26 to 50 of 468 NIST Jobs in the UK

reporting activities. Implement and enforce access control policies aligned with corporate governance. Design and review workflows for joiners, movers, and leavers. Maintain compliance with standards such as ISO 27001, NIST, and GDPR. Apply IAM theory to support zero-trust security models and defence-in-depth strategies. Evaluate complex access scenarios and formulate risk mitigation strategies. Understand integration concepts with federated More ❯

common and emerging vulnerabilities including their manifestation in different architectures (web applications, thick clients, APIs, networked infrastructure etc) Familiarity with industry standard guidance OWASP Top 10, SANS Top 25, NIST/CSC, CIS, NCSC etc. Applied understanding of topics such as authentication, access control, encryption, cloud security, operating system security, network security, database security. Experience of writing succinct, reader oriented More ❯

this role you must have demonstrable hands-on expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including the NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the UK Telecom Security Act would be advantageous More ❯

environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability More ❯

environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability More ❯

of working in large, complex technology programmes involving multiple concurrent projects with significant experience of delivering through offshore/nearshore strategic vendors. Knowledge of security frameworks & standards (ISO 27001, NIST, CIS, GDPR, SOC 2) Be experienced in 'hands on' technology software delivery from initiation to implementation. Have knowledge of programme and project management methodology and managing full lifecycle of programmes More ❯

standards, and procedures or guidelines acrossthe organisation. • Development of new organizational processes within the organization. • Ensure the organization's internal regulatory compliance. • Monitor compliance with regulations such as ISO27001, NIST, NIS2, SOC2, ENS, or ANSSI. • Maintenance of Information Security KPIs for the maintenance of existing certifications. • Analysis and management of the authorization of HR, IT, TECH and business processes. • Identify More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

of: Working within the financial services industry, or other highly regulated industries in a technical role. Information security management, governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR; Information technology systems and processes, network infrastructure, data architecture, data processes and protocols; Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions More ❯

strategies to mitigate risks ️ Collaborating with engineering teams to integrate security solutions into existing infrastructures ️ Conducting security assessments and audits to ensure compliance with industry standards (e.g., ISO 27001, NIST, GDPR) ️ Leading the development of security policies, procedures, and best practices for enterprise systems What We're Looking For: ️ Proven experience as a Security Architect or in a similar senior More ❯

SaaS). Hands-on experience with industry-leading security tools across network, data, application, and cloud domains. Solid understanding and practical experience with compliance and security frameworks such as NIST CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR. Familiarity with enterprise architecture frameworks such as TOGAF. Experience 5 to 10+ years of experience in cybersecurity. Demonstrated experience creating reference architectures More ❯

SaaS). Hands-on experience with industry-leading security tools across network, data, application, and cloud domains. Solid understanding and practical experience with compliance and security frameworks such as NIST CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR. Familiarity with enterprise architecture frameworks such as TOGAF. Experience 5 to 10+ years of experience in cybersecurity. Demonstrated experience creating reference architectures More ❯

to work under pressure and manage multiple priorities effectively. Preferred Skills: Experience in regulated industries (e.g., finance, healthcare, critical infrastructure). Knowledge of compliance frameworks such as ISO 27001, NIST, GDPR, or CIS Familiarity with scripting or automation for incident response or scanning processes. Please feel free to contact myself - Daisy Nguyen at Gibbs Consulting/Atrium UK for a More ❯

practises. Experience with security assessment and risk management methodologies. Proficiency in cloud security, particularly with Azure security tools and services. Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS). Knowledge of security technologies such as firewalls and web proxies; experience with ZTNA, CTI, and threat modelling is beneficial. Excellent communication and interpersonal skills. Ability to work effectively More ❯

risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of More ❯

Architecture roles. 5+ years of hands-on cloud security experience (AWS, Azure, or GCP multi-cloud preferred). In-depth understanding of financial services compliance requirements and frameworks (e.g., NIST CSF, ISO 27001, CSA CCM, PCI DSS). Expert-level knowledge of IAM, network security, encryption, API and application security, container security, and SIEM strategies. Proven leadership in DevSecOps practices More ❯

especially AWS), application security, and modern DevSecOps. Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure. Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc. Background in threat modeling, incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer Science, Information Security, or related field. Bonus More ❯

malware. Vulnerability Management – Experience in identifying and mitigating system vulnerabilities. Automation Skills – Proficiency in security automation using scripting tools like Python or PowerShell. Frameworks & Compliance – Familiarity with ISO 27001, NIST 800-53, Cyber Essentials, and GDPR. Risk Management – Strong grasp of risk assessment methodologies and security control frameworks. Communication – Able to communicate technical concepts clearly to both technical and non More ❯

malware. Vulnerability Management Experience in identifying and mitigating system vulnerabilities. Automation Skills Proficiency in security automation using scripting tools like Python or PowerShell. Frameworks & Compliance Familiarity with ISO 27001, NIST 800-53, Cyber Essentials, and GDPR. Risk Management Strong grasp of risk assessment methodologies and security control frameworks. Communication Able to communicate technical concepts clearly to both technical and non More ❯

malware. Vulnerability Management - Experience in identifying and mitigating system vulnerabilities. Automation Skills - Proficiency in security automation using scripting tools like Python or PowerShell. Frameworks & Compliance - Familiarity with ISO 27001, NIST 800-53, Cyber Essentials, and GDPR. Risk Management - Strong grasp of risk assessment methodologies and security control frameworks. Communication - Able to communicate technical concepts clearly to both technical and non More ❯

network security, and secure software development. Incident management and alerts triage experience Experience in Microsoft Sentinel Strong understanding of security principles, technologies, and frameworks (e.g., NCSC guidance, ISO 27001, NIST). It is desirable that you have: Experience working with Django framework Good working knowledge of Query Languages (SQL, KQL (Kusto), etc.) How to apply As part of the application More ❯

Security Skills: Strong expertise in areas such as cyber strategy, risk management, cyber maturity assessments, security architecture, transformation programmes, and regulatory compliance. Familiarity with leading frameworks and standards including NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, and CRI2.0. Hands-on experience delivering security solutions and assessments in varied environments. Relevant certifications such as CISSP, CISM, CISA, M.Inst.ISP, or a postgraduate More ❯