301 to 325 of 382 NIST Jobs in the UK

basics Experience with: Third-party risk/supplier assurance Policy management Risk and compliance processes Understanding of frameworks such as: ISO 27001/NIST/CIS (basic awareness is fine) Comfortable working in a delivery-focused, directive environment Someone practical, reliable and detail oriented Reasonable Adjustments: Respect and equality ...

Guardrails, Agents, and Knowledge Bases (RAG) . AI Security & Fundamentals: Solid understanding of Foundation Models, tool use (function calling), OWASP LLM Top 10 , and NIST AI RMF . Automation Stack: Strong Python development skills, experience with AI eval tools (Garak, Pyrit, Ragas), and building complex CI/CD test pipelines. ...

Guardrails, Agents, and Knowledge Bases (RAG) . AI Security & Fundamentals: Solid understanding of Foundation Models, tool use (function calling), OWASP LLM Top 10 , and NIST AI RMF . Automation Stack: Strong Python development skills, experience with AI eval tools (Garak, Pyrit, Ragas), and building complex CI/CD test pipelines. ...

and Business Continuity exercises. Strong analytical and problem-solving skills. Knowledge and experience of working within industry best practices and guidelines such as ITIL, NIST, ISO, and CIS environments. Knowledge of common attack types (phishing, malware, ransomware). Familiarity with vulnerability scanning and basic threat intelligence Strong teamwork skills and ...

threat assessment, incident response (CIRT). Risk & Compliance: Develop and maintain an industry‐standard Risk Management framework; ensure compliance with PCI‐DSS, GDPR, and NIST frameworks. Governance & Policy: Maintain Information Security policies and conduct regular audits of processes and controls. Technical Oversight: Coordinate vulnerability management, penetration testing, and code reviews … environments. You will bring expert‐level knowledge of perimeter, cloud, network, and data security, alongside a proven track record of embedding industry frameworks like NIST, ISO27001, or CIS into a large‐scale operation. Beyond technical defence, your role requires strong commercial acumen to navigate contract negotiations and vendor management, ensuring ...

Cheshire The opportunity Our client, a large UK-based multi-site enterprise, is delivering a multi-year cybersecurity, controls and resilience programme aligned to NIST CSF v2.0 and ISO/IEC 27001:2022. They require an experienced, hands-on Infrastructure Engineer to design, implement and uplift infrastructure controls translating ...

and strong stakeholder skills, including: CISM qualification (or equivalent) Strong knowledge of ISO 27001, ideally as a Lead Auditor or Auditor Working knowledge of NIST CSF and NIST SP 800-53 Excellent understanding of relevant legal, regulatory and compliance requirements Proven experience implementing and operating security management in line with ...

with clients, delivery teams, and senior stakeholders to embed security into solution design Standards & Compliance - Ensure adherence to industry standards such as ISO 27001, NIST, and government security policies Skills and Experience: Experience working as a Security Architect or in a senior security role within complex environments Strong practical experience … experience conducting threat modelling (e.g. STRIDE, attack trees) and risk analysis Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance Experience working in the UK Public Sector and associated security standards and guidance including GovAssure/NCSC CAF, HMG Security Policy Framework. ...

Accreditation Documentation Sets (RMADS) Security Operating Procedures (SyOPs) Security policies and standards Risk registers and treatment plans Ensure compliance with; JSP 440, JSP 604, NIST, ISO 27001 CAF and Secure by Design principles Work closely with Accreditor, Security Assurance Coordinators, and technical teams. Identify, assess, and manage information security risks. … and policies. Experience producing and reviewing RMADS and associated accreditation documentation. Knowledge of risk management methodologies and security assurance processes. Familiarity with: ISO 27001, NIST Cyber Security Framework, MOD security policies Secure systems accreditation Ability to communicate effectively with both technical and non-technical stakeholders. Experience working within highly regulated ...

security architecture across cloud, on-prem and hybrid environments developing, implementing and maintaining cyber security strategy and governance (aligned to various frameworks e.g. ISO27001, NIST, Cyber Essentials) overseeing security operations (SOC, threat detection, vulnerability management etc.), and incident response plans risk management and compliance, ensuring compliance with various standards and … CISA etc. have broad technical expertise/knowledge across cloud security (AWS, Azure, GCP), IAM, and security platforms knowledge of security frameworks e.g. ISO27001, NIST, Cyber Essentials etc. On offer Competitive salary and benefits package, including hybrid working. This is an exciting opportunity to grow with the business ...

guidance to ensure security risks are understood, managed and remediated in line with organisational risk appetite and recognised best practice frameworks (e.g. ISO 27001, NIST, CIS Controls). Key Responsibilities Deliver security risk identification, assessment, analysis and logging activities, ensuring risks are clearly articulated, consistently scored and recorded in approved … evidence. Excellent written and verbal communication skills. Ability to work collaboratively within a multidisciplinary team. Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls). Attention to detail and commitment to producing high‐quality documentation. Inclusive Hiring We understand that one size doesn’t fit all. ...

policies and procedures remain aligned with regulatory and industry standards. You will work hands on with key frameworks including ISO/IEC 27001, the NIST Cybersecurity Framework and Cyber Essentials, helping to monitor, implement and improve compliance activities across the business. As a proactive and detail driven member of … Cyber Security & Compliance Administrator you will Maintain and continually improve the organisation s Information Security Management System (ISMS) in alignment with ISO 27001 and NIST requirements. Conduct internal audits and support external audits for ISO 27001, Cyber Essentials and other key security frameworks. Monitor and promote compliance with security policies ...

policies and procedures remain aligned with regulatory and industry standards. You will work hands on with key frameworks including ISO/IEC 27001, the NIST Cybersecurity Framework and Cyber Essentials, helping to monitor, implement and improve compliance activities across the business. As a proactive and detail driven member of … Cyber Security & Compliance Administrator you will… Maintain and continually improve the organisation’s Information Security Management System (ISMS) in alignment with ISO 27001 and NIST requirements. Conduct internal audits and support external audits for ISO 27001, Cyber Essentials and other key security frameworks. Monitor and promote compliance with security policies ...

security and compliance programs. As a fast‐growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one. The Opportunity … complex accounts, and deliver an outstanding client experience — while also bringing deep expertise in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF. The successful candidate will be able to come up to speed quickly, integrate into the organization, and take on clients within your first ...

with SD-WAN solutions and cloud networking integration Hands-on experience with Kubernetes and container orchestration platforms Knowledge of security frameworks and compliance requirements (NIST, PCI-DSS) Experience with IT service management tools and change management processes Technical Skills Cisco ACI (APIC, fabric, leaf/spine architecture) Network switches and ...

maintaining quality and managing stakeholder expectations.* Willingness and flexibility to travel throughout the UK (and occasionally overseas) as required.* Relevant professional certifications (e.g., ISO27000, NIST Cyber Security Professional, CISMP, CISM, CISSP, CCSP, Chartered Cyber Security Professional) are highly desirable. Solid understanding of ‘Secure by Design’ methodology. Commitment to ongoing professional … and help them deploy that technology in live OT/ICS environments. Familiarity with OT cyber security standards or regulatory frameworks (e.g., IEC 62443, NIST CSF, NIS Regulations, HSE OG-0086).* Relevant OT cyber security qualifications (e.g., GICSP, IEC/ISA 62443). Membership of recognised security professional bodies ...

scoping, risk treatment, Statement of Applicability, internal audits, management review and external audit defence. Apply additional frameworks where they strengthen the group’s posture — NIST CSF, CIS Controls, NCSC Cyber Assessment Framework — and embed them into operational practice. Act as the group’s Data Protection Lead (not a statutory … wider stack — Salesforce, SimPRO, Unleashed, Supabase, Cloudflare, Microsoft Fabric. Hands‐on experience with KnowBe4 (or equivalent security awareness and phishing simulation platforms). NIST CSF, CIS Controls or NCSC CAF practical experience. Benefits This is a chance to own cyber security and data protection end-to-end for a three ...

resilience maturity assessments and tabletop exercises; identify and prioritise gaps in recovery capabilities. Design recovery playbooks: Create actionable recovery and communication plans aligned with NIST, ISO 22301, and industry best practice. Test and validate: Lead scenario-based simulations and recovery testing to validate processes, people, and technology readiness. Integrate with … complex enterprise environments. Practical understanding of incident response , crisis management , and cyber recovery operations . Familiarity with frameworks and standards such as ISO 22301 , NIST CSF , NIST SP 800-34 , and BS 65000 . Proven ability to engage at all levels — from technical recovery teams to C‐suite executives. Experience ...

techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCI DSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and … standards is highly advantageous Competence, knowledge, and skills Competence Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. 5 years experience in an Information Security role gained in a financial services or e-commerce environment is preferred Knowledge & Skills Excellent communicator, able to translate ...

support Manage vulnerability scanning and remediation tracking across infrastructure and cloud (Azure desirable) Support secure configuration, security best practices, and alignment to ISO27001 and NIST Contribute to security documentation (policies, SOPs, playbooks) and continuous improvement of controls Support BAU operations, projects, and penetration testing activities as required Key Requirements of … Rapid7 (or similar technologies) Experience supporting cloud environments, ideally Azure, within a security operations context Strong understanding of security frameworks such as ISO27001 and NIST Experience across both BAU security operations and project delivery Strong incident response experience, including investigation, escalation, and root cause analysis Ability to produce clear technical ...

practice. The role You will be responsible for: Delivering risk assessments, gap analyses and maturity reviews Advising clients on frameworks such as Cyber Essentials, NIST, CIS and ISO 27001 Conducting vulnerability assessments and identifying areas of security risk Supporting the implementation of security improvements across areas such … ideal candidate will have: Experience in a cyber security consultancy or client-facing advisory role Strong knowledge of GRC frameworks , including ISO 27001, NIST, CIS and Cyber Essentials Plus Experience delivering security assessments, control reviews and remediation plans A good understanding of technical security across infrastructure, cloud and SaaS environments ...

external auditors as appropriate to assess the standard of information and IT security across Robertson to meet the requirements of ISO 27001, PCI DSS, NIST 800-53 and Cyber Essentials Plus. Answer security questionnaires, assist in bid responses and develop cyber security plans as part of contract execution. Work with … record of delivering cost effective solutions to protect corporate assets and experience of achieving compliance against industry security standards such as ISO27001, PCI‐DSS, NIST 800 Series. Demonstrable experience in Security Risk management. Leadership experience with ability to mentor a team and to drive IT, Information and Cybersecurity awareness across ...

start, with structured support to grow into more independent delivery. Key Responsibilities: Cyber risk assessments, controls gap analyses and maturity reviews against ISO 27001, NIST Framework, GDPR etc. Supporting clients through certification and audit cycles - evidence, control mapping, remediation. Producing risk registers, treatment plans and improvement roadmaps clients can actually … communication, from technical teams to board level. Requirements: 3-7 years in cyber risk, information security, compliance or audit. Working knowledge of ISO 27001, NIST, GDPR. Certifications: ISO 27001 LI/LA, CISA, CRISC, CISM, CISSP. Cloud security review experience (AWS, Azure, M365). Strong written and verbal communication across ...

happy to discuss flexible working! Top 3 skills needed for this role: Information Security Governance & Risk Leadership Regulatory & Framework Expertise (ISO27001, GDPR, NIST) Stakeholder Communication & Security Culture Influence What this role is all about: As our Senior Information Security Officer, youll drive a business-wide security agenda, shaping … Information Risk management in alignment with the Enterprise Risk Framework Act as a trusted advisor on regulatory requirements and best-practice frameworks (ISO27001, GDPR, NIST, ITIL), protecting the confidentiality, integrity and availability of systems Lead security governance forums and manage the Information Security Governance team, including the Information Risk function ...

assessments, configuration reviews, and audits of AWS environments to identify vulnerabilities and recommend remediation. Implement and maintain AWS security controls aligned to ISO 27001, NIST and cloud security best practices. Proficiency in building/configuring SOAR platforms such as Shuffler and Tracecat. Develop security automation tooling, scripts, and infrastructure … and related cloud native controls. Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform. Solid understanding of ISO 27001 , NIST CSF , and cloud security best practices. Familiarity with commonly used open‐source security testing tools (e.g., BurpSuite, ZAP, Nikto, Metasploit, SQLmap). Behaviours & Mindset Highly ...