11 of 11 Remote NIST Jobs in Bristol

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

need all of these. Experience in a hands-on Cyber Security focused role, primarily in the data security domain. A strong & demonstratable knowledge of security frameworks, standards and regulations (NIST, GDPR for example). Familiarity with cloud security principles and experience working with cloud platforms such as AWS and Snowflake. A clear and demonstratable understanding of data science principles and More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability … assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. More ❯

in Cyber Security Good understanding of core security principles and tools Exposure to network security, vulnerability management, or risk assessments (preferred) Familiarity with security frameworks such as ISO 27001, NIST, or PCI DSS (preferred) Professional certifications like Security+, CEH, or CISSP are desirable Analytical mindset, attention to detail, and a proactive approach to learning What You'll Get Dedicated Mentorship More ❯

in Cyber Security Good understanding of core security principles and tools Exposure to network security, vulnerability management, or risk assessments (preferred) Familiarity with security frameworks such as ISO 27001, NIST, or PCI DSS (preferred) Professional certifications like Security+, CEH, or CISSP are desirable Analytical mindset, attention to detail, and a proactive approach to learning What You'll Get Dedicated Mentorship More ❯

Architecture, Secure Systems, Network & Cloud Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP More ❯

sharing across teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138/… . Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches challenges with innovation and critical thinking. Highly organised with a methodical approach More ❯

Desirable: Experience delivering into MOD, relevant governance and security policy, processes, and practices (inc Joint Service Publications 604, 440). Knowledge of national and international security frameworks such as NIST SP 800 Series. Experience managing agile teams, DevOps engineering teams and CI/CD. Practical experience managing requirements, verification, validation and acceptance. Certifications in relevant technologies, products, methodologies or frameworks. More ❯

response and contribute to security awareness across teams. Clearly communicate risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001/2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan 05-138/139). More ❯

include: Creating business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government … of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a given … of the Cyber Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯