17 of 17 NIST Jobs in Bristol

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

need all of these. Experience in a hands-on Cyber Security focused role, primarily in the data security domain. A strong & demonstratable knowledge of security frameworks, standards and regulations (NIST, GDPR for example). Familiarity with cloud security principles and experience working with cloud platforms such as AWS and Snowflake. A clear and demonstratable understanding of data science principles and More ❯

lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability … assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. More ❯

. Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing. Experience in risk management, vendor security assessments, and compliance. Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST CSF, and GDPR. Ability to support internal/external audits and drive remediation efforts. UK Permanent Residency or Citizenship Required More ❯

in Cyber Security Good understanding of core security principles and tools Exposure to network security, vulnerability management, or risk assessments (preferred) Familiarity with security frameworks such as ISO 27001, NIST, or PCI DSS (preferred) Professional certifications like Security+, CEH, or CISSP are desirable Analytical mindset, attention to detail, and a proactive approach to learning What You'll Get Dedicated Mentorship More ❯

in Cyber Security Good understanding of core security principles and tools Exposure to network security, vulnerability management, or risk assessments (preferred) Familiarity with security frameworks such as ISO 27001, NIST, or PCI DSS (preferred) Professional certifications like Security+, CEH, or CISSP are desirable Analytical mindset, attention to detail, and a proactive approach to learning What You'll Get Dedicated Mentorship More ❯

Architecture, Secure Systems, Network & Cloud Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP More ❯

to IT Director & leadership Oversee security assessments, audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks & strategies at executive level Full More ❯

with the ability to interface at the highest level and exhibit good verbal, written and presentation skills. Experience of working within key Cyber Security principles and standards (ISO 27001, NIST, Cyber Essentials, MITRE). [i] Experience working in a customer-facing role desirable. You should have experience in managing team driven workloads. Demonstrable experience driving continuous improvement initiatives. Benefits & culture More ❯

sharing across teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138/… . Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches challenges with innovation and critical thinking. Highly organised with a methodical approach More ❯

Desirable: Experience delivering into MOD, relevant governance and security policy, processes, and practices (inc Joint Service Publications 604, 440). Knowledge of national and international security frameworks such as NIST SP 800 Series. Experience managing agile teams, DevOps engineering teams and CI/CD. Practical experience managing requirements, verification, validation and acceptance. Certifications in relevant technologies, products, methodologies or frameworks. More ❯

collaborative team of infrastructure and DevOps engineers Build secure, scalable infrastructure (Windows/Linux, VMs, containers) Drive CI/CD, automation, and Infrastructure as Code practices Ensure compliance with NIST, NCSC, CIS, JSP, and ISO 27001 Oversee backup, DR, and business continuity strategies Maintain strong cyber hygiene and proactively manage vulnerabilities Create documentation and a knowledge-sharing culture Work cross … hands-on expertise with strategic oversight. Essential Experience & Skills: Proven experience in secure IT infrastructure & DevOps leadership Strong technical background in systems administration & automation Solid grasp of compliance frameworks (NIST, NCSC, JSP) Excellent communication and stakeholder management Tech Stack You’ll Work With: OS: Windows Server, Hardened Linux Containers/Orchestration: Docker, Kubernetes, Portainer DevOps Tools: Jenkins, Artifactory, Jira, Azure More ❯

response and contribute to security awareness across teams. Clearly communicate risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001/2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan 05-138/139). More ❯

include: Creating business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government … of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a given … of the Cyber Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯

and resolve infrastructure and deployment issues efficiently. Collaborate with developers to ensure smooth integration of code and infrastructure. Implement and maintain technical security controls aligned to frameworks such as NIST 800-53, CIS Benchmarks, and JSP standards. Maintain technical documentation and contribute to the infrastructure knowledge base. Support backup and disaster recovery processes and ensure business continuity measures are in … and orchestration using Docker and Kubernetes. Experience working with DevOps tools such as Jenkins, Azure DevOps, Artifactory, and Git. Understanding of secure system design and relevant security standards (e.g. NIST, NCSC, CIS, JSP). Familiarity with virtualization platforms (e.g., Nutanix, VMware). Working knowledge of monitoring and security tools (e.g., Wazuh, Nessus, PRTG, Microsoft Defender). Ability to quickly absorb More ❯

Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this More ❯

Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this More ❯