351 to 375 of 458 NIST Jobs in England

threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all … Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM More ❯

secure on-premise network architectures including segmentation, access control, and perimeter defence. Collaborate with other teams to ensure compliance with internal security policies and external regulations (e.g., ISO 27001, NIST, GDPR). Threat Intelligence - analyse potential threats, identify vulnerabilities, and implement measures to mitigate risks. Conduct vulnerability scans, validate findings and use a risk-based approach to track and manage … KQL, Azure RBAC, Privileged Identity Management (PIM). Specific knowledge of AWS security stack would be beneficial including GuardDuty, CloudWatch and SecurityHub Familiarity with industry frameworks: MITRE ATT&CK, NIST, CIS, PCI-DSS. Excellent incident response, problem-solving, and communication skills. Preferred Certifications: Microsoft Certified: Cybersecurity Architect Expert (SC-100) Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Certified More ❯

This position is critical to ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 . If you're … security controls throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … Support incident response efforts and coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling More ❯

This position is critical to ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 . If you're … security controls throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … Support incident response efforts and coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling More ❯

This position is critical to ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 . If you're … security controls throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … Support incident response efforts and coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling More ❯

This position is critical to ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 . If you're … security controls throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … Support incident response efforts and coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling More ❯

This position is critical to ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 . If you're … security controls throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security policies … Support incident response efforts and coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is essential Proficiency in threat modelling More ❯

Strong understanding of Operational Technology (OT) environments, with hands-on experience in securing and modernising legacy systems, including DCS, SCADA, and ICS, aligned to NCSC CAF, IEC 62443, and NIST 800-82. Direct experience supporting Ofgem regulatory reporting and compliance, including preparation of ISSA returns, evidence packs, and action tracking in line with NIS Regulations and sector-specific cyber More ❯

policies and standards. What you'll need: Proven experience working within Information Security. Strong understanding and working knowledge of industry best practices of frameworks and standards (e.g., ISO27000, ISF, NIST, CIS, National Cyber Security Centre, ISMS, PCI/DSS) or similar. Strong understanding of laws and regulations relating to the protection of information i.e., GDPR. Good understanding cloud architecture, security More ❯

ideally in energy generation, utilities, or other regulated sectors. Strong understanding of Operational Technology (OT) environments, including DCS, SCADA, and ICS, with alignment to NCSC CAF, IEC 62443, and NIST 800-82. Experience supporting Ofgem regulatory compliance, including ISSA returns and NIS Regulations. Demonstrated ability to lead complex programmes, manage multidisciplinary teams, and engage with technical, business, and regulatory More ❯

ideally in energy generation, utilities, or other regulated sectors. Strong understanding of Operational Technology (OT) environments, including DCS, SCADA, and ICS, with alignment to NCSC CAF, IEC 62443, and NIST 800-82. Experience supporting Ofgem regulatory compliance, including ISSA returns and NIS Regulations. Demonstrated ability to lead complex programmes, manage multidisciplinary teams, and engage with technical, business, and regulatory More ❯

non-technical teams, translating complex concepts into actionable plans. What You’ll Need: Experience delivering cyber security in OT environments (e.g., SCADA, ICS, DCS). Knowledge of frameworks like NIST, CAF, and NCSC guidelines. Excellent communication skills, with the ability to bridge the gap between technical and business stakeholders. This is a unique opportunity to step into a senior, impactful More ❯

+, or similar). Experience in Cyber Security (Security Operations, Risk Mitigation, Incident Management, Vulnerability Management, or similar disciplines). Experience in Compliance and Governance (ISO (phone number removed), NIST, GDPR, Cyber Essentials, or similar frameworks). Can build and develop strategic business relationships. 5+ years Technical Information Technology background/experience. Effective communication with people at all levels. What More ❯

Sales, Cybersecurity or similar technical consultancy role (MSP/reseller experience preferred). Strong understanding of incident response, SOC operations, and endpoint security. Familiarity with security standards (ISO27002, CIS, NIST, CAF). Experience with technologies such as SSE, SASE, SIEM, MDR/EDR. Confident in customer-facing engagements and solution design. Excellent communication, documentation and stakeholder management skills. Engineer certifications More ❯

Sales, Cybersecurity or similar technical consultancy role (MSP/reseller experience preferred). Strong understanding of incident response, SOC operations, and endpoint security. Familiarity with security standards (ISO27002, CIS, NIST, CAF). Experience with technologies such as SSE, SASE, SIEM, MDR/EDR. Confident in customer-facing engagements and solution design. Excellent communication, documentation and stakeholder management skills. Engineer certifications More ❯

full project lifecycle from pre-bid to project hand-over into service. Experience of multi-discipline system integration projects. Basic knowledge of OT cybersecurity (standards such as IEC62443/NIST etc.) and functional safety per IEC 61508 is advantageous. Personal Qualities: Capable of leading technical teams with strong operational rigour. Ability to multi-task on a variety of projects to More ❯

Skills What you'll bring: 5+ years experience control testing, internal audit, or risk management. Strong understanding of control testing frameworks and methodologies (notably COSO, UK SOX, ISO 27001, NIST, PCI DSS). Knowledge of regulatory frameworks and industry standards. Experience managing multiple testing activities simultaneously. Familiarity with industry-specific regulatory requirements and their implications for control environments. Experience with More ❯

Design of security infrastructure and tools to support a SOC's mission of monitoring, detecting, analysing, and responding to cyber threats. Knowledge of the following policies and process. Required: NIST NCSC SOC Guidance NCSC CAF (CNI) Desirable: MoD JSP 440 MoD JSP 503 MoD JSP More ❯

maturity tracking. Knowledge: Experience of working in an engineering environment. Experience of Test Equipment design. The applicant having an understanding of the cyber security controls as set out in NIST SP (Apply online only) and how they affect application development. Experience in setting up Microsoft Windows security policies An understanding of IT infrastructure and terminology More ❯

threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all … Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM More ❯

third-party experts, consultants, and managed service providers to deliver specialised solutions. Develop and execute a comprehensive cybersecurity strategy, ensuring alignment with business objectives and regulatory requirements (ISO 27001, NIST, GDPR). Proactively monitor, detect, and respond to security threats, vulnerabilities, and breaches, leading incident response and forensic investigations. Conduct regular security audits, penetration testing, and risk assessments, implementing corrective … expertise in cybersecurity, infrastructure, and preferably digital transformation. Network security (firewalls, VPNs, SIEM, zero-trust architecture). Cloud security (Azure, AWS, hybrid environments). Compliance frameworks (GDPR, ISO 27001, NIST). Experience managing ERP systems, IT budgets, and projects. Industry certifications (CISSP, CISM, CCNP, CEH, ITIL). Preferred. Strategic thinker with the ability to translate technical concepts into business value. More ❯

analysis, SOC operations, and incident handling skills. Substantial experience in information security across different industries, platforms, and applications. Experience conducting IT compliance assessments (IT General Controls and Audits, PCI, NIST CSF etc.) Experience working on implementation in a SOC environment. Experience working in Microsoft Defender, Microsoft Purview and Microsoft Sentinel is essential. Experience in or understanding of penetration testing and … hacking techniques. Experience across applying NIST CSF, ITIL, ISO 27001, ISO and other best practice standards Desirable Experience/Skills: In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic). Understanding of event and incident investigations and incident response in a 24/ More ❯

is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where … the IAM components of solution designs. Collaborate with cloud infrastructure teams to implement IAM design patterns. Ensure IAM security controls are appropriately implemented in our environment and align with NIST and CIS benchmarks. Validate effectiveness of implemented IAM security controls through technical analysis. Perform residual IAM risk assessments and document acceptance/rejection rationale. Scope and manage IAM security testing More ❯

on experience with SCADA, DCS, PLC, EMS, and related technologies Familiarity with protocols like TCP/IP, Modbus, IEC 61850, OPC UA, PROFINET Knowledge of security standards such as NIST CSF, ISO27001, IEC 62443, and NIS regulations Ability to develop pragmatic solutions to address cyber risks in OT environments More ❯

management. Solid IT general controls (ITGCs) knowledge. IT outsourcing arrangements, including service delivery, supplier management, and data security considerations. IT governance, strategy, and operating models. Knowledge of IT frameworks (NIST, COBIT, ISO, ITIL) is desirable. Knowledge of project change methodology is desirable. Self-motivated and proactive in approach, able to act independently and on own initiative. Excellent analytical, influencing, presentation More ❯