24 of 24 NIST Jobs in Newport

security policies, standards, and procedures Work with IT and development teams to implement secure system designs and configurations Support compliance initiatives (e.g., ISO 27001, NIST, GDPR, PCI-DSS) by assisting with audits and documentation Conduct security awareness training and phishing simulations for employees Keep up-to-date with the latest More ❯

CI/CD pipelines for secrets management. Familiarity with other PAM tools (e.g., BeyondTrust, Thycotic) is a plus. Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001). Soft Skills: Strong communication and interpersonal skills. Ability to work independently and as part of a team. Detail-oriented with a focus More ❯

implement best practices for compliance, data privacy, and protection, while integrating tools and frameworks to assess APIs against OWASP and other relevant security standards (NIST, ISO-27001, PCI-DSS, HIPAA, FedRAMP) Automate security and compliance controls into the platform for continuous monitoring and reporting. Execute MySQL queries to ensure data More ❯

implement best practices for compliance, data privacy, and protection, while integrating tools and frameworks to assess APIs against OWASP and other relevant security standards (NIST, ISO-27001, PCI-DSS, HIPAA, FedRAMP) Automate security and compliance controls into the platform for continuous monitoring and reporting. Execute MySQL queries to ensure data More ❯

Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security More ❯

architecture frameworks (e.g., TOGAF). • Certifications such as AWS Certified Solutions Architect or Azure Solutions Architect Expert. • Familiarity with security and compliance frameworks (ISO, NIST). • Experience with Agile methodologies and DevOps environments. Additional Information • Private healthcare for you and your family. • 25 days annual leave plus a bonus half More ❯

security assessments, audits & penetration testing What You’ll Bring CISSP or equivalent + 6-7 years in InfoSec Experience maturing security programs & frameworks ( ISO27001, NIST CAF, OWASP ) Strong knowledge of SIEM, IDS/IPS, RBAC, vulnerability management Understanding of cloud, COTS/SaaS platforms & IoT security Ability to communicate risks More ❯

IAM principles, including authentication, authorization, role-based access control (RBAC), and identity governance. Experience in system security, risk management, and compliance frameworks (e.g., GDPR, NIST, ISO 27001). Excellent problem-solving skills and the ability to manage complex technical issues under pressure. Strong communication skills, with the ability to explain More ❯

log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding of incident response following NIST 800-61 guidelines incorporating containment, eradication and recovery phases. Experience with digital forensics and investigations, including evidence collection and chain-of-custody protocols. Should have More ❯

and Exchange Online projects through their design and deployment stages. Develop and maintain security configurations and baselines in line with industry standards (e.g., NIST, CIS, ISO 27001). Configure and manage Microsoft Defender for Office 365/Cloud/Endpoint/Servers, Purview (Information Protection, Data Loss Prevention), and Microsoft More ❯

life cycle of a system Provision of authoritative specialist security advice in Risk and threat-based mitigation to system designs Control frameworks such as NIST, ISO, CIS Protective monitoring, Authentication and authorization best practices. Develop excellent working relationships with key stakeholders, peers and subordinates. Communicating effectively verbally and in writing More ❯

ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards — this is essential —as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue … development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain … coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) – non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is More ❯

IT services). Collaborate with client teams to develop, document, and implement security policies, standards, and guidelines aligned with industry standards (e.g., ISO 27001, NIST). Assist in the deployment, configuration, and management of security infrastructure and technologies, including firewalls, intrusion detection/prevention systems, and secure network architectures. Provide … SKILLS: Working knowledge of cloud security architecture, specifically within Azure (or other Cloud platforms). Familiarity with security frameworks and compliance standards such as NIST, GDPR, PCI-DSS, DESC ISR. Strong problem-solving skills, with the ability to think creatively to solve complex security challenges. BENEFITS: Competitive Salary: Base salary More ❯

Experience of working in a collaborative manner with auditors, compliance and other key business stakeholders A strong understanding of framework for example ISO 27001, NIST or similar governance models Strong technical experience in IAM delivery, including authentication, federation (SAML, OIDC, OAuth2), and access lifecycle automation Hands-on background in engineering More ❯

and risk management within defence, government, or high-security environments. Suited candidates must have strong knowledge of security frameworks and standards such as RMADS, NIST, DEF STAN, and policies. You will also have experience with accreditation processes and developing security risk balance cases. Familiarity with codes of connection (CoCo), Secure More ❯

vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables. Working knowledge of information security frameworks such as ISO27001, NIST, and CIS. If this sounds like a good opportunity, apply today. Unfortunately no sponsorship is on offer at this stage for this role. More ❯

experience in security assurance and risk management within defence, government, or high-security environments. Strong knowledge of security frameworks and standards such as RMADS, NIST, DEF STAN, and policies. Experience with accreditation processes and developing security risk balance cases. Familiarity with codes of connection (CoCo), Secure by Design, and security More ❯

design patterns Familiar with fallback controls such as WAF's, API gateways Experience using SIEM/logging tools to track API threats Familiarity with NIST, OWASP SAMM, or internal security frameworks Experience producing risk dashboards/reports for API's Able to translate technical risks into business language, collaborating with More ❯

Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST … NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯

BELONG. There’s no place like Principality. Our home is your home. So, when you decide to join the team, we’ll go further to bring you the warmest of welcomes. From a friendly and inviting environment to a flexible More ❯

influence. What You'll Be Working On: You’ll support key client projects across a diverse and exciting portfolio, including: Framework Compliance : ISO 27001, NIST, PCI-DSS Security Assurance : Audit, controls assessment, reporting Third-Party Risk Assurance : Vendor risk reviews, supply chain assessments Cloud Security Advisory : Azure, AWS, Office … finish. You’ll Need: Proven experience in a security consulting role (client-facing or internal consulting) Strong understanding of Information Security frameworks (ISO 27001, NIST, PCI-DSS) Hands-on experience delivering security assessments, audits, or assurance reviews Awareness or experience with cloud platforms (Azure, AWS, Office 365) Ability to engage More ❯

Security Engineer – Bristol (Hybrid) Security Clearance: SC (Eligible) DefStan | NIST | Threat Modelling Are you passionate about securing the future of critical technology? Do you have deep working knowledge of NIST standards and Defence Standards like DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 ? We’re hiring a … at every layer. Applying your hands-on knowledge of DefStan 05-138 and 05-139 to ensure products meet UK defence requirements. Leveraging the NIST 800 series (an absolute must) to establish best-in-class security frameworks. Performing code reviews , penetration testing, and guiding remediation efforts. Producing clear, robust documentation … such as RMADS and Security Assurance artefacts. What You Bring: Proven experience with NIST 800-30, 800-37, 800-53 and related frameworks. (Essential) Practical, working knowledge of Defence Standards , especially DefStan 05-138 and DefStan 05-139 . Familiarity with threat modelling tools and methodologies. Solid understanding of ISO More ❯

with ideal candidates having good knowledge/understanding of Governance Risk & Compliance (GRC), specifically around HMG/MOD frameworks such as Secure by Design, NIST, and ISO 27001. Because of the nature of the work and customers you could end up supporting, this role would suit a service leaver/… JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment methods Experience with ISO/IEC 27001 audits and cyber security assurance Supplier assurance and supply chain security expertise More ❯

Design Conduct threat modelling exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST 800-30/37/53, Joint Standards Publications (JSP) such as JSP 440, 604 and Defence Standards (Def stans) Produce security documentation like RMADS … and remediation activities Your skillset may include: Understanding and application of risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Working knowledge of Defence Standards (e.g., JSPs, HMG, Def Stan 05-138, Def Stan 05-139) Experience with security testing More ❯