401 to 425 of 457 NIST Jobs in England

Cybersecurity Consultant/Concierge Security Engineer 2 (m/f/d) page is loaded Cybersecurity Consultant/Concierge Security Engineer 2 (m/f/d) Apply locations Newcastle, GBR time type Full time posted on Posted Yesterday job More ❯

Implement security controls utilizing eMASS and Xacta 360 support tools. Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and providing recommendations of risk mitigation to customer. Perform Risk Assessments and develop Concepts of Operations (CONOPS), Security Policies, Cybersecurity Strategy, Test Plans, System Security Plans and More ❯

Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach More ❯

Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach More ❯

Data, Application, Technology, and Security considerations into all project phases. Governance and Compliance: Maintain architectural practices in full compliance with healthcare regulations and standards, such as GDPR, CAF, DSPT, NIST, and NHS guidelines. Routinely review and update architectural policies to reflect evolving requirements, with embedded security throughout. Mentorship and Leadership: Provide leadership and mentorship to technical teams and subject matter … healthcare IT solutions. Proven success in leading large-scale projects and managing cross-functional teams. In-depth knowledge of healthcare regulations, standards, and best practices (e.g., GDPR, CAF, DSPT, NIST). Exceptional communication, presentation, and interpersonal skills. Relevant certifications such as TOGAF or Zachman are desirable. 5-7 years of experience in IT architecture roles, including time in senior or More ❯

control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO2 2301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal , external audits and certification processes (e.g., ISO 27001, Cyber Essentials , ISO22301, etc. ), acting as the … Demonstrated leadership in delivering IT risk or audit initiatives, including managing projects, mentoring team members, and driving outcomes. Strong knowledge of industry frameworks and standards, such as ISO 27001, NIST, CISControls, and regulatory requirements like GDPR. Provenability to engage and influence stakeholders across IT, Information Security, and business functions, building trusted relationships at all levels. We also acknowledgethattheconfidencegap and imposter More ❯

assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. … Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your ability to manage risk proactively. Proficiency in evaluating technical controls More ❯

assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. … Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your ability to manage risk proactively. Proficiency in evaluating technical controls More ❯

automated and scalable vulnerability management program using Tenable and related tools. Establish and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as ISO 27001, NIST, and CIS. Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed. Automate data collection, triage, reporting, and ticketing processes using scripting … with platforms like Jira, ServiceNow, or Slack. Ability to scope penetration tests and manage findings through to remediation. Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS. Excellent communication, presentation, and influencing skills, with the ability to explain complex technical issues to non-technical stakeholders. Analytical and solution-oriented mindset with the ability to drive More ❯

and implement scalable monitoring, alerting, and auditability solutions to support a secure, multi-cloud, geo-distributed workforce. Design, implement, and continuously improve Roku's Zero Trust Architecture, aligning with NIST SP 800-207 and SP 1800-35 guidance. Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives. Identify and implement automation opportunities … AWS; GCP is a plus Solid understanding of SaaS platforms and their identity integration Understanding of Zero Trust Architecture principles Familiarity with IT security frameworks and compliance standards (e.g., NIST, GDPR, SOC 2, PCI DSS, HIPAA) Awareness of logging, monitoring, and alerting practices related to identity and access events Basic understanding of email security and DNS Backup and recovery awareness More ❯

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯

which your background might be better suited to. 8+ years of experience in IoT security, preferably in the medical device or the pharmaceutical industry. Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining … residual risk after applying compensating security controls Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2 and familiarity working with Quality Management Systems Experience working with teams in a structured software development lifecycle process Excellent interpersonal skills, both written and verbal, with the ability to clearly convey complex More ❯

design and delivery of cyber strategies for large-scale organisations. Develop actionable cyber transformation roadmaps aligned to business needs. Advise on regulatory compliance and governance frameworks (e.g. ISO27001, GDPR, NIST). Engage confidently with stakeholders across technical teams, risk functions, and board level. Oversee cyber risk assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in … cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills, able to present complex topics to senior stakeholders. Previous experience in a client-facing More ❯

design and delivery of cyber strategies for large-scale organisations. Develop actionable cyber transformation roadmaps aligned to business needs. Advise on regulatory compliance and governance frameworks (e.g. ISO27001, GDPR, NIST). Engage confidently with stakeholders across technical teams, risk functions, and board level. Oversee cyber risk assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in … cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills, able to present complex topics to senior stakeholders. Previous experience in a client-facing More ❯

Find out more about our commitment to equity, diversity, and inclusion on our website . Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security … data to determine attack vectors and impacts. Maintain forensic readiness in environments with high availability and low tolerance for downtime. Ensure forensic activities comply with sector-specific regulations (e.g., NIST CSF, NERC CIP, ISA/IEC 62443). Support audits, insurance claims, and legal proceedings with documented forensic evidence. Maintain readiness for compliance reviews related to critical infrastructure. Continuously explore … response performance. Aligning forensic practices with organizational risk management strategies. Working knowledge of legal processes for evidence handling and chain of custody. Familiarity with standards and regulations such as: -NIST CSF/NIST 800-61 -ISA/IEC 62443 -ISO/IEC 27001 Conducting end-to-end digital forensic investigations (disk, memory, network). Hands-on experience with forensic tools More ❯

Find out more about our commitment to equity, diversity, and inclusion on our website . Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security … data to determine attack vectors and impacts. Maintain forensic readiness in environments with high availability and low tolerance for downtime. Ensure forensic activities comply with sector-specific regulations (e.g., NIST CSF, NERC CIP, ISA/IEC 62443). Support audits, insurance claims, and legal proceedings with documented forensic evidence. Maintain readiness for compliance reviews related to critical infrastructure. Continuously explore … response performance. Aligning forensic practices with organizational risk management strategies. Working knowledge of legal processes for evidence handling and chain of custody. Familiarity with standards and regulations such as: -NIST CSF/NIST 800-61 -ISA/IEC 62443 -ISO/IEC 27001 Conducting end-to-end digital forensic investigations (disk, memory, network). Hands-on experience with forensic tools More ❯

Job Description Permanent Role: Enterprise Security Architect (London | Hybrid | Cloud, NIST, SABSA) A leading global financial services firm is hiring an Enterprise Security Architect for a permanent position based in London (2 days onsite/week) . Key Tech & Frameworks: Cloud Security (SaaS, IaaS, Infrastructure) SABSA, NIST CSF, ISO 27001/2, SP 800-53, SANS Top 20 Risk & Compliance More ❯

LMAX Group is a global financial technology company and the leading independent operator of multiple institutional execution venues for FX and cryptocurrency trading. The Group's portfolio includes LMAX Exchange (institutional FX exchange and FCA regulated MTF), LMAX Global (FCA More ❯

decision-making across engineering and leadership teams. - Support Compliance and Audit Readiness: Build and maintain solutions that automate evidence gathering and real-time compliance monitoring across frameworks such as NIST 800-53, HITRUST, PCI-DSS, and FedRAMP. - Collaborate Across Teams: Partner with cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and operational goals. Qualifications … tools: Microsoft Sentinel, Defender XDR, Purview, Entra ID, Azure Policy. - Hands-on experience integrating or piloting AI agents or LLMs in operational workflows. - Knowledge of compliance standards such as NIST, HIPAA, FedRAMP, PCI, SOC2, or HITRUST. - Security certifications such as SC-200, GCSA, or equivalent. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without More ❯

GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders More ❯

GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders More ❯

GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders More ❯

GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders More ❯