1 to 25 of 469 NIST Jobs in the UK

or a related field with a focus on cloud security Familiarity with cloud computing platforms (AWS, Azure, Google Cloud, etc.). Knowledge of security standards such as ISO 27001, NIST, and SOC2. Experience with security tools such as vulnerability scanners, intrusion detection or prevention systems, and SIEM solutions. Experience with Vulnerability Management Excellent analytical and problem-solving skills. Strong communication More ❯

and improve the organization's defences. Policy and Compliance: Establish and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry frameworks (e.g., ISO 27001, NIST, GDPR). Conduct regular audits and assessments to identify gaps and ensure adherence to security policies. Reporting and Communication: Provide regular updates to senior leadership on the organization's security More ❯

successful participation in certification audits. Strong understanding of financial services regulations and their impact on information security. In-depth knowledge of information security frameworks, standards, and best practices (e.g., NIST, CIS). Experience with secure software development practices and application security testing. Strong technical understanding of network security, system security, and security architecture. Experience with risk management methodologies and tools. More ❯

AWS/Azure), incident response, and governance. Hands-on experience with SIEM, EDR, vulnerability management tools, and cloud-native security services. Familiarity with regulatory frameworks and industry standards (e.g., NIST, CIS, etc.). Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Prefer certifications such as GIAC, CISSP, etc. Prefer Bachelor's degree in Information Technology or related More ❯

/CD pipelines and cloud deployments. Manage output from cloud-native security tools (e.g., AWS GuardDuty, Azure Defender). Ensure compliance with industry regulations and standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Provide security guidance on architecture, design reviews, and cloud migrations. Create and maintain cloud security documentation, training materials, and incident response playbooks. Stay current on emerging cloud More ❯

Work with IT, security, and development teams to ensure solutions meet business needs. Required Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff NB: Please only apply if you are able to work from their Debden (IG10) offices Monday More ❯

years' experience in information security engineering & operations. In-depth knowledge of networking protocols, operating systems, and cloud technologies (AWS, Azure, GCP). Strong understanding of frameworks such as PCI, NIST, and ISO 27001. Hands-on experience with SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Certified Security Auditor (or equivalent) and UK Security Clearance eligibility. Preferred Certifications: CISSP More ❯

years' experience in information security engineering & operations. In-depth knowledge of networking protocols, operating systems, and cloud technologies (AWS, Azure, GCP). Strong understanding of frameworks such as PCI, NIST, and ISO 27001. Hands-on experience with SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Certified Security Auditor (or equivalent) and UK Security Clearance eligibility. Preferred Certifications: CISSP More ❯

an existing vulnerability management program Strong technical expertise in implementing a Prioritizationformula to vulnerabilities and misconfigurations and translating these into risks Excellent knowledge of Vulnerability Management frameworks such as NIST/SANS The following general characteristics are required: A team player with the ability to work independently and unsupervised Ability to own delegated tasks and see them through to completion More ❯

with SIEM platforms such as Microsoft Sentinel or Splunk. Experience working in or supporting a co-managed SOC environment. Solid understanding of security frameworks such as MITRE ATT&CK, NIST, or CIS. Knowledge of vulnerability management practices, risk assessment, and remediation coordination. Hands-on experience with: SentinelOne (EDR/XDR) Microsoft Defender for Endpoint/Microsoft 365 Defender Microsoft Purview More ❯

to secure a mix of Linux, Windows, Apple & Android OS . Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting More ❯

Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g., firewalls, EDR, SIEM, vulnerability scanners). Exceptional analytical, problem-solving, and decision-making abilities. Excellent communication (written More ❯

infrastructure-as-code security (Terraform, CloudFormation) and cloud security posture management. Strong understanding of identity & access management (OAuth, OIDC, SAML, JWT) and API security. Knowledge of industry frameworks like NIST, ISO 27001, and SOC 2. Experience driving developer enablement and security training initiatives. Excellent communication and collaboration skills to engage with engineering, product, and leadership teams. Preferred Qualifications Security certifications More ❯

with development, operations, and executive teams to ensure security practices are understood and implemented across the organization. Compliance: Ensure security architectures comply with regulations such as GDPR, ISO 27001, NIST, and other relevant standards. Requirements Education: Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred. Experience: At least 10 years in IT, with More ❯

experience in information security, with a focus on network security and architecture. Strong knowledge of malicious lateral movement techniques and mitigation strategies. Experience with security frameworks and standards (e.g., NIST, ISO 27001). Excellent communication and leadership skills. Relevant certifications such as CISSP, CISM, or TOGAF are highly desirable. Previous job roles that may indicate success include Information Security Architect More ❯

regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. More ❯

regulators, auditors, and third-party assessments. About You: Proven track record in cybersecurity management, including threat detection, incident response, and vulnerability management. Strong knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory compliance requirements (GDPR, NIS2). Hands-on expertise with firewalls, SIEM, IAM, IDS/IPS, and cloud security. Strong understanding of networking, infrastructure, and application security. More ❯

product development lifecycles. Conduct risk assessments and produce security documentation including RMADS, SyOPs, Security Cases, and Security Aspects Letters. Ensure compliance with relevant standards and frameworks including ISO 27001, NIST SP800, MOD JSPs, DEFSTANs, and airworthiness directives (e.g., DO-326A, DO-178C). Design secure cloud and hybrid environments using Azure and AWS, incorporating Zero Trust Architecture and DevSecOps methodologies. More ❯

requirements. Develop and maintain the ISMS manual and associated procedures. Align security strategies with business continuity and data protection programmes. Interpret IT governance and control frameworks such as: ITGC, NIST, COBIT, CSTAR, ITIL , and other standards to shape policy and monitor conformance. Analyse threat intelligence and risk trends to anticipate and prevent security breaches and advise on emerging technologies and More ❯

dotted-line relationship with the VP of TechOps. Responsibilities Security Strategy & Governance - Define and continuously refine the technical security roadmap that aligns with business objectives, industry best practice (e.g., NIST CSF, OWASP SAMM), and compliance frameworks (SOC 2, ISO 27001, GDPR). Secure SDLC & DevSecOps - Build and maintain guardrails for static/dynamic analysis, container and IaC scanning, SBOM management More ❯

awareness of clients and third parties Program Development: Assist in the development and delivery of security awareness programs Standards Implementation: Implement industry security standards such as Cyber Essentials, ISO27001, NIST-800-53, & Cloud Security Alliance CCM Report Generation: Generate reports for both technical and non-technical staff and stakeholders Product Evaluation: Test and evaluate security products Disaster Recovery Planning: Plan More ❯

following skills and experience: Strong expertise in defining, delivering, and supporting robust, resilient, and secure enterprise infrastructure. Experience with IT audits and compliance frameworks (CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. More ❯

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯