13 of 13 Remote NIST Jobs in the South West

annual Due diligence framework in Risk Ledger, confirming accuracy and documentation Work in line with the overall control framework, which is aligned to ISO27001, ISO27017, ISO9001, FSQS audit and NIST Manage the admin around the Policy framework, ensuring accuracy and timeliness of updates Manage the timely collection of documentation around ICO registrations and insurances Manage the Client CRM and TP More ❯

Knowledge and Demonstrable Experience: Of MOD accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan More ❯

across diverse industries and client environments What You'll Bring Strong experience in cyber strategy, risk management, governance, architecture, and regulatory compliance Familiarity with frameworks and standards such as NIST CSF, ISO27001, NCSC CAF, GDPR, and NIS2 Industry-recognised certifications (e.g. CISSP, CISM, CISA, M.Inst.ISP, or equivalent) Practical experience in GRC, threat and vulnerability management, or operational resilience Proven delivery More ❯

Architecture, Secure Systems, Network & Cloud Security, System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP More ❯

Accountabilities: Lead and manage a team of three security professionals , supporting their development and day-to-day delivery. Ensure ongoing ISO27001 accreditation and alignment with broader assurance frameworks (e.g. NIST CSF, Cyber Essentials). Shape and implement the company's information security strategy , including policy, tooling, and training. Conduct risk assessments, oversee remediation plans, and guide secure-by-design approaches More ❯

years of relevant experience. In-depth knowledge of cloud platforms such as AWS and Microsoft Azure, as well as Microsoft Entra ID and M365. Familiarity with frameworks such as NIST CSF, Cyber Assessment Framework (CAF), and NCSC Cloud Security Principles. Proven ability to influence stakeholders and support secure delivery in large, complex environments. Excellent communication skills and ability to collaborate More ❯

ideally within the built environment or critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water More ❯

Asset Owner forms, Supplier Assurance Questionnaires. Experienced in relevant Security Policy and Cyber Security Frameworks including the GovS 007, MOD Secure by Design (SbD), ISO27001 - Information Security Management Systems, NIST, NCSC IA Guidance Qualifications for the Cyber Security Lead Educated to degree level or holds a relevant professional qualification or equivalent experience. Security Clearance The successful candidate must be able More ❯

of action The ability to understand how architects and designers employ technology to build systems of interest Digitally literate (including fluency in Microsoft Office tools) Able to understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯

and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and non-technical audiences. Security Clearance eDV clearance is More ❯

Design of security infrastructure and tools to support a SOC's mission of monitoring, detecting, analysing, and responding to cyber threats. Knowledge of the following policies and process. Required: NIST NCSC SOC Guidance NCSC CAF (CNI) Desirable: MoD JSP 440 MoD JSP 503 MoD JSP More ❯

statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint More ❯

include: Creating business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government … of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a given … of the Cyber Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯