9 of 9 Remote NIST Jobs in Bristol

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated More ❯

Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches More ❯

Architecture, Secure Systems, Network & Cloud Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP More ❯

Asset Owner forms, Supplier Assurance Questionnaires. Experienced in relevant Security Policy and Cyber Security Frameworks including the GovS 007, MOD Secure by Design (SbD), ISO27001 - Information Security Management Systems, NIST, NCSC IA Guidance Qualifications for the Cyber Security Lead Educated to degree level or holds a relevant professional qualification or equivalent experience. Security Clearance The successful candidate must be able More ❯

of action The ability to understand how architects and designers employ technology to build systems of interest Digitally literate (including fluency in Microsoft Office tools) Able to understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯

statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint More ❯

opportunity has arisen to join our InfoSec team as a Security GRC Analyst, to assist in the delivery of security compliance assurance to frameworks such as PCI-DSS and NIST Cyber Security Framework. You will be managing security governance processes including Third Party Security Risk Management, and delivering controls assurance. What you'll be doing Assisting in meeting compliance requirements … within HL, such as PCI-DSS and in line with frameworks such as SWIFT CSCF, CSA CCM and NIST CSF. Assist with the technical security aspects of third-party security risk by conducting security due diligence and risk assessments for vendors, suppliers, partners, and contractors. Develop and mature processes and procedures for third party security risk management, including due diligence … in liaising with stakeholders at all levels and be confident in influencing business areas to meet compliance requirements. Demonstrable experience of working with compliance and risk management in a NIST CSF (Preferable) or ISO27001 aligned environment, along with an understanding of PCI-DSS. Experience in managing supply chain risk, including due diligence, risk escalation and treatment. Good writing capabilities, analytical More ❯

include: Creating business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government … of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a given … of the Cyber Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯