1 to 25 of 145 Permanent NIST Jobs in the UK excluding London

application designs, supporting secure architecture and delivery from the outset. Compliance & Framework Alignment: Ensure security operations align with regulatory standards and frameworks such as NIST, ISO 27001, and NCSC CAF. Person SpecificationEssential: Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability ...

point security tools and data loss prevention controls are highly advantageous Skills and experience Experience working within recognised information security frameworks (e.g. ISO27001, NIST) Proven experience in an information security role, preferably within financial services or e-commerce Strong analytical capability, with the ability to interpret data and support decision ...

proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF ...

proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF ...

Lead experience MOD/GDS Secure by Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ...

strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self starter with strong communication ...

and the wider estate are sufficiently tested for signs of vulnerability. Governance, Risk & Compliance (GRC) Ensure audit readiness, control effectiveness (key SOX/ITGC, NIST/ISO mappings), and remediation governance; lead policy lifecycle and attestations. Oversee the enterprise risk process (RCSA, KRIs), executive reporting, and board risk briefings. Improve ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

assurance, finance industry, and information technology. Knowledge of vendor-agnostic cloud security concepts. Knowledge of information security and standards, including but not limited to NIST CSF 2.0. Possess a results-oriented, high-energy, self-motivated attitude and a strong commitment to customer service. Strong interpersonal, organizational, oral, and written communication ...

Information Security Manager), CISA (Certified Information Systems Auditor), CEH (Certified Ethical Hacker), or equivalent are highly desirable. In-depth knowledge of security frameworks (e.g., NIST, ISO 27001), network security protocols, firewalls, encryption, and intrusion detection systems (IDS). Strong understanding of threat landscape and risk management strategies. Proficiency in security ...

risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber ...

risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber ...

risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber ...

secure infrastructure Work alongside security operations teams to address threats and operational issues Ensure adherence to recognised standards and regulations (e.g. GDPR, ISO 27001, NIST frameworks) Maintain and update security documentation, policies, and procedures Support client-facing requirements in line with contractual security obligations Assist with both internal and external ...

implementation of the Operational Technology security strategy across engineering and operational teams. Assist in applying recognised cyber security frameworks such as National Institute of Standards and Technology Cyber Security Framework and IEC 62443 to operational environments. Work with engineering teams to understand how operational systems such as Supervisory Control and ...

budget, and to technical standards Security & Compliance Oversee implementation of security tools (EDR, MFA, XDR, backup, etc.) Maintain compliance with frameworks (Cyber Essentials, ISO, NIST) Conduct risk assessments and recommend improvements Client Engagement Act as a trusted technical advisor for key clients Attend technical review meetings and present environment health ...

enterprise environment. Strong understanding of SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling. Knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls. Demonstrated expertise in incident response and threat management. Experience working in hybrid cloud environments (Azure ...

across business functions, technology teams, and geographic regions. 5. Governance, Compliance & Risk Management Ensure identity processes comply with global standards and regulations (ISO 27001, NIST, SOX, GDPR, industry-specific controls). Lead IAG risk assessments, audit readiness, control testing, and remediation activities. Provide executive reporting on identity risk posture, programme ...

and vulnerability management Maintain and manage the IT risk framework and risk register Ensure alignment with regulatory requirements and industry frameworks (e.g. ISO 27001, NIST, DORA) Partner with senior leadership to embed security and risk awareness across the organisation Provide regular reporting to executive stakeholders on security posture and technology ...