1 to 25 of 106 Remote Permanent NIST 800 Jobs

security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional … and infrastructure domains. Extensive experience working with senior leadership and stakeholders to drive strategic security initiatives, influencing decisions at the enterprise level. Strong understanding of security frameworks, including NIST CSF, SABSA etc, and the ability to apply them in diverse environments. Qualifications and certifications: Degree in a technology discipline (Computer Science, Information … Management, Computer Engineering, Cybersecurity or equivalent) Professional certifications such as CISSP, CISA, CISM, CRISC, SABSA, or equivalent. Deep expertise in risk management frameworks, including ISO 27001, NIST SP 800-53, and SANS Top 20 Critical Security Controls. Experience with cloud security solutions and services Our commitment to employees: We are a small company with a big More ❯

security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional … and infrastructure domains. Extensive experience working with senior leadership and stakeholders to drive strategic security initiatives, influencing decisions at the enterprise level. Strong understanding of security frameworks, including NIST CSF, SABSA etc, and the ability to apply them in diverse environments. Qualifications and certifications: Degree in a technology discipline (Computer Science, Information … Management, Computer Engineering, Cybersecurity or equivalent) Professional certifications such as CISSP, CISA, CISM, CRISC, SABSA, or equivalent. Deep expertise in risk management frameworks, including ISO 27001, NIST SP 800-53, and SANS Top 20 Critical Security Controls. Experience with cloud security solutions and services Our commitment to employees: We are a small company with a big More ❯

security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional … and infrastructure domains. Extensive experience working with senior leadership and stakeholders to drive strategic security initiatives, influencing decisions at the enterprise level. Strong understanding of security frameworks, including NIST CSF, SABSA etc, and the ability to apply them in diverse environments. Qualifications and certifications: Degree in a technology discipline (Computer Science, Information … Management, Computer Engineering, Cybersecurity or equivalent) Professional certifications such as CISSP, CISA, CISM, CRISC, SABSA, or equivalent. Deep expertise in risk management frameworks, including ISO 27001, NIST SP 800-53, and SANS Top 20 Critical Security Controls. Experience with cloud security solutions and services Our commitment to employees: At CLS, we celebrate diversity and consider this More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

building security. Risk Management: Lead Cyber and Information Security Risk Management for NSoIT(D). Implement and manage cyber security risks in STREAM and ARM. Conduct and manage NIST 800-based Risk Assessments. Oversee cyber and information security architecture within STREAM. Deliver routine cyber and information security risk reporting. Act as secretary to the programme Security More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

per week and must be within commutable distance of their London HQ. Responsibilities: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Hands on testing of Security controls Conduct regular risk assessments and maintain risk register in RSA Archer. Represent security … Certifications: Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not essential if experience validates skills. Knowledge of security frameworks (eg, NIST CSF, ISO 27001, SOC1,2). More ❯

per week and must be within commutable distance of their London HQ. Responsibilities: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Hands on testing of Security controls Conduct regular risk assessments and maintain risk register in RSA Archer. Represent security … Certifications: Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not essential if experience validates skills. Knowledge of security frameworks (eg, NIST CSF, ISO 27001, SOC1,2). More ❯

to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain … certifications Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not essential if experience validates skills. Knowledge of security frameworks (e.g., NIST CSF, ISO 27001, SOC1,2). Prince 2, MSP, APMQ advantageous. A desire to continue learning and developing security skills and qualifications. Our commitment to employees: At CLS, we More ❯

is a plus. Having experience in leading and executing IT audit, IT internal control, and IT risk consulting engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs is a plus. You have advanced knowledge … of leading frameworks such as ISO 27001, NIST Cybersecurity Framework (CSF) NIST 800-53, CIS and the Cybersecurity Maturity Model. You have experience with Information Governance and Information Security Strategy plans, and assessments using industry framework; ISO, NIST, SOC-2, PCI, CIS, etc. You have advanced written and verbal communication and presentation More ❯

have a minimum of three years of experience in the field of cybersecurity and information risk management. You have working knowledge of leading frameworks such as ISO 27001, NIST Cybersecurity Framework (CSF), NIST 800-53, CIS, and the Cybersecurity Maturity Model. You have experience in writing policies, procedures, and controls in one or more More ❯

suppliers to ensure ongoing compliance with MOD standards (e.g., Secure By Design, DefStan 05-138). Conduct information security risk assessment and management using recognized frameworks such as NIST SP800. Perform information security assurance activities and manage incidents. Establish and manage internal and external Security Working Groups. Support Serco Defence projects and design activities, ensuring compliance with MOD … Secure by Design, HMG policy, NCSC guidance, NIST 800, and ISO 27001. Advise on technical requirements and compliance with formal contract security schedules (Security Aspects Letters) and recommend security technologies and controls. Provide advice and guidance to maintain existing cyber security compliances (e.g., ISO 27001, Cyber Essentials Plus), MOD certifications, and HMG security controls. Adopt a More ❯

technology and its cryptographic principles is a plus. Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with security frameworks such as NIST 800-57, ISO 27001 or PCI DSS. Are you the right candidate? Yes! We truly believe in the power that comes from the diverse backgrounds and experiences More ❯

Knowledge of blockchain technology and its cryptographic principles. Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with security frameworks such as NIST 800-57, ISO 27001 or PCI DSS. Are you the right candidate? Yes! We truly believe in the power that comes from the diverse backgrounds and experiences More ❯

responsible for applying and documenting Information System (IS) security principles, practices, and procedures under the Risk Management Framework (RMF) to maintain compliance with applicable security regulations such as NIST, CNSSI, and NISPOM as well as governing the development and management of classified information systems. This position requires the ISSM to be a strong advocate for integrating security into … as audit log reviews, security patching, and hardware/software configuration Lead the organization's CMMC compliance program, ensuring alignment and adherence to DoD cybersecurity standards (NIST SP 800-171, etc.) Develop, document, and guide the implementation of practical, actionable information security policies, procedures, and controls aligned with CMMC and NIST standards (SSP, POAM … experience in information security Expertise in RMF and ATO processes Previous experience with classified information system security management and administration Proven ability to translate CMMC/NIST SP 800-171 requirements into documented, implementable procedures Experience maturing a cybersecurity program, including developing processes and documentation Strong background in defense contracts and classified information handling procedures. Experience More ❯

procedures. Support Authorizing Official (AO) actions by developing and delivering PAM (Privileged Access Management) solutions that include supporting documents and artifacts in accordance with RMF as defined in NIST 800-37 revision 2 and related agency specific RMF requirements Provide input … into an Audit and Accountability Plan containing methods, procedures, and planned reviews for the continuing accreditation and authorization against AU (Audit and Accountability) family controls per NIST SP 800-53 guidance Provide input to and guide implementation and/or verification and validation of an organizational access control policy and plan reflecting PAM and integrated cybersecurity … comprise IT systems including network topology. Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes. Understanding of federal cybersecurity guidance such as FISMA NIST SP 800-37 - Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach and NIST 800-137 - Information Security More ❯

accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan 05-138 & Defstan More ❯

accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan 05-138 & Defstan More ❯

Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct … penetration testing, vulnerability assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security More ❯

cryptographic security controls into software development and deployment processes. Support post-quantum cryptography (PQC) readiness by evaluating and preparing for emerging threats to encryption security. Ensure compliance with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN … storage practices. Experience working in financial institutions or other highly regulated industries. Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN More ❯

practices and security testing. Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE/CVSS, and NIST SP 800-53. Experience of vulnerability scanning tools, penetration testing tools, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap, Claire, and OpenSCAP). Extensive experience with … Red Teaming, Purple Teaming and Attack Automation. Familiarity with industry regulations and compliance standards related to cybersecurity, such as NIST CSF, SOC2, PCI DSS, and ISO 27001. A relevant professional qualification in Cyber and Information Security (e.g., OCSP, CISM, CISSP, CEH) Experience of vulnerability management and security testing in cloud environments (such as Azure, GCP and/or More ❯