26 to 50 of 53 NIST Jobs in Central London

security frameworks, policies, and controls Act as the senior hands-on security authority across the organisation Ensure alignment with recognised security frameworks (ISO 27001, NIST, CIS, SOC2, etc.) Embed security by design across infrastructure, cloud, networks, and applications Lead incident response, vulnerability management, and threat mitigation Partner closely with engineering ...

through the full system lifecycle, including design, delivery, and operational stages. Implement best practices across authentication, authorization, protective monitoring, and control frameworks such as NIST, ISO, and CIS. Communicate complex technical solutions effectively to both technical and non-technical stakeholders, including presenting and writing guidance documentation. We are looking ...

relevant certification (e.g., CISA, CRISC, CISM). Strong understanding of IT general controls and application controls. Familiarity with frameworks and standards such as COBIT, NIST, ISO 27001, and SOX. Knowledge of cloud technologies, cybersecurity principles, and data privacy practices. ...

defining and implementing controls in ERP systems in collaboration with auditors. Familiarity with enterprise and security architectures and standards (SOX, PCI, ISO 27001, HIPAA, NIST). Excellent stakeholder management, communication, and influencing skills. Ability to work independently in a matrix organization. Flexible to travel across locations as required. English language ...

analyse security findings and implement effective technical remediation Strong understanding of security controls, policies, and technical standards Desirable Experience working with ISO 27001, NIST, or similar frameworks Exposure to security architecture or secure system design ...

ensure secure and compliant operations. Key Responsibilities Deliver security assurance across cyber, IT, cloud, and third parties Assure controls aligned to ISO 27001, NIST, SOC2 Own audit readiness and support internal/external audits Maintain security risk register and track remediation actions Provide assurance over IAM/PAM, vulnerability management ...

needed to be managed holistically (not just at a technical-control level). Knowledge of relevant security standards or frameworks (e.g., NCSC, ISO 27001, NIST, etc.) is a plus. ...

development and advisory activities in cybersecurity governance. Skills and Experience: Experience designing or implementing secure solutions based on regulatory frameworks such as ISO, NIS, NIST, TISAX, DORA, NCSC CAF, or IEC62443. Background in GRC consulting or cybersecurity governance. Ability to balance security, compliance, usability, agility, and cost considerations. Experience creating ...

SageMaker), Kubernetes, Terraform/CDK ML Ops & Automation: MLFlow, feature stores, model monitoring, A/B testing Data Security & Compliance: Secure SDLC, ISO/NIST, data governance, GDPR-compliant pipelines Collaboration & Control: Git-based workflows, Jira, Confluence, automated testing suites Must-have experience 🌳 Proven delivery of data science models ...

teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Key Responsibilities – Cyber Security & Centralised Services Manager: Serve as the primary escalation point for complex IT and cybersecurity incidents, including malware … remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with ...

research, exploit development, threat emulation, or closely related offensive research and simulation activities Strong knowledge of security frameworks such as MITRE ATT&CK, OWASP, NIST or equivalent industry frameworks and models Hybrid working,3 days in office. Look forward to hearing from ...

requirements throughout the system delivery and operational lifecycle Providing specialist security advice on: Risk-based and threat-based mitigation strategies Security frameworks such as NIST, ISO, CIS Authentication, authorisation, and protective monitoring best practices Developing strong working relationships with stakeholders, peers and teams Communicating complex technical concepts clearly ...

projects and workstreams. Programme & Project Manager skills, with either MSP, PRINCE2 Practitioner or PMP. Some appreciation of security or regulatory frameworks such as ISO27001, NIST, SOX, etc. Delivery and management of programme budgets, often in excess of £5m. Delivery of large company rollout of Microsoft core technologies. Programme planning tools ...

Are you an accomplished IT Security Engineer (Application &/or Infrastructure/Cloud focused) , looking to make your next move into a small team of like-minded, security focused people? Would you relish the opportunity ...

CORS issues. Documentation & Reporting – Ability to create detailed test plans, risk logs, and clear vulnerability reports. Compliance Awareness – Familiarity with ISO 27001, PCI-DSS, NIST guidelines. ...

CORS issues. Documentation & Reporting – Ability to create detailed test plans, risk logs, and clear vulnerability reports. Compliance Awareness – Familiarity with ISO 27001, PCI-DSS, NIST guidelines At Cognizant you will experience an exciting mix of innovation by design, creativity, collaboration, and efficiency within a framework of stimulating objectives and ...

cycle . Authoritative Security Advice in the provision of specialist guidance on: Risk and threat-based mitigation for system designs. Control frameworks such as NIST, ISO, and CIS . Best practices for protective monitoring, authentication, and authorization . Stakeholder Management: Ability to develop excellent working relationships with key stakeholders, peers ...

failover and service continuity testing. Experience working with or managing third-party service providers. Understanding of BCP/DR frameworks such as ISO 22301, NIST, or FCA Operational Resilience (desirable). ...

version migration, security compliance, and post-upgrade validation •CyberArk Safe Design & Policy Enforcement Define and maintain Safes, RBAC structures, and master policies aligned to NIST 800-53 and Zero Trust principles •Automation Write scripts for automated onboarding of privileged accounts into CyberArk safes. •3rd party non-standard Connector Development ...

Cyber Security Engineer (Hedge Fund) - Python/Powershell/SQL/Tableau BI/NIST/CISSP/CISA - PERM We are seeking a Cyber Security Risk Engineer with a robust background in the full suite of modern technologies employed within an enterprise environment. This role requires a deep understanding … information security, compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk management frameworks (eg, NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector is a plus. Exceptional analytical, communication, and report-writing skills, with the ability ...

security trends, recommend improvements, and implement innovative solutions to stay ahead of evolving threats Required Skills: Strong working knowledge of industry standards such as NIST, ISO 27001, and PCI DSS Proven experience managing vulnerability scans, cloud security, and endpoint security tools Familiarity with email security protocols, threat management, and security … certifications such as CISSP, CCSP, CASP+, AZ-500 or equivalent Experience with forensic investigations and incident response activities Knowledge of additional security frameworks like NIST, CIS, or industry-specific standards Familiarity with compliance and audit processes within ISO, PCI-DSS or SOC2 environments Preferred Education and Experience: Bachelor's degree ...

costs to Class 4 estimate). Delivery Project Plan (work breakdown structure, stage gates, dependencies, critical path). Security & Compliance Controls mapping (ISO 27001, NIST, GDPR alignment). Risk Register and Mitigation Plan (including security risks during migration). Stakeholder Engagement & Governance Plan (EICTH Futures tollgates, comms plan). Migration … costs to Class 4 estimate). Delivery Project Plan (work breakdown structure, stage gates, dependencies, critical path). Security & Compliance Controls mapping (ISO 27001, NIST, GDPR alignment). Risk Register and Mitigation Plan (including security risks during migration). Stakeholder Engagement & Governance Plan (EICTH Futures tollgates, comms plan). Migration ...

comprehensive Delivery Project Plan, detailing work breakdown structure, stage gates, dependencies, and critical path. Map Security & Compliance Controls in alignment with ISO 27001, NIST, GDPR. Create a Risk Register and Mitigation Plan, focusing on security risks during migration. Engage stakeholders and govern through the tollgates and communications plan. Outline … segmentation, and Zero Trust architecture. Experience with threat detection/response, SIEM integration, and incident response. Familiarity with compliance frameworks such as ISO 27001, NIST, and GDPR. Knowledge of cloud & hybrid networking, including AWS/Azure/GCP networking (VPC/VNet, Transit Gateway, cloud firewalls), and hybrid integration. Proficiency ...

environments. Apply Zero Trust principles and industry-standard security framework controls to IAM processes. Compliance & Security: Ensure IAM solutions adhere to CAF, eCAF, NIST, and other regulatory frameworks. Conduct access audits, identity risk assessments, and compliance reporting. Work closely with cybersecurity, risk, and compliance teams to align IAM strategies with … compliance workflows, and enterprise application integration. Privileged Access Management: CyberArk – Vault administration, credential rotation, JIT access, session monitoring, compliance reporting. Security & Compliance: CAF, eCAF, NIST frameworks; IAM controls for critical infrastructure; incident response and threat detection. Preferred Certifications: Microsoft Certified: Identity and Access Administrator Associate Okta Certified Administrator/Professional ...

Responsibilities Reporting into the Director of Technology, you will: Own and evolve the organisation’s Information and Cyber Security strategy and roadmap, aligned to NIST Act as the senior technical authority for cyber security, able to engage deeply with architecture, designs, and risk trade-offs Talk audit and risk (!) – talk … experience managing SOCs and external security service providers Experience of working at board level working with audit and risk committees. Practical working knowledge of NIST and experience supporting Cyber Essentials Plus or similar frameworks Confidence engaging with engineers, architects, Heads of Infrastructure, programme leaders, executives, and non-technical stakeholders Nice ...