25 of 25 NIST Jobs in Scotland

security specialists (preferred). Understanding of data security, governance, and controls (essential). Experience with cloud security solutions and modern threat modeling (preferred). Knowledge of security frameworks like NIST CSF, Mitre ATT&CK (essential). What You'll Get in Return: We offer a competitive salary and benefits, including: Company Pension Scheme Private Medical Insurance Group Income Protection Group More ❯

and industry-specific regulations Experience implementing compliance and control frameworks Proficiency in IT governance and quality standards Knowledge of security management frameworks like ISO/IEC 27001, ITIL, COBIT, NIST standards Strong stakeholder management skills High integrity and professionalism in handling confidential matters Familiarity with risk management tools like OneTrust or similar is preferred Benefits: At Sword, we value our More ❯

and governance requirements and control identification. Experience delivering cloud-focused security solutions and understanding of modern cyber threats and threat modeling techniques. Good understanding of security frameworks such as NIST CSF, Mitre ATT&CK. Benefits At Sword, our core values and culture focus on caring for our people, investing in training and career development, and building inclusive teams where everyone More ❯

Engineering Role. Leading delivery of MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer More ❯

as well as a deep understanding of cyber security regulations as they apply to different sectors Analysis and management of risks and cybersecurity controls. Standards and methodologies: ISO 27000, NIST, SANS CSC, etc. • Understanding of Infrastructure, Networking and Cloud environments Knowledge in Identity & Access Management Knowledge in Backup & Recovery technologies and installation Previous experience working with or within an Incident More ❯

key regulatory and cyber governance frameworks, including: NCSC CAF (Enhanced Profile) Ofgem NIS CAF Overlay NIS Regulations (UK) ISA/IEC 62443 series ISO/IEC 27001, 31010, and NIST CSF Represent the organisation in regulatory discussions, audits, and cybersecurity working groups Define and govern the security architecture using ISA/IEC 62443 zones and conduits methodology Provide assurance of … SRO, or equivalent), ideally within regulated or Critical National Infrastructure (CNI) sectors Deep knowledge of regulatory and assurance frameworks such as ISA/IEC 62443, NCSC CAF, NIS Regulations, NIST CSF, and ISO/IEC 27001 Proven track record of leading secure digital transformation across complex IT/OT environments Strong understanding of enterprise security architecture, Secure by Design practices More ❯

Engineering Role. Leading delivery of MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer More ❯

Engineering Role. Leading delivery of MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer More ❯

Engineering Role. Leading delivery of MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer More ❯

a business environment Exposure to cloud migrations, ideally Azure (some AWS experience also fine) Experience supporting enterprise platforms like IIS & SQL Familiarity with compliance standards (ISO 27001, Cyber Essentials, NIST) There's no on call requirement, though some flexibility around out of hours work may occasionally be needed. This is a genuinely varied and collaborative environment, one where you can More ❯

including the majority in a security role and some in a leadership role. Industry-recognised security certifications such as CISSP, CISM (preferred). Proven expertise in cybersecurity frameworks (e.g., NIST, ISO) and securing modern digital environments. A strong background in risk assessment, security governance, and compliance. Familiarity with OT/SCADA systems and cyber risks in industrial or maritime settings More ❯

OT Cyber Defence Centre (CDC). Desired Experience and Skills Strong background in OT cybersecurity, ICS/SCADA systems, or industrial control networks. Familiarity with security frameworks such as NIST, IEC62443, NIS Regulations, CAF, or SoGP. Understanding of threat intelligence, attack surfaces, and cyber kill chains relevant to OT. Proven experience in vulnerability management and incident response in OT contexts. More ❯

as well as a deep understanding of cyber security regulations as they apply to different sectors Analysis and management of risks and cybersecurity controls. Standards and methodologies: ISO 27000, NIST, SANS CSC, etc Understanding of Infrastructure, Networking and Cloud environments Knowledge in Identity & Access Management Knowledge in Backup & Recovery technologies and installation Previous experience working with or within an Incident More ❯

Cyber/Engineering Role. Involvement in MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Knowledge or application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Managing risks and services in accordance with customer, regulatory and legislative expectations. Experience outside of traditional enterprise IT scenarios extending to More ❯

or cyber security, or equivalent professional certification. Experience: 3+ years in a Cyber/Engineering role. Involvement in MOD accreditation and secure by design processes. Knowledge of standards like NIST SP 800-30, 37, 53. Experience managing risks and services in compliance with regulations. Experience with software, firmware, and hardware security. Conducting risk assessments, threat modelling, vulnerability analysis. Overseeing security More ❯

HAD ANY Experience of conducting control testing, technical reviews or audits to understand cyber compliance needs aligned to technical and regulatory standards. Experience of cyber risk management, security frameworks (NIST, ISO27001) cyber compliance, assurance, and attestation work. Exposure to facilitating penetration testing, security risk assessments, driving the remediation of cyber vulnerabilities and remediating or mitigating cyber risks. Experience of security More ❯

HAD ANY Experience of conducting control testing, technical reviews or audits to understand cyber compliance needs aligned to technical and regulatory standards. Experience of cyber risk management, security frameworks (NIST, ISO27001) cyber compliance, assurance, and attestation work. Exposure to facilitating penetration testing, security risk assessments, driving the remediation of cyber vulnerabilities and remediating or mitigating cyber risks. Experience of security More ❯

related Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve Proven experience of assessing and managing information risk in line with industry good practice (NIST, ISO 27001) Experience managing a team and working with customers ideally within a complex engineering or industrial setting Benefits: As well as a competitive pension scheme, BAE Systems also offers More ❯

related Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve Proven experience of assessing and managing information risk in line with industry good practice (NIST, ISO 27001) Experience managing a team and working with customers ideally within a complex engineering or industrial setting Benefits: As well as a competitive pension scheme, BAE Systems also offers More ❯

related Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve Proven experience of assessing and managing information risk in line with industry good practice (NIST, ISO 27001) Experience managing a team and working with customers ideally within a complex engineering or industrial setting Benefits: As well as a competitive pension scheme, BAE Systems also offers More ❯

related Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve Proven experience of assessing and managing information risk in line with industry good practice (NIST, ISO 27001) Experience managing a team and working with customers ideally within a complex engineering or industrial setting Benefits: As well as a competitive pension scheme, BAE Systems also offers More ❯

Expanding Technology company seeks its first Security Architect to join a security team of 7. In this role, you will develop and maintain security blueprints and repeatable patterns, design processes, set up documentation, and design the overall security architecture for More ❯

or cyber security, or equivalent professional certification. 5+ years of delivery experience in cyber/engineering roles. Experience with MOD accreditation, secure by design processes, and relevant standards like NIST, Defstan, etc. Experience managing risks and services per regulatory and legislative standards. Experience with proprietary and open-source software, hardware, and firmware security. Ability to develop and analyze security designs More ❯

of IT fundamentals, including networks (LAN/WAN), operating systems, Active Directory, authentication systems, cloud computing, and core security concepts. Familiar with industry security standards and frameworks such as NIST, CIS, and ISO, and able to apply them in practice. Proven ability to work effectively in teams, with strong communication and presentation skills and a commitment to a positive work More ❯

address any security gaps or vulnerabilities. Work with auditors to and supply evidence as required. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Mentoring and support for other members of the Team. What You'll Bring … and cloud directory services (LDAP, Azure AD, GSuite etc.) Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have a good understanding of Access Controls and Identity Lifecycle management. Have excellent communication and More ❯