1 to 25 of 156 NIST Jobs in London

successful participation in certification audits. Strong understanding of financial services regulations and their impact on information security. In-depth knowledge of information security frameworks, standards, and best practices (e.g., NIST, CIS). Experience with secure software development practices and application security testing. Strong technical understanding of network security, system security, and security architecture. Experience with risk management methodologies and tools. More ❯

implement disaster recovery procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls as needed. Contribute to cybersecurity strategic planning and budgeting. Follow change management … policies. Qualifications Bachelor's degree required; advanced degree highly desirable. Minimum 5 years experience in Information Security. Proficiency in security frameworks like NIST, implementing and auditing security measures. Knowledge of Cisco networking, firewalls, VPN, DLP, IDS/IPS, SIEM, and related technologies. Experience with identity access management solutions such as SAML, OAuth. Relevant security certifications (e.g., CISSP, CISM, CEH) are … highly desirable. Ability to analyze and recommend security improvements. Desired Qualifications Certifications like CISSP, NIST CSF, CCSP, CEH. Knowledge of cloud security (AWS, GCP, Azure). Experience managing Cisco ELA products, Splunk, SolarWinds, Varonis, Darktrace. Experience in HIPAA/FDA regulated environments. Competencies Motivation, initiative, administrative skills, interpersonal skills, self-management, thinking skills, customer orientation, adaptability, problem-solving, and effective More ❯

you will help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and threat-based … information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance reporting More ❯

win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What … and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. More ❯

assessments and ensure remediation plans are executed effectively. Maintain relevant security certifications such as Cyber Essentials/Plus and support the business in aligning with broader security frameworks (e.g., NIST CSF, CIS Controls). Awareness & Security Culture Lead internal training, briefings and onboarding sessions to build awareness and support for secure behaviours across the organisation. Act as a security advocate … to cyber incidents. Familiar with automating tasks with Python or similar programming languages, as well as using SQL to query data at scale. Knowledge of security frameworks such as NIST CSF, CIS Controls, and Cyber Essentials, with working knowledge of ISO 27001 beneficial but not essential. Understanding of UK data protection law and its practical application within a security programme. More ❯

support compliance. Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements (e.g., ISO 27001, NIST, HIPAA, GDPR, SOX, etc.). Ensure compliance with applicable data protection laws (e.g., GDPR, CCPA, GLBA). Guide Data Protection Impact Assessments (DPIAs) for high-risk financial data processing activities. … Science, or a related field 5-7+ years of experience in information security, preferably in financial services. In-depth understanding of security frameworks (e.g., ISO/IEC 27001, NIST CSF, CIS Controls) and cybersecurity principles, practices, and regulatory requirements in the finance sector. Experience in security technologies such as firewalls, IDS/IPS, SIEM, encryption, and identity management. Experience More ❯

threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all … Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM More ❯

analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident documentation. What More ❯

threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). • Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. • Oversee endpoint security, cloud network and API security for robust protection across all … Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. • Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM More ❯

an existing vulnerability management program Strong technical expertise in implementing a Prioritizationformula to vulnerabilities and misconfigurations and translating these into risks Excellent knowledge of Vulnerability Management frameworks such as NIST/SANS The following general characteristics are required: A team player with the ability to work independently and unsupervised Ability to own delegated tasks and see them through to completion More ❯

Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g., firewalls, EDR, SIEM, vulnerability scanners). Exceptional analytical, problem-solving, and decision-making abilities. Excellent communication (written More ❯

security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. Plan and rehearse incident response More ❯

security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. Plan and rehearse incident response More ❯

internal security audits. Demonstrated experience working with compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk management frameworks (e.g., NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and cloud services. Proficiency with risk analytics, GRC tools More ❯

is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where … the IAM components of solution designs. Collaborate with cloud infrastructure teams to implement IAM design patterns. Ensure IAM security controls are appropriately implemented in our environment and align with NIST and CIS benchmarks. Validate effectiveness of implemented IAM security controls through technical analysis. Perform residual IAM risk assessments and document acceptance/rejection rationale. Scope and manage IAM security testing More ❯

analysis, SOC operations, and incident handling skills. Substantial experience in information security across different industries, platforms, and applications. Experience conducting IT compliance assessments (IT General Controls and Audits, PCI, NIST CSF etc.) Experience working on implementation in a SOC environment. Experience working in Microsoft Defender, Microsoft Purview and Microsoft Sentinel is essential. Experience in or understanding of penetration testing and … hacking techniques. Experience across applying NIST CSF, ITIL, ISO 27001, ISO and other best practice standards Desirable Experience/Skills: In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g., ArcSight, Splunk, Nitro/McAfee Enterprise Security Manager, QRadar, LogLogic). Understanding of event and incident investigations and incident response in a 24/ More ❯

dotted-line relationship with the VP of TechOps. Responsibilities Security Strategy & Governance - Define and continuously refine the technical security roadmap that aligns with business objectives, industry best practice (e.g., NIST CSF, OWASP SAMM), and compliance frameworks (SOC 2, ISO 27001, GDPR). Secure SDLC & DevSecOps - Build and maintain guardrails for static/dynamic analysis, container and IaC scanning, SBOM management More ❯

into CI/CD pipelines and DevOps operations Manage and interpret insights from cloud-native security tools (e.g., GuardDuty, Azure Defender) Ensure compliance with frameworks such as ISO 27001, NIST, GDPR, HIPAA Contribute to architectural design reviews, cloud migration planning, and documentation Support executive reporting by producing clear metrics for cyber risk posture Continuously track and respond to emerging threats More ❯

Are you an accomplished IT Security Engineer (Application &/or Infrastructure focused) , looking to make your next move into a small team of like-minded, security focused people? Would you relish the opportunity to work with one of the UK More ❯

Are you an accomplished IT Security Engineer (Application &/or Infrastructure focused) , looking to make your next move into a small team of like-minded, security focused people? Would you relish the opportunity to work with one of the UK More ❯

is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where More ❯

is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead More ❯

cyber security technologies (e.g., firewalls, Microsoft enterprise cloud services, VPNs, ZTNA, IDS/IPS, SIEM, Juniper MIST, encryption). * Experience with security standards and frameworks such as ISO 27001, NIST, and GDPR. Head of Cyber Security In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having first sought approval More ❯

threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all … Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM More ❯

this role you must have demonstrable hands-on expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including the NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the UK Telecom Security Act would be advantageous More ❯