6 of 6 NIST Jobs in the East Midlands

and the wider estate are sufficiently tested for signs of vulnerability. Governance, Risk & Compliance (GRC) Ensure audit readiness, control effectiveness (key SOX/ITGC, NIST/ISO mappings), and remediation governance; lead policy lifecycle and attestations. Oversee the enterprise risk process (RCSA, KRIs), executive reporting, and board risk briefings. Improve ...

Governance, Risk & Compliance Own cyber risk management and contribute to the enterprise risk register. Ensure compliance with relevant standards and frameworks (e.g. ISO 27001, NIST, Cyber Essentials, ICS security guidance). Define and maintain cyber security policies, standards, and procedures across IT and OT. Support audits, assessments, and regulatory ...

and real incidents Own cyber risk management and contribute to the enterprise risk register. Ensure compliance with relevant standards and frameworks (e.g. ISO 27001, NIST, Cyber Essentials, ICS security guidance). Define and maintain cyber security policies, standards, and procedures across IT and OT. Support audits, assessments, and regulatory ...

multiple systems and locations Understanding of cybersecurity principles, identity management and data protection, with exposure to frameworks such as Cyber Essentials Plus, CIS or NIST Familiarity with IT service management practices (e.g. ITIL) and managing support tickets against SLAs Experience working with endpoint protection or MDR solutions (e.g. SentinelOne) Excellent ...

and insight to senior stakeholders About You Experience within cyber GRC, IT audit, or risk management Strong understanding of frameworks such as ISO 27001, NIST, or similar Confident communicator, able to translate technical risks into business impact Proactive and detail-oriented, with a collaborative approach ...

National Infrastructure (CNI) • Other highly regulated environments Ideal background: • Security Assurance/GRC/Operational Risk • Supplier assurance/third-party risk • ISO27001/NIST/NCSC CAF exposure • Practical assurance model design • Stakeholder engagement across technical and operational teams Contract: • Initial 10–12 weeks • Hybrid working • June start anticipated ...