26 to 50 of 661 NIST Jobs in the UK

our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response … and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role based in Dudley, UK, with travel up to 30% of the time. Responsibilities Implement … security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and More ❯

focus on hands-on security engineering and operations. In-depth knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud More ❯

We are seeking an experienced Security Engineer to join our dynamic and growing team. The successful candidate will play a crucial role in supporting management with securing our organization's infrastructure, systems, and data against cyber threats. As a Security More ❯

tools like LogRhythm, Qualys, SCCM, Intune, Microsoft 365, AD, and enterprise anti-malware Technical knowledge in network segmentation, firewalls, Mitre Att&ck, Windows, Linux, and Mac, with experience in NIST standards and frameworks About You Bring strong analytical, problem-solving, and interpersonal skills to collaborate across teams and explain complex technical details in an accessible way. Diversity, equity, and inclusion More ❯

such as CISSP, CISM, CISA, or equivalent. Experience: 10+ years of information security experience. Financial/Fintech services/payments desirable. Deep knowledge of security frameworks (PCI, ISO 27001, NIST) and regulations (GDPR, CCPA). Experience with PCI DSS compliance and implementation. Proven success in managing external auditors to achieve positive outcomes. Expert in information security with strong communication and More ❯

collaboration skills; able to guide developers, write clear documentation, and engage stakeholders. Nice to have: Certifications such as OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. More ❯

Duties Governance, Risk & Compliance: Develop, implement, and maintain the company's information security governance framework. Lead the strategy and execution for security compliance initiatives including SOC 2 , ISO 27001 , NIST , and other relevant standards. Oversee and manage the enterprise risk management program , including identification, assessment, and mitigation of information security risks. Regularly report to executive leadership and the board on … with 5+ years in a senior leadership role (CISO, VP of Security, or equivalent). Deep knowledge of governance frameworks and compliance standards (e.g., SOC 2, ISO 27001, HIPAA, NIST, GDPR). Proven experience managing or leading successful SOC 2 audits and other regulatory/compliance initiatives. Confident engaging with auditors and enterprise clients; experience representing security to financial institutions. More ❯

/IPS), endpoint protection, encryption, identity and access management (IAM), and security information and event management (SIEM) systems. Strong understanding of security frameworks, standards, and regulations, including ISO 27001, NIST Cybersecurity Framework, GDPR , NCSC Cyber Essentials Plus, with experience in implementing and maintaining compliance with these requirements. Excellent leadership and communication skills, with the ability to effectively communicate security-related More ❯

trends, regulations, and best practices. Essential Requirements: Degree in a relevant field or professional certification (CISSP, CISM, etc.). Strong understanding of cybersecurity challenges, industry standards (GDPR, ISO 27001, NIST CSF, Cyber Essentials), and risk management. Expertise in networking, operating systems, cloud computing, application security, and endpoint security. Experience managing cybersecurity teams and handling security incidents in a large organization. More ❯

trends, regulations, and best practices. Essential Requirements: Degree in a relevant field or professional certification (CISSP, CISM, etc.). Strong understanding of cybersecurity challenges, industry standards (GDPR, ISO 27001, NIST CSF, Cyber Essentials), and risk management. Expertise in networking, operating systems, cloud computing, application security, and endpoint security. Experience managing cybersecurity teams and handling security incidents in a large organization. More ❯

of how to secure a mix of Linux, Windows, Apple & Android OS. Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre. Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR. Experience operating and managing SIEM solutions, vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting for More ❯

to secure a mix of Linux, Windows, Apple & Android OS . Knowledge of network perimeter security, including firewalls, WAF, anti-virus, and O365 compliance & security centre . Familiarity with NIST (CSF Framework 2.0), ISO 27001, PCI-DSS, and GDPR . Experience operating and managing SIEM solutions , vulnerability management tools, and secure configuration tooling. Ability to use PowerShell and Python scripting More ❯

Web Application Firewalls, Intrusion Detection/Prevention, Incident Response, and Security Information and Event Management (SIEM), Identify and Access Management (IAM) controls. - Implementation experience with compliance frameworks such as NIST, PCI-DSS, ISO/IEC 27001, ISO/IEC 27017, FISC, etc Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability More ❯

Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g., firewalls, EDR, SIEM, vulnerability scanners). Exceptional analytical, problem-solving, and decision-making abilities. Excellent communication (written More ❯

Manager (CISM). Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self-starter with strong communication skills and be comfortable interacting More ❯

Compliance role A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) Experience with the design concepts associated with adoption of Cloud platforms (AWS and More ❯

Data Breach Notifications under GDPR). Key Skills & Technical Knowledge: Deep understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO 27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills-ability to brief More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

challenges. Lead C-level workshops on cyber strategy, risk management, and investment planning. Create business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development … mentoring and team leadership capabilities Technical Expertise Broad understanding of cyber domains (cloud, identity, operations, compliance) Hands-on experience with major cloud platforms and security technologies Familiarity with frameworks (NIST, ISO, COBIT) and regulatory compliance (DORA, NIS2) Solution architecture experience and vendor-neutral evaluation approaches Qualifications Degree in a relevant field or equivalent practical experience Preferred certifications: CISSP (with 5+ More ❯

internal security audits. Demonstrated experience working with compliance, legal, business teams, and clients to assess and document security risks and compensating controls. Advanced knowledge of risk management frameworks (e.g., NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and cloud services. Proficiency with risk analytics, GRC tools More ❯

social engineering, advanced persistent threats, threat actors, etc.) Knowledge of security best practices (physical, technical and organizational controls) Experience with IT and IS Governance frameworks such as COBIT, ITIL, NIST-CSF and ISO 2700x Experience with governance, compliance and audit within IT environments Experience of risk management, including risk analysis, mitigation and monitoring Knowledge of information security regulations and legislation More ❯

incident management, job/batch management) Email, messaging, and collaboration systems (Office 365, Exchange, SharePoint, instant messaging) Strong understanding of technology control frameworks and industry guidance such as COBIT, NIST, ISO27001, and FFIEC. Professional certifications such as CRISC, CISA, CISM, CISSP, CCSP, and AWS Certified Solutions Architect. Experience in managing regulatory exams and relationships with examiners and auditors Ability to More ❯

and NIS2 Review and select third-party security solutions; lead due diligence with EPC, O&M and SCADA vendors Serve as technical SME for compliance frameworks (ISO 27001, NIST CSF, GDPR, IEC 62443, CIS Controls) Collaborate with the DPO on data flow mapping, impact assessments (DPIA), breach notification readiness and audit responses Track emerging threats to the energy sector (e.g. More ❯

and NIS2 Review and select third-party security solutions; lead due diligence with EPC, O&M and SCADA vendors Serve as technical SME for compliance frameworks (ISO 27001, NIST CSF, GDPR, IEC 62443, CIS Controls) Collaborate with the DPO on data flow mapping, impact assessments (DPIA), breach notification readiness and audit responses Track emerging threats to the energy sector (e.g. More ❯