23 of 23 NIST Jobs in the Midlands

and the wider estate are sufficiently tested for signs of vulnerability. Governance, Risk & Compliance (GRC) Ensure audit readiness, control effectiveness (key SOX/ITGC, NIST/ISO mappings), and remediation governance; lead policy lifecycle and attestations. Oversee the enterprise risk process (RCSA, KRIs), executive reporting, and board risk briefings. Improve ...

hybrid cloud environments Experience operating security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers, and technical teams Desirable: Relevant certifications (e.g. CISSP, CISM, AZ-500, SC-200) [Cyber Secu...ty Manager ...

hybrid cloud environments Experience operating security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers, and technical teams Desirable: Relevant certifications (e.g. CISSP, CISM, AZ-500, SC-200) [Cyber Secu...ty Manager ...

security initiatives Embedding security into Agile delivery (Scrum/SAFe) Advising senior stakeholders on risk, impact and remediation Supporting compliance with ISO 27001, GDPR, NIST and related frameworks What we're looking for Proven experience as a Security/Cyber Security Architect Strong cloud security knowledge (Azure, AWS, M365) Broad ...

cloud integration, and hybrid deployment models. Cloud certifications (AWS, Microsoft Azure, or Google Cloud). Familiarity with OT cybersecurity standards such as IEC 62443, NIST SP 800 series, NERC CIP, and the EU Cyber Resilience Act (CRA). Benefits and Compensation Competitive compensation and a flexible benefits package, including employer ...

continuous development of cyber governance offerings and internal knowledge sharing Skills and Experience: Experience with IT security, leading on audits, and control assessments (e.g. NIST, CIS) Strong technical understanding of cybersecurity and risk Relevant certifications (e.g. CISA, Security+, CISSP) are beneficial Good analytical, communication, and stakeholder management skills Ability ...

Governance, Risk & Compliance Own cyber risk management and contribute to the enterprise risk register. Ensure compliance with relevant standards and frameworks (e.g. ISO 27001, NIST, Cyber Essentials, ICS security guidance). Define and maintain cyber security policies, standards, and procedures across IT and OT. Support audits, assessments, and regulatory ...

and real incidents Own cyber risk management and contribute to the enterprise risk register. Ensure compliance with relevant standards and frameworks (e.g. ISO 27001, NIST, Cyber Essentials, ICS security guidance). Define and maintain cyber security policies, standards, and procedures across IT and OT. Support audits, assessments, and regulatory ...

Strong executive communication and stakeholder management skills Experience leading and scaling teams within a consulting environment Knowledge of security frameworks (e.g. GDPR, NIST, ISO27001, SOC2) You will gain exposure with: Enterprise-scale Microsoft Security transformation programmes Strategic collaboration across global Microsoft-focused teams Design and delivery of managed security services ...

and client engagement Relevant certifications (e.g. SC-100, SC-200) additional certifications like CISSP, CISM are a bonus Strong understanding of security frameworks (ISO27001, NIST, GDPR etc.) Why consider this role? Opportunity to lead high-profile, cutting-edge security programmes Work closely with global partners and enterprise clients Strong investment ...

security assessments and producing assurance reports. Ability to engage and influence stakeholders at all levels. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Excellent communication, planning, and organisational skills. Experience managing teams and developing talent. Ability to interpret complex technical and business information to assess ...

improvement of accreditation processes Profile Proven expertise in information security GRC or accreditation process Strong understanding of information security framework/standards like ISO27001, NIST, CREST, CAF Understanding of software development life cycle is preferred Strong analytical and problem-solving skills. Experience in the technology sector or a related field. ...

enterprise environments • Proven experience authoring enterprise-grade security HLDs • Hybrid cloud security architecture experience (Azure preferred, AWS beneficial) • Knowledge of security frameworks such as NIST CSF • Experience operating within governance and architectural review processes • Background working in regulated environments and complex delivery landscapes Desirable: • Utilities or critical infrastructure sector experience ...

multiple systems and locations Understanding of cybersecurity principles, identity management and data protection, with exposure to frameworks such as Cyber Essentials Plus, CIS or NIST Familiarity with IT service management practices (e.g. ITIL) and managing support tickets against SLAs Experience working with endpoint protection or MDR solutions (e.g. SentinelOne) Excellent ...

and insight to senior stakeholders About You Experience within cyber GRC, IT audit, or risk management Strong understanding of frameworks such as ISO 27001, NIST, or similar Confident communicator, able to translate technical risks into business impact Proactive and detail-oriented, with a collaborative approach ...

expectations.You’ll be someone with:* Experience in IT security domains* Strong understanding and working knowledge of cyber control gap assessments (eg. CIS Benchmarks/NIST)* Certifications such as (CISSP/CCSP/CISM/CRISC) are highly beneficial* Strong technical foundation to support the understanding of controls, experience in information ...

National Infrastructure (CNI) • Other highly regulated environments Ideal background: • Security Assurance/GRC/Operational Risk • Supplier assurance/third-party risk • ISO27001/NIST/NCSC CAF exposure • Practical assurance model design • Stakeholder engagement across technical and operational teams Contract: • Initial 10–12 weeks • Hybrid working • June start anticipated ...

system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification. ...

Integrated Automation System solutions. Experience with automated testing tools e.g. JIRA XRAY, Selenium or similar. Experience with cybersecurity frameworks such as IEC 62443 and NIST standards. Experience in Power, Marine, Oil and Gas, Industrial domain. Experience in leading NPI programs, task allocation, and driving teams in a technical leadership role ...

similar sectors Experience working on contract remediation or compliance uplift programmes Direct experience of delivering into a security framework (e.g. CAF, 62443, NIST) Direct experience of delivering service contracts for data centres Personal Attributes Pragmatic and solutions-focused Comfortable working autonomously within a defined assignment scope Able to balance commercial ...

assessments, configuration reviews, and audits of AWS environments to identify vulnerabilities and recommend remediation. Implement and maintain AWS security controls aligned to ISO 27001, NIST and cloud security best practices. Proficiency in building/configuring SOAR platforms such as Shuffler and Tracecat. Develop security automation tooling, scripts, and infrastructure … and related cloud native controls. Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform. Solid understanding of ISO 27001 , NIST CSF , and cloud security best practices. Familiarity with commonly used open‐source security testing tools (e.g., BurpSuite, ZAP, Nikto, Metasploit, SQLmap). Behaviours & Mindset Highly ...

Management: Establish robust cyber security governance frameworks tailored to OT environments. Spearhead comprehensive security risk assessments and gap analyses using industry frameworks such as NIST CSF and IEC 62443. Based on these assessments, identify the most cost-effective security controls in line with the client’s risk appetite, balancing risk … industrial control systems and SCADA environments is expected.* Standards & Regulatory Knowledge: Strong familiarity with OT security standards and frameworks such as IEC 62443 and NIST CSF, and with relevant regulations like the NIS Regulations and HSE OG-0086. Ability to apply these frameworks in practice and guide organisations through compliance ...

with senior decision-makers A robust understanding of modern cyber threats and the application of recognised security standards and best-practice controls - ISO 27001, NIST CSF, CIS Controls, GDPR etc Hands-on exposure to risks arising from cloud adoption, digital platforms and the protection of identities and sensitive data Awareness … better way for us to communicate, please do let us know. Security, Cyber, Risk, Compliance, Governance, Advisory, Consulting, Consultant, Roadmaps, Incidents, 27001, NIST CSF, PCI DSS, GDPR, SOC2, CIS, CISSP, CISM, Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus ...