1 to 25 of 96 NIST Jobs in London

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

Prior and proven experience gained as a Security Architect or in a Technical Cyber Consultant/Engineer role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM More ❯

Prior and proven experience gained as a Security Architect or in a Technical Cyber Consultant/Engineer role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM More ❯

workflows. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls More ❯

controls, including RBAC and Conditional Access, within Azure AD and Microsoft 365. Collaborate with Risk and Compliance teams to ensure infrastructure aligns with enterprise security frameworks (e.g. ISO 27001, NIST, CIS). Support incident response, vulnerability remediation, and disaster recovery planning. Promote a culture of continuous improvement and secure-by-design principles across the technology team. Provide technical leadership and More ❯

practises. Experience with security assessment and risk management methodologies. Proficiency in cloud security, particularly with Azure security tools and services. Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS). Knowledge of security technologies such as firewalls and web proxies; experience with ZTNA, CTI, and threat modelling is beneficial. Excellent communication and interpersonal skills. Ability to work effectively More ❯

regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. More ❯

regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. More ❯

Information Assurance Risk Assessment and Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native threats. More ❯

to undergo DV clearance/UK Citizen/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC More ❯

Bash). Familiarity with infrastructure-as-code tools , such as Terraform or Ansible. Understanding of SASE (Secure Access Service Edge) frameworks. Exposure to cloud security standards (e.g. CIS Benchmarks, NIST, CSA). Experience with ITSM tools like ServiceNow. Knowledge of endpoint protection platforms (e.g. CrowdStrike, SentinelOne). Working knowledge of Active Directory and Azure Active Directory. Involvement in security audits More ❯

awareness of clients and third parties Program Development: Assist in the development and delivery of security awareness programs Standards Implementation: Implement industry security standards such as Cyber Essentials, ISO27001, NIST-800-53, & Cloud Security Alliance CCM Report Generation: Generate reports for both technical and non-technical staff and stakeholders Product Evaluation: Test and evaluate security products Disaster Recovery Planning: Plan More ❯

analytical and problem-solving skills, with the ability to make sound decisions under pressure. Demonstrated experience in incident detection, triage, containment, and remediation. Knowledge of security frameworks, such as NIST, ISO 27001, or similar. Excellent communication skills, with the ability to clearly convey technical details to diverse audiences. Previous experience in SIEM/SOAR within large-scale, complex environments. Familiarity More ❯

services (security operations and offensive security testing) Experience of strategic planning and oversight of cyber incident response and crisis management Strong understanding of cybersecurity standards and frameworks (e.g. ISO27001, NIST, CIS) and their application in strategic planning and policy development Ability to collaborate business leadership to operationalise strategic decisions, ensuring alignment with organizational resilience goals. Understanding of regulatory requirements and More ❯

practices. Experience with security assessment and risk management methodologies. Proficiency in cloud security, particularly with Azure security tools and services. Knowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS). Familiarity with security technologies such as firewalls, web proxies/remote access solutions. Experience with ZTNA, CTI, threat modelling is beneficial. Bachelor’s degree in information security, Computer More ❯

especially AWS), application security, and modern DevSecOps. Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure. Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc. Background in threat modeling, incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer Science, Information Security, or related field. Bonus More ❯

enterprise networks. Implement secure identity and access management using Azure AD and Microsoft Entra. Consulting & Advisory: Provide expert guidance to clients on cybersecurity best practices, compliance (e.g., ISO 27001, NIST), and risk mitigation. Conduct assessments and audits of existing network and cloud security postures. Deliver workshops and training sessions on M365 and Azure security capabilities. Incident Response & Monitoring: Collaborate with More ❯

enterprise networks. Implement secure identity and access management using Azure AD and Microsoft Entra. Consulting & Advisory: Provide expert guidance to clients on cybersecurity best practices, compliance (e.g., ISO 27001, NIST), and risk mitigation. Conduct assessments and audits of existing network and cloud security postures. Deliver workshops and training sessions on M365 and Azure security capabilities. Incident Response & Monitoring: Collaborate with More ❯

with regulatory expectations and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. The Requirements: Skills: Strong knowledge of risk management frameworks (eg, NIST, ISO 27001, COBIT) and control environments. Deep understanding of IT general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (eg, using More ❯

while building your own leadership brand What we’re looking for: Proven experience in cyber strategy, cyber risk, transformation, or security governance Strong understanding of industry frameworks such as NIST CSF, ISO27001, CAF or CRI2.0 Ability to communicate clearly with stakeholders at all levels — from technical teams through to board-level A blend of consulting and hands-on delivery experience More ❯

while building your own leadership brand What we’re looking for: Proven experience in cyber strategy, cyber risk, transformation, or security governance Strong understanding of industry frameworks such as NIST CSF, ISO27001, CAF or CRI2.0 Ability to communicate clearly with stakeholders at all levels — from technical teams through to board-level A blend of consulting and hands-on delivery experience More ❯

languages, for example Python, Javascript, Bash, Powershell. Use of DevOps tooling, for example GitLab, Terraform, Ansible, Puppet, Docker/K8s. Understanding of common security frameworks, for example SABSA and NIST CSF. Willingness to learning and understanding new technologies quickly. Ability to converse effectively across technology domains to include identity and access management, network security, infrastructure, databases, cryptography and virtualisation. Ability More ❯

from day-to-day operations to major transformation projects. Main responsibilities: Leading security assurance, assessments, and advisory for IT and business projects (both Cloud and On-Prem), aligned to NIST 800-53 standards. Partnering with security architecture and other teams to define and embed security patterns and controls. Developing non-functional security requirements and guiding their integration into solution designs. More ❯

people security, physical (site) security and technical security controls. Skills Knowledge & Experience Cyber Security Knowledge - You'll have a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well. Clear Communication -You'll be able to discuss these with technical More ❯