1 to 25 of 26 NIST Jobs in the City of London

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability More ❯

to work under pressure and manage multiple priorities effectively. Preferred Skills: Experience in regulated industries (e.g., finance, healthcare, critical infrastructure). Knowledge of compliance frameworks such as ISO 27001, NIST, GDPR, or CIS Familiarity with scripting or automation for incident response or scanning processes. Please feel free to contact myself - Daisy Nguyen at Gibbs Consulting/Atrium UK for a More ❯

work across strategic, operational, and technical domains. You should have: Cyber Expertise: 4+ years experience in cyber strategy, risk, maturity assessments, and operating models. Knowledge of frameworks such as NIST CSF, ISO27001, NCSC CAF, CRI 2.0. Exposure to regulatory environments including NIS2 and GDPR. Relevant certifications (e.g., CISSP, CISM, CISA, MSc in Cyber Security). Consulting Skills: Strong client-facing More ❯

in ICT security management and incident response (CIS and Cyber Essential Plus). Strong technical knowledge of Microsoft 365, Azure, and cloud security. Familiarity with frameworks like ISO 27001, NIST, and CIS. Excellent communication skills and a pragmatic, risk-based mindset. Relevant certifications (e.g. AZ-500, CISSP, CISM, CCSP) are highly desirable. This role offers hyrbid working (1-2 days More ❯

with regulatory expectations and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using More ❯

security posture. Experience & Knowledge: 8+ years in Information Security with a strong architecture focus. Expert in lateral movement risks, network segmentation, and endpoint security. Deep familiarity with security frameworks: NIST, ISO 27001, Zero Trust. Extensive experience with Windows and Linux hardening. Skilled in protocol analysis, network architecture, and infrastructure design. Technical Toolkit: Strong command of Azure Log Analytics, KQL, and More ❯

regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management, scenario-based testing, and oversight of third-party providers. More ❯

and problem-solving skills. Experience of working in a large, complex IT environment (preferably within Financial Services). Strong understanding of IT Security Standards and frameworks (such as ISO, NIST, GDPR). What We Offer Save For Your Future - Equiniti Pension Plan; Equiniti matches your pension contributions up to 10% All Employee Long Term Incentive Plan (LTIP) - Gives all EQ More ❯

senior stakeholders to deliver cyber risk solutions that protect operations, support compliance, and enable strategic growth. Key Responsibilities Lead cyber strategy and maturity assessments aligned to frameworks like ISO27001, NIST CSF, GDPR, and CAF Deliver cyber risk roadmaps and business-aligned security recommendations Translate technical insights into executive-level communications Mentor junior consultants and contribute to proposal or bid work More ❯

engaging with executive leadership and external stakeholders. What Were Looking For: Extensive experience in Information and Cyber Security, with strong strategic thinking and operational delivery. Familiarity with frameworks like NIST, Cyber Essentials Plus, and GovAssure. Proven leadership and people management skills in fast-paced environments. Experience in project delivery, risk management, and supplier negotiations. Excellent stakeholder engagement, especially at senior More ❯

environments. Integrate security into CI/CD pipelines through SAST, DAST, SCA, container scanning, and automated policy enforcement. Establish and govern secure architecture standards aligned to industry frameworks (e.g. NIST, OWASP, ISO 27001). Champion threat modelling and secure design throughout development lifecycles. Client Engagement & Pre-Sales Support Represent the security development function in client meetings and solution design. Contribute More ❯

an IAM solution across all aspects of the SDLC (Analyse, Design, Develop/Configure, Test, Deploy, Document) Understanding of regulatory frameworks, and their application to IAM, e.g. SOx, ISO27001, NIST, HIPAA, GDPR, PSD2, etc. Ideally, an education in Business, IT, IT security or related field Advantageous: Professional certifications such as CISSP, CISA, ITIL, etc. Product certifications from SailPoint, or other More ❯

and capability growth What We’re Looking For 5+ years in cybersecurity or cyber advisory Experience leading cyber transformation in a consulting or enterprise environment Deep understanding of frameworks: NIST, ISO27001, GDPR, NIS2, CAF Track record managing teams and complex project delivery Executive-level stakeholder management and influencing skills Certifications (CISSP, CISM, CISA, M.Inst.ISP) highly desirable This is a chance More ❯

IoT, AI, and more Influence system design to be secure by default , not by patch. 🧠 You Should Have: ✔️ 8+ years in security consulting or implementation ✔️ Expertise in frameworks like NIST, RMF, Common Criteria ✔️ Strong grasp of risk management , compliance, and threat mitigation ✔️ Clear communication across technical and business stakeholders ✔️ Curiosity and adaptability to stay on top of emerging technologies. 💡 Preferred More ❯

an IAM solution across all aspects of the SDLC (Analyse, Design, Develop/Configure, Test, Deploy, Document) Understanding of regulatory frameworks, and their application to IAM, e.g. SOx, ISO27001, NIST, HIPAA, GDPR, PSD2, etc. Ideally, an education in Business, IT, IT security or related field Advantageous: Professional certifications such as CISSP, CISA, ITIL, etc. Product certifications from SailPoint, or other More ❯

Tracker * Optional failure remediation support to control owners Key Skills/Knowledge: * Knowledge of IT domain, IT control frameworks, IT related regulations. * Knowledge of control and regulatory frameworks (e.g. NIST, PS21/3, COBIT, DORA, etc.). * Analytical Skills * Ability to take a rigorous and methodical approach to IT control testing * Exceptional stakeholder management and communication skills to engage effectively More ❯

we're looking for: Deep experience working in Security Operations, including working with MDR providers and SOC environments Strong knowledge of relevant frameworks and standards including: PCI-DSS GDPR NIST CSF CIS Critical Security Controls Cyber Essentials Plus Hands-on experience across Cloud Security, Identity and Access Management, Zero Trust, Security Service Edge (SSE), and SASE Proven ability to bridge More ❯

architecture Proven hands-on experience with Microsoft Azure services and cloud-native development Azure Solution Architect Expert certification or equivalent (preferred) Strong understanding of security frameworks (e.g., ISO 27001, NIST) Expertise in tools and services such as: Azure Functions, API Gateway, CosmosDB, Azure SQL, Event Grid, Kubernetes, Azure Maps, Service Fabric, DevBox, Synapse, Logic Apps, PowerBI, Redis Cache, CDN, Azure More ❯

ideally in energy generation, utilities, or other regulated sectors. Strong understanding of Operational Technology (OT) environments, including DCS, SCADA, and ICS, with alignment to NCSC CAF, IEC 62443, and NIST 800-82. Experience supporting Ofgem regulatory compliance, including ISSA returns and NIS Regulations. Demonstrated ability to lead complex programmes, manage multidisciplinary teams, and engage with technical, business, and regulatory More ❯

threats. What I'm Looking For: Proven experience completing internal and external cyber risk assessments. Experience conducting 3rd party and vendor risk assessments. Strong understanding of security frameworks (e.g., NIST, ISO 27001). Experience implementing, testing and validating security controls. Ability to assess risk against appetite and communicate findings in a business-solution focused way to technical and non-technical More ❯

Job Title: Security Governance Lead – NIST & Archer Expertise Location: London About the Role: Albany Beck is seeking a highly skilled Security Governance Lead to support a key financial services client in advancing its information security governance capabilities. This role requires deep expertise in NIST frameworks and Archer GRC, as well as strong leadership in centralising security policy management, controls, and … and stakeholder engagement. Required Experience and Skills: Proven experience in a security governance or risk management leadership role within the financial services or consulting industry. Strong working knowledge of NIST frameworks (e.g., NIST CSF, NIST 800-53). Hands-on experience with RSA Archer GRC platform, particularly in managing controls, risks, and compliance reporting. Excellent understanding of regulatory compliance requirements More ❯

design and delivery of cyber strategies for large-scale organisations. Develop actionable cyber transformation roadmaps aligned to business needs. Advise on regulatory compliance and governance frameworks (e.g. ISO27001, GDPR, NIST). Engage confidently with stakeholders across technical teams, risk functions, and board level. Oversee cyber risk assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in … cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills, able to present complex topics to senior stakeholders. Previous experience in a client-facing More ❯

risk management framework that aligns with the organizations strategic goals and objectives. This will be aligned to COBIT but also take into account other frameworks in use such as NIST and ITIL. Stakeholder Engagement: Engage with external stakeholders, including the Head of Risk Assurance, the Risk Assurance team and our internal audit partners, to ensure effective communication and compliance with … services or high regulation sector (for example Pharma). Demonstrable working knowledge of common IT processes and department functions. Working knowledge of a recognised Risk Management Framework, such as NIST, or as part of a more general framework such as COBIT (preferred) Excellent communication and influencing skills, with the ability to engage stakeholders at all levels. Experience in building risk More ❯

clear, meaningful reports for senior business and non-technical audiences. Create Board-level inputs and executive reporting packs with top-level narratives and insight-driven commentary. Ensure alignment with NIST frameworks and internal Cyber Risk Management principles. Identify, connect, and manage data sources, owners, systems, and submission cycles to ensure timely and accurate reporting. Conduct “check and challenge” analysis to … regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. Strong written and verbal communication More ❯