1 to 25 of 35 Remote NIST Jobs in the South West

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

need all of these. Experience in a hands-on Cyber Security focused role, primarily in the data security domain. A strong & demonstratable knowledge of security frameworks, standards and regulations (NIST, GDPR for example). Familiarity with cloud security principles and experience working with cloud platforms such as AWS and Snowflake. A clear and demonstratable understanding of data science principles and More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls and technical safeguards for ongoing compliance. Who You More ❯

Knowledge and Demonstrable Experience: Of MOD accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan More ❯

role. In addition, the following technical knowledge or experience will be helpful for some of our projects: Expertise in consultancy. Knowledge of secure by design. Cybersecurity industry standards (e.g. NIST, ISO 27001, ISA/IEC 62443, etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR More ❯

lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability … assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. More ❯

lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability … assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security vulnerabilities effectively. More ❯

in Cyber Security Good understanding of core security principles and tools Exposure to network security, vulnerability management, or risk assessments (preferred) Familiarity with security frameworks such as ISO 27001, NIST, or PCI DSS (preferred) Professional certifications like Security+, CEH, or CISSP are desirable Analytical mindset, attention to detail, and a proactive approach to learning What You'll Get Dedicated Mentorship More ❯

in Cyber Security Good understanding of core security principles and tools Exposure to network security, vulnerability management, or risk assessments (preferred) Familiarity with security frameworks such as ISO 27001, NIST, or PCI DSS (preferred) Professional certifications like Security+, CEH, or CISSP are desirable Analytical mindset, attention to detail, and a proactive approach to learning What You'll Get Dedicated Mentorship More ❯

Architecture, Secure Systems, Network & Cloud Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP More ❯

We keep evolving - Expert level knowledge and experience in vulnerability management, with deep knowledge of processes for identifying, classifying, and prioritising vulnerabilities using industry standard frameworks such as CVSS, NIST, and MITRE ATT&CK, with a track record of tailoring scoring models to organisational risk appetite.Proven ability to lead end-to-end vulnerability management initiatives in complex IT environments that More ❯

experience is likely to include . Proven experience leading IT assurance programmes. Substantial experience in security assessments and compliance oversight. Familiarity with ISMS and frameworks such as ISO 27001, NIST CSF, CIS Controls, or SCF. Understanding of cloud security, third-party risk, and regulatory standards (e.g., GDPR, UK DPA2018). Experience using GRC tools for internal and third-party risk More ❯

sharing across teams. What We’re Looking For Technical Experience & Knowledge Experience with risk management frameworks and methodologies such as ISO/IEC 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53. Strong understanding of security standards and frameworks including OWASP, Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138/… . Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and confidently. Proactive problem solver who approaches challenges with innovation and critical thinking. Highly organised with a methodical approach More ❯

or a Professional Security Qualification (CISA, CISM, CISSP) with solid practical experience as an IT Risk Specialist, with a good understanding of common information security management frameworks, such as NIST Cyber Security Framework and International Standards Organization (ISO) 27000. You will have great written and verbal communication skills, being able to produce written IT risk reporting on technical issues that More ❯

as the go-between for internal teams and external partners (think system integrators and cybersecurity vendors). Governance & Compliance: Manage risk and ensure our processes adhere to standards like NIST, IEC 62443, and ISO27001. Cultural Champion: Drive cyber awareness and foster a security-first mindset across the organization. Senior Reporting: Work closely with senior leadership to keep them updated on More ❯

IAM configurations. Strong understanding of IAM concepts (authentication, authorization, provisioning, SSO, MFA, PAM). Familiarity with directories (Active Directory, LDAP). Knowledge of industry security frameworks and compliance (e.g., NIST, ISO 27001). Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from More ❯

roles Strong knowledge of Azure, DevOps/cloud engineering, and platform reliability Experience driving observability and monitoring strategies across large-scale services Good working knowledge of cybersecurity practices, frameworks (NIST, ISO 27001, Cyber Essentials), and audit processes Vendor, contract, and license management experience across software and infrastructure suppliers Skilled communicator with experience managing stakeholders across business and technical teams Budget More ❯