1 to 25 of 59 NIST Jobs in Bristol

security policies, standards, and procedures Work with IT and development teams to implement secure system designs and configurations Support compliance initiatives (e.g., ISO 27001, NIST, GDPR, PCI-DSS) by assisting with audits and documentation Conduct security awareness training and phishing simulations for employees Keep up-to-date with the latest More ❯

CI/CD pipelines for secrets management. Familiarity with other PAM tools (e.g., BeyondTrust, Thycotic) is a plus. Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001). Soft Skills: Strong communication and interpersonal skills. Ability to work independently and as part of a team. Detail-oriented with a focus More ❯

efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/ More ❯

in a hands-on Cyber Security focused role, primarily in the data security domain. A strong & demonstratable knowledge of security frameworks, standards and regulations (NIST, GDPR for example). Familiarity with cloud security principles and experience working with cloud platforms such as AWS and Snowflake. A clear and demonstratable understanding More ❯

li> Collaborate with IT and DevOps teams to harden systems and networks Support compliance efforts (e.g., ISO 27001, NIST, GDPR) Contribute to threat intelligence and detection rule tuning Participate in red/blue team exercises and More ❯

cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent. Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO/IEC 27001. SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending More ❯

Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security More ❯

architecture frameworks (e.g., TOGAF). • Certifications such as AWS Certified Solutions Architect or Azure Solutions Architect Expert. • Familiarity with security and compliance frameworks (ISO, NIST). • Experience with Agile methodologies and DevOps environments. Additional Information • Private healthcare for you and your family. • 25 days annual leave plus a bonus half More ❯

at the highest level and exhibit good verbal, written and presentation skills. Experience of working within key Cyber Security principles and standards (ISO 27001, NIST, Cyber Essentials, MITRE). [i] Experience working in a customer-facing role desirable. You should have experience in managing team driven workloads. Demonstrable experience driving More ❯

security assessments, audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks More ❯

security assessments, audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks More ❯

log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding of incident response following NIST 800-61 guidelines incorporating containment, eradication and recovery phases. Experience with digital forensics and investigations, including evidence collection and chain-of-custody protocols. Should have More ❯

Enhancement: Contribute to the development and refinement of enterprise security architecture methodologies, such as TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate … Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains:

Identity and Access Management: Expertise in PAM … Control). Microsoft Cybersecurity Expert incl. M365 Security, Azure Security, Identity & Access Management and Security Operations. AWS Security. NIST Cybersecurity Professional (NCSP) Practitioner. ISO27001. Vendor Qualifications - Cisco, VMware, Fortinet, Checkpoint etc. Chartered membership in professional security bodies. More ❯

EntraID or similar platforms. Ddemonstrated ability to engage with auditors, compliance teams, and key business stakeholders. Knowledge of industry frameworks such as ISO 27001, NIST, or other security governance models. Privileged Access Management (PAM) experience. Benefits Motability Operations is a unique organisation, virtually one of a kind. We combine a More ❯

in a hands-on Cyber Security focused role, primarily in the data security domain. A strong & demonstratable knowledge of security frameworks, standards and regulations (NIST, GDPR for example). Familiarity with cloud security principles and experience working with cloud platforms such as AWS and Snowflake. A clear and demonstratable understanding More ❯

relevant governance and security policy, processes, and practices (inc Joint Service Publications 604, 440). Knowledge of national and international security frameworks such as NIST SP 800 Series. Experience managing agile teams, DevOps engineering teams and CI/CD. Practical experience managing requirements, verification, validation and acceptance. Certifications in relevant More ❯

site Support the creation of project-specific security documentation and assurance strategies Skills & Experience: Experience leading ISO 27001 and cybersecurity governance Strong knowledge of NIST CSF, ISO 27005, and DCPP frameworks Confident communicator with a security-first mindset Comfortable being both strategic and hands-on Qualifications like CISSP (preferred), CISM More ❯

site Support the creation of project-specific security documentation and assurance strategies Skills & Experience: Experience leading ISO 27001 and cybersecurity governance Strong knowledge of NIST CSF, ISO 27005, and DCPP frameworks Confident communicator with a security-first mindset Comfortable being both strategic and hands-on Qualifications like CISSP (preferred), CISM More ❯

awareness across teams. Clearly communicate risks to technical and non-technical stakeholders. What We’re Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001/2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan More ❯

awareness across teams. Clearly communicate risks to technical and non-technical stakeholders. What We’re Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001/2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan More ❯

awareness across teams. Clearly communicate risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001/2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan More ❯

role within a tech, managed services, or regulated environment. Strong understanding of risk management, compliance frameworks, and international regulatory landscapes. Familiarity with ISO 27001, NIST, GDPR, DORA, NIS2, and other relevant standards. Excellent communication skills and the ability to influence senior stakeholders. Fluent English is required; Spanish or German is More ❯

life cycle of a system Provision of authoritative specialist security advice in Risk and threat-based mitigation to system designs Control frameworks such as NIST, ISO, CIS Protective monitoring, Authentication and authorization best practices. Develop excellent working relationships with key stakeholders, peers and subordinates. Communicating effectively verbally and in writing More ❯

and non-trivial security issues. Support technical teams in resolving vulnerabilities and strengthening security measures. Develop and maintain security testing methodologies aligned with OWASP, NIST, and CIS Controls . Integrate security testing into the CI/CD pipeline to detect and fix vulnerabilities early. Ensure compliance with industry security regulations More ❯

ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue … development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain … coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is More ❯