18 of 18 Permanent NIST Jobs in Yorkshire

security testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). Kind Regards -- Priyanka Sharma Senior Delivery Consultant Office: 02033759240 Email: psharma@vallumassociates.com More ❯

security testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful More ❯

on operational security and incident response. Extensive knowledge of IT risk management, threat intelligence, IAM and vulnerability management. Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and CyberEssentials. Ability to articulate complex technical risks in clear, actionable terms to business stakeholders. This is an exciting opportunity to lead a future focused function that offers a competitive More ❯

opportunity for an Information Security Consultant looking to elevate their career. We're looking for someone with hands-on experience in ISO 27001 implementation and auditing, and expertise in NIST to drive our Compliance Team's service offerings forward. Work with a innovative, industry-leading Cyber Security team Play a key role in the development of internal and client security … ready to make an impact in Cyber Security, this role is for you! Responsibilities: Ensure protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews More ❯

as SIEM, SOAR, and EDR. Proficiency in analysing logs across multiple platforms (Networking, Windows, Mac, Linux, Cloud). Solid understanding of evidence collection and handling procedures. Familiarity with the NIST 800-61 incident response lifecycle, including containment, eradication, and recovery. Experience with digital forensics, chain-of-custody procedures, and forensic tools. Awareness of incident response planning and tabletop exercises. Understanding More ❯

clients is key!) Bonus if you have: Microsoft certs (SC-200, SC-100, AZ-500) Experience with automation (Logic Apps, Power Automate, PowerShell/Python) Exposure to compliance frameworks (NIST, ISO 27001, Cyber Essentials) Familiarity with other SIEMs (Splunk, QRadar, LogRhythm) #SOC #MicrosoftSentinel #CyberSecurityJobs #ThreatDetection #WeAreHiring #MSSP More ❯

certifications desirable Extensive experience in cybersecurity, ideally in regulated environments Hands-on experience with tools such as Tenable, Qualys, Wiz, and AttackIQ Knowledge of cybersecurity standards and regulations (e.g., NIST CSF, PCI DSS, GDPR, ISO 27001, DPA 2018) Strong communication skills for technical and non-technical audiences Decisive and discreet under pressure, with strong judgment Self-motivated, organised, and able More ❯

and in a team. Bonus Points For: Microsoft certs: SC-200 , SC-100 , AZ-500 . Automation skills (Logic Apps, Power Automate). Knowledge of compliance frameworks: ISO 27001, NIST, Cyber Essentials . Experience with other SIEMs (Splunk, QRadar, etc.). Scripting (PowerShell, Python) for custom detection/response workflows. Eames Consulting is acting as an Employment Agency in relation More ❯

Management within the banking or financial services sector. -In-depth knowledge of ITSA, BIA, EIM, DR, and Cyber Security collaboration. -Strong understanding of regulatory requirements (e.g., FFIEC, ISO 27001, NIST, GDPR, etc.). -Familiarity with IT governance frameworks such as COBIT, ITIL, and risk frameworks like COSO or ISO 31000. -Experience conducting or supporting internal audits, control testing, or compliance More ❯

demonstrable use of Microsoft Purview for compliance, data classification, and DLP * Strong security operations knowledge across M365 and Azure environments * Awareness of regulatory frameworks such as ISO 27001, GDPR, NIST, Cyber Essentials+ * Comfortable working with senior IT, Compliance and Risk stakeholders Interested? Send your CV or reach out for a confidential conversation. Email More ❯

Security Lead - Leeds (Hybrid, 2 days per month in the office) Overview: Are you an experienced Risk & Security professional with a solid understanding of security frameworks such as ISO27001, NIST, and risk assurance? We are looking for a pragmatic and proactive Risk & Security Lead to join a forward-thinking organisation based in Leeds. In this key role, you will be … be in the office 2 separate days per month. Key Responsibilities: Lead and enhance the organisation's risk and security framework, ensuring alignment with best practices such as ISO27001, NIST, and other relevant standards. Provide risk assurance by identifying, assessing, and mitigating security risks across the business. Develop and implement effective risk management strategies, ensuring a balance of robust controls … guidance and training on risk and security best practices to stakeholders across the business. Key Requirements: Proven experience in a Risk & Security role with hands-on knowledge of ISO27001, NIST, and other security frameworks. Strong understanding of risk management principles and the ability to apply them pragmatically within an organisation. Experience in supporting and managing external audits, ensuring compliance and More ❯

DLP and compliance tools) and Azure Security Stack (including Microsoft Defender for Cloud, Microsoft Sentinel, Azure AD etc). Solid understanding of security frameworks (e.g., ISO 27001, Cyber Essentials, NIST, GDPR etc). Experience with vulnerability scanning, risk assessment, and remediation planning. Strong communication skills with the ability to work with both technical and non-technical teams. A proactive approach More ❯

Enterprise customers in a B2B SaaS context. Experience of working with B2C SaaS/reseller networks. Knowledge & Skills: An understanding of compliance frameworks such as GDPR, ISO 27001, SOC, NIST, HIPAA, etc and how they shape requirements. Knowledge of SQL (preferably DuckDB) for data analysis. An understanding of the current state and capabilities of LLMs for assessing AI opportunities. An More ❯

legal, and policy teams to develop, manage, and ensure compliance with industry regulations and internal policies Implement and support information security and privacy standards/frameworks (e.g. ISO 27001, NIST, CIS) Work directly with engineering teams and architects to review system and data architectures in line with best practices Analyse and communicate the impact of vulnerabilities, controls, and mitigations on … technical and non-technical audiences Manage stakeholder expectations across projects with a pragmatic, agile, and solution-oriented approach Key Skills & Experience In-depth knowledge of cybersecurity frameworks such as NIST, ISO 27001, and CIS Proven experience in a similar governance-focused role involving internal controls, risk management, and audit readiness Strong ability to bridge the gap between technical teams and More ❯

/GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience in auditing and implementing security standards such as ISO 27001/2, NIST CSF, and others. Exceptional verbal, written communication, and presentation skills. Ability to articulate technical requirements to non-technical audiences. Proven self-management skills and ability to work on multiple assignments More ❯

Are you a cloud infrastructure professional with a strong security focus? Are you looking for a broader role, offering the opportunity for continued learning and development while embracing tech for good? Do you have the skills to innovate and influence More ❯

Burp Suite, Metasploit, Cobalt Strike, Nmap , and custom scripting. Deep understanding of vulnerabilities (OWASP Top 10, MITRE ATT&CK) and exploitation methods. Experience delivering reports aligned to PTES, OWASP, NIST, or OSSTMM standards. Exceptional communicator who can translate complex technical issues for diverse audiences. Proven certifications like OSCP, eCPPT, CRTO, CREST CPSA/CRT , or equivalent. Bonus Points Red team More ❯

Drive innovation and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC 2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯