1 to 25 of 162 Remote NIST Jobs in Scotland

qualifications such as CISA, CISSP or CISM would also be desirable. Cyber security experience within a large complex corporate regulated environment and familiarity with cybersecurity regulations and frameworks (e.g., NIST, CIS, GDPR) and their application. Strong understanding of cybersecurity principles, threats, and risk management practices. Proficiency in security tools and technologies. Knowledge of data protection and privacy laws relevant to More ❯

pipeline practices Familiarity with telemetry and logging tools: Cribl, Elastic, Splunk, Fluentd, and Syslog Deep understanding of networking protocols, firewalls, VPNs, and security principles Experience with security frameworks (e.g., NIST, ISO 27001) and compliance requirements Knowledge of container security tools (e.g., Aqua, Twistlock, Trivy) and vulnerability scanners Excellent analytical and communication skills Preferred Qualifications: Certifications such as CISSP, CISM, CKS More ❯

technologies (e.g., data mesh, AI/ML) to enhance architecture.Champion data security, privacy, and compliance:• Implement data classification, encryption, and access control standards.• Ensure compliance with GDPR, ISO 27001, NIST, SOC 2, and sector-specific frameworks.• Develop secure data integration architectures and monitor sensitive data flows.• Lead security assessments and contribute to incident response planning.• Promote a security-by-design More ❯

Candidate The ideal candidate will possess the following: Strong understanding of IT, Security, and operational resilience in large organisations Proven experience with information security controls and standards (e.g. COBIT, NIST, ISO 27001/2) Demonstrable knowledge of Enterprise Risk Management in a technical setting Experience delivering assurance activities, including control testing Excellent communication, influencing and negotiation skills Ability to manage More ❯

translate complex technical risks into actionable business decisions and provide senior leaders with clear, data driven insights. You will also align the company with leading industry frameworks such as NIST CSF, NIST 800 53, and SOC 2, helping advance its risk maturity. What You'll Be Doing ** Lead and continuously improve the cyber risk management program, including oversight of the … a strong ability to influence stakeholders across IT and the business. You'll bring: ** 5+ years in cybersecurity risk management, GRC, or equivalent senior role. ** Hands on experience with NIST CSF, NIST 800 53, SOC 2, and risk frameworks. ** Experience in SOC 2 audit readiness and execution. ** Knowledge of enterprise GRC tools such as ServiceNow, Archer, or Purview Compliance Manager. More ❯

translate complex technical risks into actionable business decisions and provide senior leaders with clear, data driven insights. You will also align the company with leading industry frameworks such as NIST CSF, NIST 800 53, and SOC 2, helping advance its risk maturity. What You'll Be Doing ** Lead and continuously improve the cyber risk management program, including oversight of the … a strong ability to influence stakeholders across IT and the business. You'll bring: ** 5+ years in cybersecurity risk management, GRC, or equivalent senior role. ** Hands on experience with NIST CSF, NIST 800 53, SOC 2, and risk frameworks. ** Experience in SOC 2 audit readiness and execution. ** Knowledge of enterprise GRC tools such as ServiceNow, Archer, or Purview Compliance Manager. More ❯

managing the security of critical systems. Demonstrable experience of managing complexity in a working context. Experience of control frameworks in a technology or information security context. Working Knowledge of NIST 800-53 and IS4. Security Institute Membership and/or BCS Membership NB: Successful applicant will require active SC before assignment commences/be willing to undertake SC and be More ❯

managing the security of critical systems. Demonstrable experience of managing complexity in a working context. Experience of control frameworks in a technology or information security context. Working Knowledge of NIST 800-53 and IS4. Security Institute Membership and/or BCS Membership NB: Successful applicant will require active SC before assignment commences/be willing to undertake SC and be More ❯

managing the security of critical systems. Demonstrable experience of managing complexity in a working context. Experience of control frameworks in a technology or information security context. Working Knowledge of NIST 800-53 and IS4. Security Institute Membership and/or BCS Membership NB: Successful applicant will require active SC before assignment commences/be willing to undertake SC and be More ❯

and applications. ** Evaluate projects and initiatives for security risks, recommending appropriate mitigation and controls. ** Develop and maintain security frameworks and standards aligned to recognised best practice (e.g. ISO 27001, NIST, CIS). ** Ensure compliance with client and regulatory security obligations across all platforms and services. ** Collaborate with IT, Security Operations, and Risk teams to ensure security requirements are embedded throughout … in information security architecture and governance across enterprise environments. ** Expertise with Azure and Microsoft 365 security tooling and cloud security principles. ** Strong understanding of frameworks such as ISO 27001, NIST, and the Well Architected Framework. ** Experience with technologies such as SIEM, DLP, IAM, EDR, WAF, and SASE. ** Ability to communicate complex technical concepts to both technical and non technical audiences. More ❯

structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF/ISO 27001 and company standards. Define and agree control selection (prevent/detect/correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs … approach. Role Requirements 7+ years in information risk, security assurance or IT audit within regulated, safety-critical or industrial environments (energy/oil & gas preferred). Strong knowledge of NIST CSF, ISO 27001, UK GDPR and supplier assurance practices; familiarity with the UK CAF is desirable. Proven experience running compliance and assurance functions, Secure-by-Design reviews, and control testing More ❯

structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF/ISO 27001 and company standards. Define and agree control selection (prevent/detect/correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs … approach. Role Requirements 7+ years in information risk, security assurance or IT audit within regulated, safety-critical or industrial environments (energy/oil & gas preferred). Strong knowledge of NIST CSF, ISO 27001, UK GDPR and supplier assurance practices; familiarity with the UK CAF is desirable. Proven experience running compliance and assurance functions, Secure-by-Design reviews, and control testing More ❯

awareness, and the confidence to engage at every level. Ideally, youll have: Strong experience in cybersecurity risk management or GRC roles A solid understanding of industry frameworks such as NIST CSF, NIST 800-53, or SOC 2 Hands-on involvement in audit or certification readiness programmes Excellent communication skills with the ability to translate security risk into business value This More ❯

audits and assessments of the IAM stack to identify and resolve security gaps, and provide evidence to auditors as required. Stay current with emerging technologies and security frameworks (e.g., NIST, NCSC), proactively recommending upgrades and improvements to senior stakeholders. Provide technical guidance and mentoring to team members, supporting best practices in authentication, access control, and identity lifecycle management. Develop and … Azure AD, GSuite, LDAP). Deep understanding of legacy and modern authentication protocols, access controls, and identity lifecycle management. Strong security awareness and familiarity with standards such as ISO27001, NIST, and CIS, with experience conducting audits and implementing controls. Solid grasp of Web APIs including SOAP, REST, and GraphQL, and their role in IAM integrations. Excellent communication, organisational, and stakeholder More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯