276 to 300 of 310 NIST Jobs in the UK

opportunity has arisen to join our InfoSec team as a Security GRC Analyst, to assist in the delivery of security compliance assurance to frameworks such as PCI-DSS and NIST Cyber Security Framework. You will be managing security governance processes including Third Party Security Risk Management, and delivering controls assurance. What you'll be doing Assisting in meeting compliance requirements … within HL, such as PCI-DSS and in line with frameworks such as SWIFT CSCF, CSA CCM and NIST CSF. Assist with the technical security aspects of third-party security risk by conducting security due diligence and risk assessments for vendors, suppliers, partners, and contractors. Develop and mature processes and procedures for third party security risk management, including due diligence … in liaising with stakeholders at all levels and be confident in influencing business areas to meet compliance requirements. Demonstrable experience of working with compliance and risk management in a NIST CSF (Preferable) or ISO27001 aligned environment, along with an understanding of PCI-DSS. Experience in managing supply chain risk, including due diligence, risk escalation and treatment. Good writing capabilities, analytical More ❯

assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. … Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your ability to manage risk proactively. Proficiency in evaluating technical controls More ❯

assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. … Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your ability to manage risk proactively. Proficiency in evaluating technical controls More ❯

design and delivery of cyber strategies for large-scale organisations. Develop actionable cyber transformation roadmaps aligned to business needs. Advise on regulatory compliance and governance frameworks (e.g. ISO27001, GDPR, NIST). Engage confidently with stakeholders across technical teams, risk functions, and board level. Oversee cyber risk assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in … cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills, able to present complex topics to senior stakeholders. Previous experience in a client-facing More ❯

design and delivery of cyber strategies for large-scale organisations. Develop actionable cyber transformation roadmaps aligned to business needs. Advise on regulatory compliance and governance frameworks (e.g. ISO27001, GDPR, NIST). Engage confidently with stakeholders across technical teams, risk functions, and board level. Oversee cyber risk assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in … cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills, able to present complex topics to senior stakeholders. Previous experience in a client-facing More ❯

design and delivery of cyber strategies for large-scale organisations. Develop actionable cyber transformation roadmaps aligned to business needs. Advise on regulatory compliance and governance frameworks (e.g. ISO27001, GDPR, NIST). Engage confidently with stakeholders across technical teams, risk functions, and board level. Oversee cyber risk assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in … cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills, able to present complex topics to senior stakeholders. Previous experience in a client-facing More ❯

design and delivery of cyber strategies for large-scale organisations. Develop actionable cyber transformation roadmaps aligned to business needs. Advise on regulatory compliance and governance frameworks (e.g. ISO27001, GDPR, NIST). Engage confidently with stakeholders across technical teams, risk functions, and board level. Oversee cyber risk assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in … cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills, able to present complex topics to senior stakeholders. Previous experience in a client-facing More ❯

threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies … experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior (I More ❯

threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies … experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior (I More ❯

threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies … experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior (I More ❯

threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies … experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior (I More ❯

threat intelligence capabilities and integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security technologies … experience with incident investigation tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior (I More ❯

on highly complex programmes of work. Delivery of client engagements to support governance, risk and compliance against a range of cyber security regulations, frameworks and standards, including ISO 27001, NIST Regulations, CAF and secure by design. Staying on top of the latest developments within Cyber Security & Information Assurance by attending training and conferences. Working with the leadership and sales team … tenders and provide pre-sales support. About you: Experience: Security assurance, working with JSP440, JSP604 Security accreditation Secure by design Implementing security standards and frameworks, such as ISO 27001, NIST 800 and CAF Conducting Cyber Security risk assessments and managing risk management activities Good knowledge of IT systems covering traditional infrastructure, cloud platforms and SaaS Working within an operational security … role or security management/leadership position Working with various technical teams Conducting Cyber Security assessments and gap analysis against various frameworks. Qualifications: NIST Foundation/Practitioner CISM CRISC ISO 27001 Lead Implementer/Auditor CISSP CISMP What we offer: Our story to-date has been phenomenal, but success doesn't end here and as we continue to grow and More ❯

procedures . Manage and improve third-party/vendor risk management processes and assurance activities. Monitor compliance with regulatory requirements (e.g. FCA, GDPR ) and security frameworks (e.g. ISO 27001, NIST, CIS ). Provide oversight on the risk register and support risk committees with reporting and metrics. Support internal and external audits , collating evidence and ensuring timely remediation of findings. Deliver … of Information Security in governance forums and strategic initiatives. ✅ What We’re Looking For 3+ years’ experience in Information Security, GRC, or Risk & Compliance roles. Familiarity with ISO 27001, NIST, CIS Controls, or equivalent frameworks . Strong understanding of risk management methodologies and control frameworks. Excellent communication and stakeholder engagement skills with the ability to influence at all levels. Strong More ❯

CIS). What You ll Do Conduct vulnerability scanning using tools such as Tenable/Nessus, Qualys, or OpenVAS Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001 Perform and support Security Risk Assessments (SRA) across CIS assets Coordinate and track remediation activities with technical teams Ensure systems meet NATO operational and … occasionally in support of NATO operations (fitness and readiness required) What We re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as CISSP, CISM, CRISC, or CAP (required) ITIL v4 Foundation or higher Strong communication skills More ❯

CIS). What You’ll Do Conduct vulnerability scanning using tools such as Tenable/Nessus, Qualys, or OpenVAS Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001 Perform and support Security Risk Assessments (SRA) across CIS assets Coordinate and track remediation activities with technical teams Ensure systems meet NATO operational and … occasionally in support of NATO operations (fitness and readiness required) What We’re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as CISSP, CISM, CRISC, or CAP (required) ITIL v4 Foundation or higher Strong communication skills More ❯

CIS). What You’ll Do Conduct vulnerability scanning using tools such as Tenable/Nessus, Qualys, or OpenVAS Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001 Perform and support Security Risk Assessments (SRA) across CIS assets Coordinate and track remediation activities with technical teams Ensure systems meet NATO operational and … occasionally in support of NATO operations (fitness and readiness required) What We’re Looking For Proven experience in cybersecurity vulnerability assessment and risk management Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL) Hands-on experience with vulnerability management tools Certifications such as CISSP, CISM, CRISC, or CAP (required) ITIL v4 Foundation or higher Strong communication skills More ❯

Your new company With over 160 years of experience, this organisation combines a strong heritage with a clear focus on innovation and progress. It prioritises safety, sustainability, and high-quality service, while fostering an inclusive workplace where people are empowered More ❯

and resolve performance, connectivity, and security incidents. Driving continuously monitoring and fine-tune Zscaler configurations and policies for optimal performance. Take responsibility for Compliance and Governance. (ie HIPAA, GDPR, NIST) Contributing to detailed project documentation, including design, configuration, testing records, status & management reports. Providing guidance, mentoring and training to junior engineers. To be successful in the Zscaler Engineering role you … Cybersecurity Consultant, Security Specialist, ZIA & ZPA Certified Administrator, ZIA & ZPA Certified Professional, ZIA and ZPA delivery specialist, ZIA and ZPA support specialist, ZDTA, ZDTE, ZDXA, ZCDS, ZCSS, HIPAA, GDPR, NIST, Secure Access Services Edge, SASE, Web Application Firewall, WAF, Cloud, Kubernetes, We are Disability Confident and neurodiverse aware. If you have a disability, please tell us if there are any More ❯

and solution design. Deep understanding of HMG and MOD assurance models, including Security by Design (SbD). Strong background in risk assessment methodologies: HMG IA Standard 1&2, ISO27005, NIST 800-30. Familiarity with security control frameworks: ISO 27001 series, NIST 800-53, CIS. Ability to collaborate with technical architects to define and implement security controls across physical, procedural More ❯

and solution design. Deep understanding of HMG and MOD assurance models, including Security by Design (SbD). Strong background in risk assessment methodologies: HMG IA Standard 1&2, ISO27005, NIST 800-30. Familiarity with security control frameworks: ISO 27001 series, NIST 800-53, CIS. Ability to collaborate with technical architects to define and implement security controls across physical, procedural More ❯

Cloud Security Engineer Kent Hybrid Competitive Salary VIQU have partnered with a leading automotive organisation seeking a Cloud Security Engineer to join their growing security function. This role has been created to help bridge the gap between the cloud team More ❯

Cloud Security Engineer Kent – Hybrid Competitive Salary VIQU have partnered with a leading automotive organisation seeking a Cloud Security Engineer to join their growing security function. This role has been created to help bridge the gap between the cloud team More ❯

new, minimum-viable capabilities and hand them into service. Both posts sit under the Cyber Security Response Manager and are driven by the NCSC Cyber Assessment Framework (CAF) and NIST SP 800-61 r3 guidance for incident response. The culture is "good-enough-today, better-tomorrow": short, bullet-point artefacts, daily measurable progress, and rapid decision-making. ________________________________________ Background & Purpose Digital … service and assure resilience. ________________________________________ Shared Responsibilities - Operate to recognised frameworks - align policies, processes and runbooks to the NCSC CAF objectives for CNI resilience and the incident-handling lifecycle in NIST SP 800-61 r3, keeping documentation concise and auditable. - Embed pragmatic process - create bullet-point playbooks, runbooks and knowledge-base pages that teams can follow under pressure. - Build out a … SOC builds or rapid rebuilds from zero to operational within six-to-twelve months, ideally in regulated or high-availability sectors. - Framework fluent - comfortable applying NCSC CAF principles and NIST SP 800-61 r3 incident-handling guidance pragmatically, avoiding bureaucracy. - Hands-on leadership - coaches senior analysts, removes blockers in real time, and can work directly in SIEM, SOAR, EDR and More ❯

clear, meaningful reports for senior business and non-technical audiences. Create Board-level inputs and executive reporting packs with top-level narratives and insight-driven commentary. Ensure alignment with NIST frameworks and internal Cyber Risk Management principles. Identify, connect, and manage data sources, owners, systems, and submission cycles to ensure timely and accurate reporting. Conduct “check and challenge” analysis to … regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. Strong written and verbal communication More ❯