201 to 225 of 338 NIST Jobs in the UK

IAM, DLP, Network Security and Penetration Testing Managing outsourced security providers and holding them to account on performance Acting as SME for security improvement projects, aligned to ISO27001/NIST Managing security incidents, including forensic investigations and post-incident reviews Supporting governance, due diligence and audit activity across the security function Key Requirements: Significant experience leading IT security operations within … major IT/cloud transformation initiatives, ensuring security is integrated throughout Good understanding of security standards, procedures, reviews and security automation Familiarity with security frameworks such as ISO27001 and NIST Strong stakeholder management skills, with the ability to work closely with IT, Security, Risk and external suppliers To discuss this permanent opportunity in more detail, please get in touch directly More ❯

up. Key Responsibilities: Identify and integrate security requirements throughout the product and system development lifecycle. Lead threat modelling and risk assessments, applying frameworks such as ISO/IEC 27001, NIST 800-30/53, and ISO 31000. Advise on secure architectures and develop strategies to mitigate identified information risks. Collaborate with multi-disciplinary teams to ensure compliance with MOD and … the Defence, Aerospace, or National Security sectors. Deep understanding of HMG Security Policy Framework and MOD-specific standards. Familiarity with risk management methodologies (ISO 27001/2, ISO 27005, NIST frameworks). Strong analytical and problem-solving abilities - able to assess complex data and provide actionable insights. A collaborative communicator who can balance technical assurance with business priorities. Ability to More ❯

work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This role is majority onsite … PCI-DSS environment Develop, maintain, and evolve the cyber governance and compliance framework. Define and manage information and cyber security policies, standards, and procedures. Ensure alignment with ISO 27001, NIST CSF, GDPR, and other relevant regulations. Partner with internal teams to integrate governance and compliance into daily operations. Support policy reviews, updates, and communication across business units. Risk Management & Assurance More ❯

work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This role is majority onsite … PCI-DSS environment Develop, maintain, and evolve the cyber governance and compliance framework. Define and manage information and cyber security policies, standards, and procedures. Ensure alignment with ISO 27001, NIST CSF, GDPR, and other relevant regulations. Partner with internal teams to integrate governance and compliance into daily operations. Support policy reviews, updates, and communication across business units. Risk Management & Assurance More ❯

work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This role is majority onsite … PCI-DSS environment Develop, maintain, and evolve the cyber governance and compliance framework. Define and manage information and cyber security policies, standards, and procedures. Ensure alignment with ISO 27001, NIST CSF, GDPR, and other relevant regulations. Partner with internal teams to integrate governance and compliance into daily operations. Support policy reviews, updates, and communication across business units. Risk Management & Assurance More ❯

SDLC, partnering with IT, product, and development teams. Conduct risk assessments and threat modeling, proactively identifying vulnerabilities and mitigation strategies. Develop and maintain security policies and frameworks aligned with NIST, ISO 27001, and CIS Controls. Lead PCI-DSS architecture and compliance, ensuring both front- and back-office systems meet standards. Guide and mentor teams in best-practice security engineering, fostering … cybersecurity, with at least 3 in security architecture or design leadership. Deep understanding of AWS security, hybrid cloud design, and modern DevSecOps principles. Strong knowledge of frameworks such as NIST, ISO 27001, OWASP, and CIS. Experience designing and implementing secure, compliant PCI-DSS solutions. Solid grounding in tools and technologies like SIEM, IDS/IPS, DLP, endpoint protection, IAM, and More ❯

is a hands-on consulting position delivering Governance, Risk and Compliance (GRC) projects for major enterprise clients — including risk management, cloud security governance, and compliance frameworks such as ISO27001, NIST CSF, CIS Top 18 and COBIT .You’ll play a key role in engaging with senior stakeholders, assessing cyber maturity, and driving best-practice improvements across a range of industries. … levels. Skills & Experience Required 4+ years’ experience in a professional consulting role, ideally within enterprise IT security, governance, or risk management. Proven delivery experience using frameworks such as ISO27001, NIST CSF, CIS, COBIT , or equivalent. Strong client-facing skills, with the ability to communicate technical concepts to non-technical audiences. Relevant industry certifications such as CISSP, CISA, CRISC, CISM, or More ❯

structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF/ISO 27001 and company standards. Define and agree control selection (prevent/detect/correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs … approach. Role Requirements 7+ years in information risk, security assurance or IT audit within regulated, safety-critical or industrial environments (energy/oil & gas preferred). Strong knowledge of NIST CSF, ISO 27001, UK GDPR and supplier assurance practices; familiarity with the UK CAF is desirable. Proven experience running compliance and assurance functions, Secure-by-Design reviews, and control testing More ❯

structured IT and information security risk assessments and threat modelling for new IT platforms, systems, and applications and for material changes. Provide security architecture advice (patterns, guardrails) aligned to NIST CSF/ISO 27001 and company standards. Define and agree control selection (prevent/detect/correct) proportionate to risk, including identity, data and platform controls. Conduct IT control walkthroughs … approach. Role Requirements 7+ years in information risk, security assurance or IT audit within regulated, safety-critical or industrial environments (energy/oil & gas preferred). Strong knowledge of NIST CSF, ISO 27001, UK GDPR and supplier assurance practices; familiarity with the UK CAF is desirable. Proven experience running compliance and assurance functions, Secure-by-Design reviews, and control testing More ❯

We are the security engineering team, skilled in cybersecurity, cloud security, application security, and regulatory compliance. Our global distribution allows us to leverage unique experiences and skillsets to build and operate security services that safeguard our platform. We prioritize a More ❯

for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security/Technology project Lead/execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global … to ensure secure system designs and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection. Strong analytical and problem More ❯

incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews … analysts, building high-performing teams, and managing effective shift models. Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem More ❯

work closely with both internal and external stakeholders across Legal, Risk & Audit, Procurement, and IT to embed strong governance and maintain alignment with leading standards such as ISO 27001, NIST CSF, and GDPR. The position combines both strategic oversight and hands-on delivery, providing clear visibility of risks and driving measurable improvements in security maturity. This role is majority onsite … PCI-DSS environment Develop, maintain, and evolve the cyber governance and compliance framework. Define and manage information and cyber security policies, standards, and procedures. Ensure alignment with ISO 27001, NIST CSF, GDPR, and other relevant regulations. Partner with internal teams to integrate governance and compliance into daily operations. Support policy reviews, updates, and communication across business units. Risk Management & Assurance More ❯

Information Security Consultant required to join a global organisation in Glasgow and play a key role in evaluating security risks across projects, technology initiatives, and third-party suppliers. This is a chance to influence how a global firm approaches security More ❯

Security Analyst/Information Assurance + London with hybrid working + Outside IR35 Contract + Junior-Mid level role - £400 to £480 per day Key Skills: + SC Clearance + Background in SIEM The Role We need a sharp Junior More ❯

As a Cyber Security Apprentice, you’ll play a vital role in protecting our organisation’s digital assets while developing your skills in one of the most in-demand areas of technology. Under the guidance of experienced professionals, you’ll More ❯

of operations here, in the UK, as an experienced GRC Information Security Analyst ? Do you have experience in the GRC Security space with audits, auditors, ISO27001, PCI DSS, SOC2, NIST & current compliance regulations? If so & you are looking to expand your information Security career, meet new team members, embrace new challenges & join a world-class team – we’d like to … what the role will entail, but see below for things we’ll need to see in order to be considered: - Knowledge and experience of ISO 27001, PCI DSS, SOC2, NIST and CIS benchmarking is essential. - Knowledge and experience achieving and maintaining compliance with relevant legislation, such as DPA, GDPR - Knowledge of cloud environments (AWS, Azure) & Windows, &/or Linux environments More ❯

of operations here, in the UK, as an experienced GRC Information Security Analyst Do you have experience in the GRC Security space with audits, auditors, ISO27001, PCI DSS, SOC2, NIST & current compliance regulations? If so & you are looking to expand your information Security career, meet new team members, embrace new challenges & join a world-class team – we’d like to … what the role will entail, but see below for things we’ll need to see in order to be considered: - Knowledge and experience of ISO 27001, PCI DSS, SOC2, NIST and CIS benchmarking is essential. - Knowledge and experience achieving and maintaining compliance with relevant legislation, such as DPA, GDPR - Knowledge of cloud environments (AWS, Azure) & Windows, &/or Linux environments More ❯

identifying efficiencies and supporting financial planning Governance & Compliance Ensure all IT operations meet the minimum requirements set by Group, including Technical Security Audit (based on CIS security controls) and NIST Frameworks. Development and review of IT policies and procedures Lead internal (e.g. GMR, system) and external audits (e.g. Cyber Essentials Plus) Infrastructure & Service Management Oversee the performance, maintenance, and security … IT Director Build strong relationships with internal stakeholders to understand business needs and deliver effective technology solutions SKILLS, EXPERIENCE & QUALIFICATIONS An understanding of Cyber Essentials Plus, CIS audits and NIST frameworks is also required to ensure the business meets the challenges of cyber security hygiene Hands on knowledge of Microsoft 365 is required to drive the platform forward to ensure More ❯

identifying efficiencies and supporting financial planning Governance & Compliance Ensure all IT operations meet the minimum requirements set by Group, including Technical Security Audit (based on CIS security controls) and NIST Frameworks. Development and review of IT policies and procedures Lead internal (e.g. GMR, system) and external audits (e.g. Cyber Essentials Plus) Infrastructure & Service Management Oversee the performance, maintenance, and security … IT Director Build strong relationships with internal stakeholders to understand business needs and deliver effective technology solutions SKILLS, EXPERIENCE & QUALIFICATIONS An understanding of Cyber Essentials Plus, CIS audits and NIST frameworks is also required to ensure the business meets the challenges of cyber security hygiene Hands on knowledge of Microsoft 365 is required to drive the platform forward to ensure More ❯

Cyber Security Risk Manager Cyber Security Risk Manager - Cyber Security Risk Assessments, Audits, GRC, Information Security Management, CRISK, CISM, CompTIA Security+, NIS, NIST, ISO 27001 - Hybrid (Manchester) - to £61,500 + excellent bonus + bens This is an outstanding opportunity to become my clients primary Cyber Security Risk Advisor working within a high-profile and growing Cyber Security function which … management skills including the ability to write and present detailed reports - Certification in Information Security Management would be ideal (CRISK, CISM, COMPTIA Security+) - Cyber Security audit experience (NIS/NIST/ISO 27001) would be preferred, along with knowledge of vulnerability management platforms The role also involves consulting on ratings for IT/OT Physical Cyber risks and supporting stakeholders … best practice and guide the business through upcoming certifications and audits. Cyber Security Risk Manager - Cyber Security Risk Assessments, Audits, GRC, Information Security Management, CRISK, CISM, CompTIA Security+, NIS, NIST, ISO 27001 - Hybrid (Manchester) - to £61,500 + excellent bonus + bens Essential Recruitment is a specialist Tech recruitment business with an in-depth understanding of the rapidly-changing nature More ❯

or Docker) • Build CI/CD pipelines for reliable code deployment Security & Compliance • Implement security best practices across the platform (IAM, secrets management, encryption) • Support compliance initiatives (ISO 27001, NIST, GDPR, MCERTS, etc.) • Manage network configuration, firewalls, and secure endpoints Monitoring & Reliability • Set up observability and monitoring tools (Prometheus, Grafana, Datadog, or CloudWatch) • Ensure high availability, scalability, and cost efficiency … Exposure to IoT data ingestion and stream processing (MQTT, Kafka, Kinesis, etc.) • Familiarity with data lake/analytics environments (S3, Athena, Snowflake, BigQuery) • Experience with security frameworks (CIS Benchmarks, NIST, SOC2) • Previous work in regulated industries (water, utilities, energy, or environmental monitoring) • Certification: AWS Certified SysOps Administrator/DevOps Engineer or equivalent What we can offer you: Enhanced maternity, paternity More ❯

security strategy within our Managed Services environment. This is a strategic and hands-on leadership position - you'll oversee security governance, ensure compliance with leading frameworks (Cyber Essentials, ISO27001, NIST), and maintain a strong internal security posture across our systems and services. You'll lead Quarterly Security Reviews (QSRs), manage client risk registers, and act as a trusted advisor translating … Translate technical risks into meaningful business impacts and recommendations. Manage internal and client risk registers and exception processes. Oversee security compliance across frameworks such as Cyber Essentials+, ISO27001, and NIST . Ensure secure deployment and monitoring of core MSP systems (RMM, XDR, PSA, backup, etc.). Collaborate with service and project teams to embed security into delivery and change control. … senior stakeholders and enjoy leading teams and shaping best practice. Essential Skills & Experience 5+ years in IT security or MSP environments . Strong understanding of Cyber Essentials, ISO27001, or NIST frameworks. Experience managing patching, vulnerability, and risk governance . Skilled communicator with the ability to explain risks to non-technical audiences. Proven experience leading client-facing security reviews . Desirable More ❯

coordination with IT security. Implement network segmentation, monitoring, and secure remote access practices for OT systems in collaboration with Morgan's network team. Ensure compliance with cybersecurity frameworks (e.g., NIST, ISA/IEC MES and Digital Manufacturing Enablement: Serve as the technical lead for MES platform architecture, governance, development, and deployment. Drive standardization and scalability of MES solutions across plants. … with common MES platforms (e.g., Siemens Opcenter, Rockwell FactoryTalk, GE Digital, Ectobox, Ignition, Tulip, Litmus, etc.). Knowledge of cybersecurity standards relevant to OT (e.g., ISA/IEC 62443, NIST CSF). Understanding of data integration, IIoT platforms, and edge computing. Leadership and Communication: Strong stakeholder management and collaboration skills. Ability to translate technical complexity into business-aligned initiatives. Comfortable More ❯

across Sales, Business Development, and technical teams to embed security considerations throughout the solution lifecycle. Produce and maintain governance and compliance documentation aligned to standards such as ISO 27001, NIST, GDPR, NIS2 and other relevant regulations. Provide expert input into bids, including cost modelling, risk assessments, and solution clarification through workshops and scoping sessions. Act as a trusted advisor on … technologies, and cyber security trends. Coordinate resources and timelines to ensure solution readiness across the sales pipeline. Skills & Experience Strong knowledge of cyber security principles and frameworks (ISO 27001, NIST, GDPR, NIS2, ISA/IEC 62443). Experience designing security or IT solutions for complex or regulated environments. Strong communication and stakeholder engagement skills. Expertise in scoping, architecture design, and More ❯