration and virtualization technologies More ❯