5 of 5 NIST 800 Jobs in the East of England

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

procedures, including internal security processes, phishing response procedures, and vendor security evaluation protocols. •Consult with the IT Security Team on policy development and maintenance, particularly in alignment with NIST 800-171 and Microsoft best practices. Drive effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant … including firewalls, IDS/IPS, VPN, remote access, security logging, vulnerability management, security incident response, and penetration testing. •Preferred qualifications include relevant Information Security Certifications, and experience with NIST 800-171, and HECVAT. •A demonstrated ability to analyze and respond to security incidents, incident evaluation, and detect patterns in complex security data sets. •Experience providing analysis More ❯

how product security specialism is aligned. Engineering degree with minimum 5 years' experience in product security and CISSP, CISM or equivalent qualification Practical experience of risk management frameworks (NIST SP800-37, ISO27001) Practical experience of risk assessment processes (NIST SP800-30 and ISO 27005) Practical experience of applying security controls (NIST SP800-53 and More ❯

ISC2Certified Information System Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation More ❯

monitoring, alerting, and auditability solutions to support a secure, multi-cloud, geo-distributed workforce. Design, implement, and continuously improve Roku's Zero Trust Architecture, aligning with NIST SP 800-207 and SP 1800-35 guidance. Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives. Identify and implement automation … GCP is a plus Solid understanding of SaaS platforms and their identity integration Understanding of Zero Trust Architecture principles Familiarity with IT security frameworks and compliance standards (e.g., NIST, GDPR, SOC 2, PCI DSS, HIPAA) Awareness of logging, monitoring, and alerting practices related to identity and access events Basic understanding of email security and DNS Backup and recovery More ❯