226 to 250 of 266 NIST Jobs in the UK

and playbooks. The role includes mentoring CIRT analysts , enhancing SIEM/SOAR automation, and continuously improving processes using frameworks such as MITRE ATT&CK, NIST 800-61, and PCI DSS. What this job is really about Owning cyber incident response end-to-end: from first alert, through containment and eradication … cases so you see retail-relevant threats early and clearly.? Being the person who connects the dots between frameworks like MITRE ATT&CK, NIST 800-61, PCI DSS and what actually happens on the ground. Who this will suit You've worked in SOC, Incident Response, or Threat Hunting and ...

across the full system lifecycle, ensuring compliance with JSP 440 (Leaflet 5C), JSP 453 and alignment to the National Institute of Standards and Technology (NIST) RMF and CSF frameworks. Key Responsibilities Lead continuous risk management within agreed risk appetite. Develop and maintain security artefacts (SMP, SAL, Risk Assessments, IR & Vulnerability … and audit remediation. Engage senior stakeholders and translate cyber risk into business impact. Essential Experience Proven cyber security risk or governance background. Strong knowledge of NIST RMF/CSF and MOD policy (JSP 440 & 453). Experience delivering risk assessments, health checks and remediation. Stakeholder management within MOD or Government ...

lifecycle according to the Security by Design framework and principles. Ensure knowledge and application of relevant standards, including but not limited to (ISO 44001, NIST 800-53, 800-171, 800-172, NIS2, DEFSTAN, JSP’s). Secure Development: Define and follow secure development guidelines. Collaborate with development teams to embed … and running of multiple tasks in parallel against challenging requirements. Expert knowledge and practical application of major IT Assurance frameworks and standards (ISO 44001, NIST 800-53, NIST 800-171, NIST 800-172, NIS2, DEFSTAN, JSP). Deep understanding and experience in implementing the Security by Design framework across ...

lifecycle according to the Security by Design framework and principles. Ensure knowledge and application of relevant standards, including but not limited to (ISO 44001, NIST 800-53, 800-171, 800-172, NIS2, DEFSTAN, JSPs). Secure Development: Define and follow secure development guidelines. Collaborate with development teams to embed requirements … and running of multiple tasks in parallel against challenging requirements. Expert knowledge and practical application of major IT Assurance frameworks and standards (ISO 44001, NIST 800-53, NIST 800-171, NIST 800-172, NIS2, DEFSTAN, JSP). Deep understanding and experience in implementing the Security by Design framework across ...

and risk reporting Ability to engage effectively with both technical and non-technical stakeholders across the business Familiarity with standards such as PCI-DSS, NIST SP800-53, NIST CSF, ISO 27001, and SOC 2 Practical experience using Large Language Models (LLMs) inday-to-day security risk management activities, including: Accelerating ...

technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security/Technology project Lead/execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate … and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint ...

Security & Governance : Architect enterprise-wide guardrails for safety (hallucination mitigation), security (prompt injection defense, PII masking), and fairness (bias detection). Apply governance frameworks (NIST AI RMF, ISO 42001) and design human-in-the-loop (HITL) workflows. Enterprise Integration & Scalability : Architect scalable integration patterns for agentic systems with enterprise platforms … across all three major clouds (Azure, AWS, GCP). • GenAI Ops & Governance: Hands-on experience with GenAI Ops tooling. Familiarity with AI governance frameworks (NIST AI RMF, ISO 42001) and their practical application. And AI FinOps & Model Routing • Framework Expertise: Hands-on development experience with one or more orchestration frameworks ...

Security & Governance: Architect enterprise-wide guardrails for safety (hallucination mitigation), security (prompt injection defense, PII masking), and fairness (bias detection). Apply governance frameworks (NIST AI RMF, ISO 42001) and design human-in-the-loop (HITL) workflows. Enterprise Integration & Scalability: Architect scalable integration patterns for agentic systems with enterprise platforms … across all three major clouds (Azure, AWS, GCP). • GenAI Ops & Governance: Hands-on experience with GenAI Ops tooling. Familiarity with AI governance frameworks (NIST AI RMF, ISO 42001) and their practical application. And AI FinOps & Model Routing • Framework Expertise: Hands-on development experience with one or more orchestration frameworks ...

within regulatory deadlines. Regulatory Compliance Oversight: Ensure adherence to UK GDPR, DPA 2018, PECR and relevant global frameworks such as CCPA, HIPAA, ISO 27001, NIST, PCI‐DSS and SOX. Audits & Assessments: Conduct data protection and information governance audits, gap analyses, and assessments to identify risks and improvement opportunities. Third‐Party … protection requirements and industry best practices. Technical & GRC Skills: Background in information security, GRC, risk management and working with frameworks such as ISO 27001, NIST, CIS and COBIT. Communication Skills: Ability to explain complex technical concepts clearly to non‐technical stakeholders. Stakeholder Influence: Proven experience influencing and engaging stakeholders ...

digital transformation and innovation goals. Establish governance frameworks for AI ethics, model transparency, and Responsible AI, ensuring adherence to regulatory and risk requirements (e.g., NIST AI RMF, EU AI Act). Serve as the senior executive sponsor for AI architecture, operating model design, and enterprise adoption roadmap. Enterprise AI & GenAI … modelling using PyCaret, Prophet, and Optuna to strengthen data‐driven decision‐making. Security, Compliance & Responsible AI Ensure alignment with enterprise security frameworks (SOC2, ISO27001, NIST). Oversee identity and access management via Azure AD, OAuth2, OpenID Connect, and enterprise IAM systems. Champion ethical AI practices, including bias detection, explainability, and ...

will embed Secure by Design principles, ensure compliance with JSP 440 and JSP 453, and align activities to frameworks such as National Institute of Standards and Technology RMF and CSF. You will oversee continuous assurance, manage risk assessments and treatment plans, support IT health checks, and ensure appropriate governance controls … cyber governance role within Defence or Government Strong working knowledge of JSP 440, JSP 453 and wider MOD security policy Experience operating within NIST RMF or CSF frameworks Production of Security Management Plans, Risk Assessments, and related artefacts Knowledge of vulnerability management, incident response and patch management Ability to manage ...

stakeholders to gather information,validate assumptions, and ensure clear alignment with security expectations. Assurance & Compliance: Conduct detailed assessments of proposed architectures and solutions against NIST 800-53 security controls, identifyingcontrol gaps and required mitigations. Required Skills & Experience: Strong working knowledge of NIST 800-53 controls and their application toEnterprise and ...

Execute point-in-time recovery and disaster recovery procedures Participate in resilience testing and DR exercises Security & Compliance Harden database environments in line with NIST, IEC 62443, ISO 27001 Manage access controls, auditing, logging, and privilege management Apply patches within strict OT-approved schedules Documentation & Governance Produce detailed SOPs, architecture … environments Calm, incident-response mindset focused on safety and uptime Preferred Qualifications Oracle OCP/OCM Microsoft Certified: Database Administrator Knowledge of IEC 62443, NIST 800-82 or OT cybersecurity standards Experience with OT-to-IT data replication Linux/UNIX administration for Oracle environments Why Join? Work on mission ...

Security & Governance : Architect enterprise-wide guardrails for safety (hallucination mitigation), security (prompt injection defense, PII masking), and fairness (bias detection). Apply governance frameworks (NIST AI RMF, ISO 42001) and design human-in-the-loop (HITL) workflows. Enterprise Integration & Scalability : Architect scalable integration patterns for agentic systems with enterprise platforms … across all three major clouds (Azure, AWS, GCP). GenAI Ops & Governance : Hands-on experience with GenAI Ops tooling. Familiarity with AI governance frameworks (NIST AI RMF, ISO 42001) and their practical application. And AI FinOps & Model Routing Framework Expertise : Hands-on development experience with one or more orchestration frameworks ...

main contact for customers, auditors, and certification bodies * Supporting RFPs, RFIs, and security due diligence * Tracking regulatory and framework developments such as NIS2, NIST, and NCSC What they're looking for * Experience delivering and maintaining cyber certifications such as ISO 27001, SOC 2, CREST, or similar * Strong understanding of … environments and operational security * Customer-facing assurance experience, including audits and security due diligence * Knowledge of frameworks like NIST CSF, GDPR, and UK cyber regulatory expectations * Comfortable working with auditors, regulators, and senior technical teams * Strong stakeholder management and communication skills * Detail-driven, organised, and commercially aware Strong package, flexible ...

reporting , and working with stakeholders across business and technology. Key Responsibilities Perform technology, information security, data, and third-party risk assessments. Apply ISO 27001, NIST, GDPR, and UK/EU regulatory frameworks. Maintain and monitor enterprise risk registers and remediation actions. Engage stakeholders across business, IT, security, privacy, and compliance. … reviews, and governance forums. Skills & Experience Strong GRC/technology risk background within financial services or regulated environments. Hands-on experience with ISO 27001, NIST, GDPR, and risk assessment methodologies. Advanced Excel & strong PowerPoint reporting skills. Excellent communication and stakeholder-management capabilities. Detail-oriented, proactive, and able to work independently. ...

/Windows servers, SQL/Oracle databases Excellent attention to detail, communication skills, PowerShell scripting Incident management experience, Microsoft Office proficiency Desirable: ISO27001/NIST knowledge, Splunk/ServiceNow/SailPoint, 24/7 shift flexibility Location: London with hybrid working model (3 days in the office per week … great fit: Identity Access Management Engineer, IAM Engineer, RSA IGL Engineer, Cyber Security Engineer, Privileged Access Management Specialist, Identity Governance, SailPoint, Splunk, ServiceNow, ISO27001, NIST, financial services security. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate ...

/Windows servers, SQL/Oracle databases Excellent attention to detail, communication skills, PowerShell scripting Incident management experience, Microsoft Office proficiency Desirable: ISO27001/NIST knowledge, Splunk/ServiceNow/SailPoint, 24/7 shift flexibility Location: London with hybrid working model (3 days in the office per week … great fit: Identity Access Management Engineer, IAM Engineer, RSA IGL Engineer, Cyber Security Engineer, Privileged Access Management Specialist, Identity Governance, SailPoint, Splunk, ServiceNow, ISO27001, NIST, financial services security. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate ...

technology risk assessments, evaluating client environments from both a technical and business perspective. Review IT governance, systems, and controls against recognized standards (ITIL, COBIT, NIST, SOC2, ISO). Design and implement solutions to enhance performance, improve resilience, and increase value for clients. Experience required Significant consulting or industry experience focused … technical stakeholders. Experience guiding teams, planning engagements, and managing project delivery. Working knowledge and practical use of industry standards such as COBIT, ISO27001, NIST CSF, SOC2, and ITIL. A collaborative mindset and passion for driving results. Technology Risk & Resilience, Senior Consultant - London, Hybrid - £50k-£58k + bonus Robert Half ...

delivering cyber security best practices across network, infrastructure, BYOD, web, and cloud services. Strong working knowledge of governance and compliance frameworks including ISO 27001, NIST CSF, GDPR, and Cyber Essentials+. Demonstrable ability to communicate complex security concepts to non-technical audiences, including board-level stakeholders. This is a great opportunity … which showcases your experience in the above areas. CISO, Head of Information Security, Cybersecurity, legacy, cloud, operational resilience, CBEST, ISO/IEC 27001, NIST, Cyber Essentials+, information security, Head of Cyber, BYOD ...

including policy creation, risk assessments, and technical oversight. The organisation operates in a highly regulated environment, so experience with frameworks such as IEC 62443, NIST CSF, CAF, and ISO 27001 is essential. Experience required: Proven expertise in Operational Technology (OT) security within ICS or critical infrastructure environments Ability to define … and implement OT security strategies, policies, and standards Strong knowledge of OT security frameworks - IEC 62443, NIST CSF, CAF, ISO 27001 Experience conducting OT risk assessments, gap analysis, and remediation planning Familiarity with OT networks, segmentation, and industrial protocols Experience working with engineering teams and MSPs Must be SC Cleared ...

Hybrid - 2 days per week in the office - 3 days working from home | 4 Months Contract | £520/day Inside IR35 | Security Testing | CISSP | NIST | MITRE | ISO27001 | Our Financial Services client is seeking an Auditor with experience and strong technical knowledge of Information and Cyber Security best practices. In your … experience (e.g. security testing, ethical hacking). Strong technical knowledge and experience of Information and Cyber Security best practices, threats, risks, frameworks and standards (NIST, MITRE, ISO27001) SOC background/Network/Encryption experience is beneficial Communication skills Data Analytics; Python, Power BI Qualifications: Certified Information Systems Security Professional (CISSP ...

Hybrid - 2 days per week in the office - 3 days working from home | 4 Months Contract | £520/day Inside IR35 | Security Testing | CISSP | NIST | MITRE | ISO27001 | LONDON | Our Financial Services client is seeking an Auditor with experience and strong technical knowledge of Information and Cyber Security best practices. … experience (e.g. security testing, ethical hacking). Strong technical knowledge and experience of Information and Cyber Security best practices, threats, risks, frameworks and standards (NIST, MITRE, ISO27001) SOC background/Network/Encryption experience is beneficial Communication skills Data Analytics; Python, Power BI Qualifications: Certified Information Systems Security Professional (CISSP ...

Hybrid - 2 days per week in the office - 3 days working from home | 4 Months Contract | £520/day Inside IR35 | Security Testing | CISSP | NIST | MITRE | ISO27001 | LONDON | Our Financial Services client is seeking an Auditor with experience and strong technical knowledge of Information and Cyber Security best practices. … experience (e.g. security testing, ethical hacking). Strong technical knowledge and experience of Information and Cyber Security best practices, threats, risks, frameworks and standards (NIST, MITRE, ISO27001) SOC background/Network/Encryption experience is beneficial Communication skills Data Analytics; Python, Power BI Qualifications: Certified Information Systems Security Professional (CISSP ...

Information Security, Risk Analysis, Cyber Security, Information Security, International Cyber Security, 3rd Party Security Compliance, Risk Management, Risk Reporting, Audit & Compliance, Cloud Infrastructure, ISO2700x, NIST, SOC2, PCI, GDPR, Risk Assessments Type: Contract, Inside IR35 Duration: 12 Months Pay Rate: £400 - £495 per day Location: London, On-Site Working … Understanding of and hands-on experience with vulnerability detection tools (e.g. Qualys, CrowdStrike, Tenable, Prisma) Strong knowledge of IS compliance frameworks and standards (ISO2700x, NIST, GDPR, SOC2, PCI) Practical understanding of cyber security technology best practice Experience supporting EMEA or Global technology projects from an InfoSec risk perspective Blue-chip ...