1 to 25 of 36 NIST Jobs in the South West

Lead experience MOD/GDS Secure by Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ...

strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and ...

and infrastructure security Zero Trust principles Identity and Access Management (IAM) Secrets management Workload isolation and micro segmentation Knowledge of security standards and frameworks: NIST, ISO 27001, CIS Benchmarks NCSC Cloud Security Principles Government Security Classifications Policy Desirable Skills Experience with OpenShift or enterprise Kubernetes distributions. Hands on security tooling ...

and wider UK as required. Bristol/Corsham access would be ideal. Key experience areas include: Security Architecture Secure by Design NCSC CAF/NIST/ISO27001 Threat modelling and risk assessment Cloud Security (AWS/Azure/GCP) Security assurance and accreditation activities Defence or wider Public Sector environments ...

deployment processes for efficiency and consistency.Security: Expertise in cloud security best practices, identity and access management (IAM), encryption, and compliance frameworks (e.g., PCI DSS, NIST).Networking: Strong knowledge of cloud networking concepts, including virtual networks, subnets, security groups, load balancers, and VPN configurations.DevOps Principles: An understanding of DevOps practices and ...

threat modelling and security assurance • Experience supporting security activities across the engineering lifecycle • Knowledge of MOD and industry security standards/frameworks such as NIST, JSPs, Def Stan or ISO27001 • Experience working closely with technical engineering and delivery teams • Strong stakeholder engagement and communication skills Desirable: • Experience producing accreditation/ ...

engineering or SOAR automation Purple team or red team collaboration experience Forensic analysis experience (memory, disk, network) Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR) Apply now to be part of this impactful opportunity ...

Provide security advisory services across complex programmes that support critical UK public sector initiatives. Advise clients on regulatory and compliance frameworks, including ISO 27001, NIST, GDPR, and PCI-DSS. Communicate secure design principles and risk mitigation strategies to both technical and non-technical stakeholders. Research and develop innovative approaches ...

CSIRT and incident response capabilities Driving threat hunting, detection and monitoring improvements Owning vulnerability management and pen test governance Ensuring alignment with ISO27001, NIST, GDPR and regulatory expectations Communicating cyber risk clearly to senior stakeholders What we're looking for 5+ years' experience in cyber security , with leadership responsibility Strong ...

deployment processes for efficiency and consistency.Security: Expertise in cloud security best practices, identity and access management (IAM), encryption, and compliance frameworks (e.g., PCI DSS, NIST).Networking: Strong knowledge of cloud networking concepts, including virtual networks, subnets, security groups, load balancers, and VPN configurations.DevOps Principles: An understanding of DevOps practices and ...

Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D You will ideally hold CISM/CISSP or similar higher level recognised and current Information Security or Assurance certification Excellent stakeholder communication skills ...

stakeholders, and communicate findings effectively. Proven expertise in Cyber Security Auditing, with strong knowledge of: NCSC Cyber Assessment Framework (CAF). ISO 27000 series, NIST Cyber Security & Risk Management Frameworks. Legacy IA standards and NCSC guidance. Technical understanding of: Defensive Cyber principles. Enterprise Architecture and Secure Systems. Network & Cloud Security ...

and participation in HMG/MoD Security Working Groups Experience with the NCSC Cyber Assurance Framework (CAF) and GovAssure audits Knowledge and experience of NIST standards, e.g., the Cyber Security Framework, Risk Assessment Cyber security audit skills, knowledge and experience (e.g., ISO/IEC 27001 audit) Experience of Supplier Assurance ...

architecture, threat modelling, and designing or evaluating secure controls for enterprise‐level solutions. Strong understanding of industry cybersecurity frameworks and key control domains (e.g., NIST CSF, ISO 27001, FFIEC, SOC 2, GDPR). Thorough design and operational experience across one or more major public cloud providers (AWS, Azure, Google Cloud ...

vulnerability management, firewalls and network security Good understanding of risk management, vendor security assessments and compliance Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST On Offer: Salary up to £65,000 Hybrid working - approximately 2 days a week in office (Chippenham) 25 days annual leave plus bank holidays Private ...

including JSP 453 - Defence Information Architecture. Familiarity with enterprise architecture frameworks (e.g. TOGAF, MODAF, UAF). Knowledge of data governance and security standards (e.g. NIST, ISO/IEC 27001). Our Culture Our values stand on a foundation of safety, integrity, inclusion, and diversity. We put people at the heart ...

communication skills, with the ability to turn technical security concerns into clear, actionable decisions. Familiarity with recognised frameworks or certifications such as ISO 27001, NIST CSF or similar would be helpful. Experience in a product, platform or SaaS business. Experience in high-trust, regulated or mission-critical environments would ...

ISO27001 standard that you have the proven, battle-tested experience of achieving from the ground up. Aligning global security protocols with regional requirements, including NIST (Americas) and Essential 8 (Australia). Acting as the sole, energetic technical lead for vulnerability management and endpoint security across the worldwide estate. ...

maintaining recognised Industry Security Qualifications e.g., CCP, CISSP You'll have proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001)Y You'll bring significant experience with using security baselines, mitigations and controls You'll be considerably familiar with a life cycle phased ...

maintaining recognised Industry Security Qualifications e.g., CCP, CISSP You'll have proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001)Y You'll bring significant experience with using security baselines, mitigations and controls You'll be considerably familiar with a life cycle phased ...

/CISA/CIPT/ISO27001 Lead Auditor Experience working in a MoD restricted environment and knowledge of MoD security standards. Familiarity with the NIST/CSM V4 framework. What you'll get in return: Salary of between £60k-£65k 25 days annual leave + bank holidays - additional gained with ...

happy to discuss flexible working! Top 3 skills needed for this role: Information Security Governance & Risk Leadership Regulatory & Framework Expertise (ISO27001, GDPR, NIST) Stakeholder Communication & Security xkybehq Culture Influence What this role is all Please click on the apply button to read the full job description ...

happy to discuss flexible working! Top 3 skills needed for this role: Information Security Governance & Risk Leadership Regulatory & Framework Expertise (ISO27001, GDPR, NIST) Stakeholder Communication & Security Culture Influence What this role is all... LFWQ1_UKTJ ...

Accreditation Documentation Sets (RMADS) Security Operating Procedures (SyOPs) Security policies and standards Risk registers and treatment plans Ensure compliance with; JSP 440, JSP 604, NIST, ISO 27001 CAF and Secure by Design principles Work closely with Accreditor, Security Assurance Coordinators, and technical teams. Identify, assess, and manage information security risks. … and policies. Experience producing and reviewing RMADS and associated accreditation documentation. Knowledge of risk management methodologies and security assurance processes. Familiarity with: ISO 27001, NIST Cyber Security Framework, MOD security policies Secure systems accreditation Ability to communicate effectively with both technical and non-technical stakeholders. Experience working within highly regulated ...

maintaining quality and managing stakeholder expectations.* Willingness and flexibility to travel throughout the UK (and occasionally overseas) as required.* Relevant professional certifications (e.g., ISO27000, NIST Cyber Security Professional, CISMP, CISM, CISSP, CCSP, Chartered Cyber Security Professional) are highly desirable. Solid understanding of ‘Secure by Design’ methodology. Commitment to ongoing professional … and help them deploy that technology in live OT/ICS environments. Familiarity with OT cyber security standards or regulatory frameworks (e.g., IEC 62443, NIST CSF, NIS Regulations, HSE OG-0086).* Relevant OT cyber security qualifications (e.g., GICSP, IEC/ISA 62443). Membership of recognised security professional bodies ...