1 to 25 of 27 NIST Jobs in the Midlands

and the wider estate are sufficiently tested for signs of vulnerability. Governance, Risk & Compliance (GRC) Ensure audit readiness, control effectiveness (key SOX/ITGC, NIST/ISO mappings), and remediation governance; lead policy lifecycle and attestations. Oversee the enterprise risk process (RCSA, KRIs), executive reporting, and board risk briefings. Improve ...

Information Security Manager), CISA (Certified Information Systems Auditor), CEH (Certified Ethical Hacker), or equivalent are highly desirable. In-depth knowledge of security frameworks (e.g., NIST, ISO 27001), network security protocols, firewalls, encryption, and intrusion detection systems (IDS). Strong understanding of threat landscape and risk management strategies. Proficiency in security ...

implementation of the Operational Technology security strategy across engineering and operational teams. Assist in applying recognised cyber security frameworks such as National Institute of Standards and Technology Cyber Security Framework and IEC 62443 to operational environments. Work with engineering teams to understand how operational systems such as Supervisory Control and ...

enhance risk toolkit methodologies across the supply chain risk management lifecycle (onboarding and aftercare). Lead initiatives to align supply chain risk maturity with NIST Cyber Supply Chain Risk Management (C-SCRM) principles. Deliver improvements in personnel security controls following National Protective Security Authority (NPSA) guidance. Produce risk outputs linking ...

related field (or equivalent experience) Experience or exposure to IT security, cyber risk, or control assessments Familiarity with cybersecurity frameworks and standards such as NIST, CIS, and ISO 27001 with exposure to security audits. Understanding of IT controls and risk management principles Strong analytical and problem-solving skills, with ...

platforms (AWS, Azure, GCP). * Strong understanding of network security, Zero Trust, IAM, workload isolation, and micro-segmentation. * Familiarity with security standards such as NIST, ISO 27001, CIS Benchmarks, and government policies. * Desirable skills include OpenShift, enterprise Kubernetes, security tooling (Falco, Istio), automation (Terraform, Ansible), and relevant certifications (CCSK, CISSP ...

platforms (AWS, Azure, GCP). * Strong understanding of network security, Zero Trust, IAM, workload isolation, and micro-segmentation. * Familiarity with security standards such as NIST, ISO 27001, CIS Benchmarks, and government policies. * Desirable skills include OpenShift, enterprise Kubernetes, security tooling (Falco, Istio), automation (Terraform, Ansible), and relevant certifications (CCSK, CISSP ...

platforms (AWS, Azure, GCP). * Strong understanding of network security, Zero Trust, IAM, workload isolation, and micro-segmentation. * Familiarity with security standards such as NIST, ISO 27001, CIS Benchmarks, and government policies. * Desirable skills include OpenShift, enterprise Kubernetes, security tooling (Falco, Istio), automation (Terraform, Ansible), and relevant certifications (CCSK, CISSP ...

platforms (AWS, Azure, GCP). * Strong understanding of network security, Zero Trust, IAM, workload isolation, and micro-segmentation. * Familiarity with security standards such as NIST, ISO 27001, CIS Benchmarks, and government policies. * Desirable skills include OpenShift, enterprise Kubernetes, security tooling (Falco, Istio), automation (Terraform, Ansible), and relevant certifications (CCSK, CISSP ...

platforms (AWS, Azure, GCP). * Strong understanding of network security, Zero Trust, IAM, workload isolation, and micro-segmentation. * Familiarity with security standards such as NIST, ISO 27001, CIS Benchmarks, and government policies. * Desirable skills include OpenShift, enterprise Kubernetes, security tooling (Falco, Istio), automation (Terraform, Ansible), and relevant certifications (CCSK, CISSP ...

platforms (AWS, Azure, GCP). * Strong understanding of network security, Zero Trust, IAM, workload isolation, and micro-segmentation. * Familiarity with security standards such as NIST, ISO 27001, CIS Benchmarks, and government policies. * Desirable skills include OpenShift, enterprise Kubernetes, security tooling (Falco, Istio), automation (Terraform, Ansible), and relevant certifications (CCSK, CISSP ...

cyber security operations, incident response, threat intelligence, and vulnerability management In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). Demonstrable Senior stakeholder management up to C-suite Experience working in immature security environments 'Great to have' experience: Experience working in a Retail ...

issues and improve outcomes Essential Experience & Skills Proven experience delivering an assurance testing programme across recognised frameworks and regulations, including (but not limited to): NIST-CSF, Cyber Essentials, ITGC, ITACs, FRC/Corporate Governance Code, COBIT 2019, COSO Strong stakeholder management skills, with the ability to collaborate across the business ...

cyber security operations, incident response, threat intelligence, and vulnerability management. In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). Proven ability to manage and influence stakeholders at executive and C-suite level. Experience coming into 'greenfield' environment's and raising the maturity ...

cyber security operations, incident response, threat intelligence, and vulnerability management. In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). Proven ability to manage and influence stakeholders at executive and C-suite level. xkybehq Experience coming into 'greenfield' environment's and raising ...

security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical and business information to assess ...

across: Networking, Infrastructure, Platform, Cloud, Identity & Access Management (IAM), and Application/API. Experience with designing systems inline with security frameworks including: ISO, GDPR, NIST/CIS. Able to communicate at a high level to non-technical audiences. Some experience within regulated environments would be beneficial. Certifications like CISSP, CISM ...

primary point of contact for clients during onsite assessments and GRC implementations. Key Responsibilities Project Delivery: Lead the fieldwork for Cyber Maturity assessments (NIST, ISO 27001, Cyber Essentials Plus) and Third-Party Risk Management (TPRM) reviews Client Engagement: Manage day-to-day client relationships, ensuring data collection and stakeholder interviews ...

and ensure recommendations are followed for continuous improvement Strong Incident Response Management skills including threat and vulnerability analysis Understanding of security frameworks such as NIST, and Cyber Essentials As the analyst you will work with the security manager and engineer the day-to-day running and monitoring of Information Security ...

system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification. ...

using the Purdue Model. · Strong familiarity with major OT/ICS vendors (Siemens, ABB, GE, Schneider Electric). · Experience applying frameworks such as IEC62443, NIST CSF, NIST 800‐82, NCSC CAF. · Senior-level stakeholder management experience. Certifications – Highly Desirable · OT/ICS Security/Safety Certifications · ISA/ ...

and strong stakeholder skills, including: CISM qualification (or equivalent) Strong knowledge of ISO 27001, ideally as a Lead Auditor or Auditor Working knowledge of NIST CSF and NIST SP 800-53 Excellent understanding of relevant legal, regulatory and compliance requirements Proven experience implementing and operating security management in line with ...

responsible for ensuring that all corporate and subsidiary operations comply with internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, and others.Key Responsibilities- Support the execution and enhancement of the global information security compliance program.- Conduct internal audits, third-party risk assessments, and … diligence reviews.- Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD.- Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives.- Identify gaps in security controls and recommend corrective actions.- Maintain and update security policies, procedures, and documentation.- Monitor changes ...

work, gap analyses and audits Working on SIEM, EDR and Vulnerability Management tools. Working in compliance with various security frameworks (ISO27001, Cyber Essentials +, NIST, CAF.) Working alongside the MSSP to ensure that risks and alerts raised are relevant to the organisation, reducing false positives wherever possible Assisting with vulnerability …/IDS, EDR, SIEM, Vulnerability scanning - any toolsets considered. Experience working in alignment with security best practice frameworks (e.g. ISO27001, Cyber Essentials +, NIST, CAF) Experience working alongside 3rd parties to enhance security posture would be ideal (MSSPs, Auditors etc.) Experience responding to audit requirements and artefact gathering would also ...

Ideas | People | Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's ...