26 to 50 of 54 NIST Jobs in Bristol

vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables. Working knowledge of information security frameworks such as ISO27001, NIST, and CIS. If this sounds like a good opportunity, apply today. Unfortunately no sponsorship is on offer at this stage for this role. More ❯

experience in security assurance and risk management within defence, government, or high-security environments. Strong knowledge of security frameworks and standards such as RMADS, NIST, DEF STAN, and policies. Experience with accreditation processes and developing security risk balance cases. Familiarity with codes of connection (CoCo), Secure by Design, and security More ❯

and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans … testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing More ❯

experience in security assurance and risk management within defence, government, or high-security environments. Strong knowledge of security frameworks and standards such as RMADS, NIST, DEF STAN, and policies. Experience with accreditation processes and developing security risk balance cases. Familiarity with codes of connection (CoCo), Secure by Design, and security More ❯

design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's Able to translate technical risks into business language, collaborating with More ❯

My growing defence client is seeking a Security Architect with NIST framework experience. You'll join a leading organisation that develops cutting edge products and technology. Key Accountabilities : Identify security requirements and ensure the integration of security controls during the product development lifecycle. Develop and implement risk management strategies using … . An understanding of MOD ISN 23/09 Secure by Design. Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP. Experience of working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST … NIST 800-53) Why Join? You'll gain exposure to cutting-edge defence technology and intelligence insights, alongside good salary & benefits . The client offers flexible working options, with some hybrid/remote working. Apply now to be immediately considered for this fantastic opportunity. More ❯

Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST … NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST … NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST … NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa 80,000 Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource More ❯

role in safeguarding our cloud infrastructure and applications. - If you have expertise in AWS security, a strong understanding of security frameworks like ISO or NIST, and the ability to drive secure coding practices, we want to hear from you! The role. As an Application Security Engineer, you will be the … in-depth security reviews, including secure code reviews and threat modelling. Develop and implement security controls to align with frameworks such as ISO 27001, NIST, and CIS benchmarks. Collaborate with development teams to enhance secure coding practices and strengthen CI/CD pipeline security. Oversee and improve cloud security in … Strong experience in AWS cloud security and related tools (e.g., AWS Shield, Security Hub, IAM). Knowledge of security frameworks such as ISO 27001, NIST, or CIS benchmarks. Experience in application security reviews, vulnerability management, and security controls implementation. Familiarity with OWASP Top 10, CWE, and secure coding practices. Proficiency More ❯

re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP …/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches More ❯

re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP …/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches More ❯

objectives. This individual will provide architectural leadership across IT infrastructure, applications, and cybersecurity domains, with a strong emphasis on secure-by-design principles and NIST Risk Management Framework compliance. The role requires effective communication with senior client stakeholders and the ability to influence technical decisions through sound governance and evidence … premise infrastructure strategies. Cyber Security & Secure by Design Embed Secure by Design principles throughout the product lifecycle. Ensure architecture and solution designs comply with NIST controls, regulatory requirements, and internal cyber security policies. Collaborate with information architecture, security, risk, and compliance teams to assess architectural risk and apply appropriate mitigation … architecture (eg integration, APIs, data), and cyber security architecture (eg identity & access management, threat modelling, security controls). Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. Proven experience leading architecture governance in large-scale transformation programmes. Demonstrated ability to engage and influence More ❯

the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM … CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and More ❯

the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable: Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM … CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and More ❯

influence. What You'll Be Working On: You’ll support key client projects across a diverse and exciting portfolio, including: Framework Compliance : ISO 27001, NIST, PCI-DSS Security Assurance : Audit, controls assessment, reporting Third-Party Risk Assurance : Vendor risk reviews, supply chain assessments Cloud Security Advisory : Azure, AWS, Office … finish. You’ll Need: Proven experience in a security consulting role (client-facing or internal consulting) Strong understanding of Information Security frameworks (ISO 27001, NIST, PCI-DSS) Hands-on experience delivering security assessments, audits, or assurance reviews Awareness or experience with cloud platforms (Azure, AWS, Office 365) Ability to engage More ❯

Cyber Security Specialist page is loaded Cyber Security Specialist Apply locations Bristol posted on Posted Yesterday job requisition id R-153850 Cyber Security Specialist Salary Circa £60,000 Location: Bristol We have an incredible opportunity for an enthusiastic and ambitious More ❯

compliance, and policy. You will be responsible for developing and implementing internal control frameworks and defining policies in line with industry standards such as NIST and ISO 27001. Collaboration with various business units will be key to reducing risk and ensuring compliance with regulations. Key Responsibilities: Focus on risk management … and compliance, including policy and standards development. Map internal controls to industry standards such as NIST and ISO 27001. Build and define security policies, ensuring alignment with organizational goals. Develop and manage compliance frameworks using Microsoft tools such as SharePoint, Power BI, Power Automate, and Risk Automate. Work closely with … various regions. Identify and deliver service/control improvements and contribute lessons learned to future projects. Desired Skills and Qualifications: Certifications: CISA, CISM, CRISC, NIST, ISO 27001. Experience with building compliance frameworks and policies using Microsoft tools. Please apply if interested More ❯

mitigation strategies. Conducting security code reviews and offering guidance to ensure a secure-by-design approach. Ensuring products meet key regulatory standards (ISO 27001, NIST 800 series, JSPs, Def Stans). Authoring vital security documentation, including RMADS and Security Assurance Documents. Performing penetration testing and coordinating remediation efforts. What You … Bring: A solid understanding of security frameworks such as ISO 27001/2, ISO 31000, NIST 800-30/37/53. Hands-on experience with Defence Standards (JSPs, HMG, Def Stan 05-138/139). Strong knowledge of security testing tools and techniques. Excellent communication skills — able to … explain complex risks and solutions clearly. A proactive, problem-solving mindset with a high level of personal integrity and professional ethics. Experience with NIST standards. (this is an absolute must) You'll Succeed Here If You: Thrive on solving complex problems with innovative, practical solutions. Communicate clearly, confidently, and with More ❯

mitigation strategies. Conducting security code reviews and offering guidance to ensure a secure-by-design approach. Ensuring products meet key regulatory standards (ISO 27001, NIST 800 series, JSPs, Def Stans). Authoring vital security documentation, including RMADS and Security Assurance Documents. Performing penetration testing and coordinating remediation efforts. What You … Bring: A solid understanding of security frameworks such as ISO 27001/2, ISO 31000, NIST 800-30/37/53. Hands-on experience with Defence Standards (JSPs, HMG, Def Stan 05-138/139). Strong knowledge of security testing tools and techniques. Excellent communication skills — able to … explain complex risks and solutions clearly. A proactive, problem-solving mindset with a high level of personal integrity and professional ethics. Experience with NIST standards. (this is an absolute must) You'll Succeed Here If You: Thrive on solving complex problems with innovative, practical solutions. Communicate clearly, confidently, and with More ❯

JSP604/JSP453 (plus other standard MoD IA methods). Experience with IT Computer Systems and interconnecting systems and networks. Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable: Certified Information Security Manager Principles (CISMP) or equivalent. Associate/Full Membership … of recognised security professional body such as the Institute of Information Security Professionals (IISP), IS2, BCS. Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents … or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration More ❯

with ideal candidates having good knowledge/understanding of Governance Risk & Compliance (GRC), specifically around HMG/MOD frameworks such as Secure by Design, NIST, and ISO 27001. Because of the nature of the work and customers you could end up supporting, this role would suit a service leaver/… JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment methods Experience with ISO/IEC 27001 audits and cyber security assurance Supplier assurance and supply chain security expertise More ❯

with ideal candidates having good knowledge/understanding of Governance Risk & Compliance (GRC), specifically around HMG/MOD frameworks such as Secure by Design, NIST, and ISO 27001. Because of the nature of the work and customers you could end up supporting, this role would suit a service leaver/… JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment methods Experience with ISO/IEC 27001 audits and cyber security assurance Supplier assurance and supply chain security expertise More ❯

Design Conduct threat modelling exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30/37/53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security documentation like RMADS … and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan 05-138, Def Stan 05-139) Experience with security testing More ❯