426 to 450 of 501 NIST Jobs in the UK

statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint More ❯

statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint More ❯

statements to technical and non-technical audiences at various hierarchical levels Deep knowledge of common information security management frameworks and standards, such as ISO/IEC 27001/27002, NIST 800-53, and the NIST Cybersecurity Framework Soft skills: collaboration, teamwork, persuasion, attention to detail, time management, prioritization, resourcefulness Advanced proficiency with MS Office products, primarily MS Word, Excel, PowerPoint More ❯

write design/test specifications, and contribute to process improvements. Support cryptographic key management and encryption processes. Ensure solutions comply with security frameworks and regulations (PCI DSS, ISO2700x, GDPR, NIST, etc.). More ❯

Information Security Analyst – NIST Implementation Rate - £500 Inside IR35 (Total to umbrella) Duration – 6 months Location – twice a week on site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber … proactively managing non-compliance issues and mitigating Information Security risks. About You : You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Conducting assessments to identify material gaps, analyzing potential risks, and monitoring progress on maturity uplifting across security functions. Supporting compliance activities with the Group Information … across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF in the financial services sector is highly desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security More ❯

Information Security Analyst – NIST Implementation Rate - £500 Inside IR35 (Total to umbrella) Duration – 6 months Location – twice a week on site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber … proactively managing non-compliance issues and mitigating Information Security risks. About You : You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Conducting assessments to identify material gaps, analyzing potential risks, and monitoring progress on maturity uplifting across security functions. Supporting compliance activities with the Group Information … across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF in the financial services sector is highly desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security More ❯

Information Security Analyst – NIST Implementation Rate - £500 Inside IR35 (Total to umbrella) Duration – 6 months Location – twice a week on site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber … proactively managing non-compliance issues and mitigating Information Security risks. About You : You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Conducting assessments to identify material gaps, analyzing potential risks, and monitoring progress on maturity uplifting across security functions. Supporting compliance activities with the Group Information … across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF in the financial services sector is highly desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security More ❯

Information Security Analyst – NIST Implementation Rate - £500 Inside IR35 (Total to umbrella) Duration – 6 months Location – twice a week on site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber … proactively managing non-compliance issues and mitigating Information Security risks. About You : You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Conducting assessments to identify material gaps, analyzing potential risks, and monitoring progress on maturity uplifting across security functions. Supporting compliance activities with the Group Information … across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF in the financial services sector is highly desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security More ❯

Information Security Analyst – NIST Implementation Rate - £500 Inside IR35 (Total to umbrella) Duration – 6 months Location – twice a week on site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber … proactively managing non-compliance issues and mitigating Information Security risks. About You : You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Conducting assessments to identify material gaps, analyzing potential risks, and monitoring progress on maturity uplifting across security functions. Supporting compliance activities with the Group Information … across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF in the financial services sector is highly desirable. Proven track record of security transformation and delivery of security projects, particularly within a federated organisation. Strong knowledge of Information Security More ❯

and a solid technical understanding are essential. Responsibilities: Regulatory Compliance & Framework Development: Support the implementation of a comprehensive business resilience framework aligned with DORA and other regulatory requirements (e.g., NIST, ISO 22301, ISO 27001). Develop training materials, policies, controls, and risk assessment methodologies to ensure adherence to regulatory standards. Support key pillars of the DORA program, including ICT Risk … in cybersecurity, operational resilience, systems architecture, or related fields, with extensive exposure to Operational Resilience, particularly DORA . Strong understanding of UK regulatory requirements and frameworks such as DORA, NIST, ISO 22301, and ISO 27001. Proven experience conducting risk assessments, regulatory compliance reviews, and resilience testing . Ability to translate regulatory requirements into actionable plans and track them to completion. More ❯

to a variety of stakeholders; technical and non-technical.Excellent quality focus, ensuring appropriate documentation and knowledge sharing.Proven experience of architecture design analysisExperience of NCSC's Cyber Assurance Framework (CAF), NIST Cyber Security Framework (CSF), NIST SP 800-53, ISO 27001 and HMG regulations and other departmental IT in defence and securityAbility to work in small teams, highly specialised technology areas More ❯

and implement security policies and practices, with a strong emphasis on DLP and DSPM. Ensure proactive risk management and compliance with internal and external regulatory standards (e.g., ISO 27001, NIST). Continuously assess and improve the organisation's data security posture. Innovation and Change Enablement Partner with the DLM Product Owner to modernise data loss management practices and integrate new … be useful Experience with cloud infrastructure, DevOps practices, and CI/CD pipelines. Familiarity with infrastructure monitoring, logging, and alerting tools. Knowledge of regulatory compliance frameworks (e.g. ISO 27001, NIST). Knowledge of Information Security, SIEM, Cyber Defence centre tooling. About working for us Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our More ❯

and implement security policies and practices, with a strong emphasis on DLP and DSPM. Ensure proactive risk management and compliance with internal and external regulatory standards (e.g., ISO 27001, NIST). Continuously assess and improve the organisation's data security posture. Innovation and Change Enablement Partner with the DLM Product Owner to modernise data loss management practices and integrate new … be useful Experience with cloud infrastructure, DevOps practices, and CI/CD pipelines. Familiarity with infrastructure monitoring, logging, and alerting tools. Knowledge of regulatory compliance frameworks (e.g. ISO 27001, NIST). Knowledge of Information Security, SIEM, Cyber Defence centre tooling. About working for us Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our More ❯

including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools, practices, and … or with regulated industries or large enterprises is highly desirable. Mergers and Acquisitions integration experience is a plus Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034. Lead teams and projects. This could be as an DevSecOps team lead, security architect, or manager for SSDLC initiatives. Professional certifications in security are highly valued, such More ❯

team. This is an excellent opportunity to play a key role in advancing the company's security posture by delivering Governance, Risk, and Compliance (GRC) initiatives and embedding the NIST Cyber Security Framework (CSF) across the business. Key skills/responsibilities: Deliver day-to-day GRC activities, including designing and implementing security controls and managing information security risks Interpret and … Group Information Security Framework Conduct gap assessments, identify risks, and support maturity uplift across security functions Develop and maintain an information security controls catalogue, policies, and procedures aligned with NIST CSF Collaborate with business units to integrate security measures into operations Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group Information Security Framework Facilitate reviews … governance frameworks Experience in developing security controls catalogue in a financial services environment (highly desirable) Proven experience in delivering security projects within a federated organisation Desirable skills: Knowledge of NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, DORA Understanding of risk methodologies and data analysis for reporting Strong documentation skills (control matrices, process flows, SOPs) Excellent communication skills for both More ❯

Implement security controls utilizing eMASS and Xacta 360 support tools. Conduct certification and testing in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and providing recommendations of risk mitigation to customer. Perform Risk Assessments and develop Concepts of Operations (CONOPS), Security Policies, Cybersecurity Strategy, Test Plans, System Security Plans and More ❯

technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role: Develop and maintain GRC frameworks aligned with ISO 27001, NIST, GDPR, and NIS2 standards Conduct risk assessments across business units, vendors, and projects Monitor regulatory changes and ensure compliance with legal and contractual obligations Support business continuity and disaster recovery … e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework Knowledge of OneTrust risk management toolset or similar preferred Proven ability to communicate with technical teams to elicit information and requirements Excellent written and More ❯

effectiveness of cyber governance. Lead continuous improvement initiatives and mentor key personnel within governance functions. Ensure all policies, procedures, and controls are compliant with regulatory standards (NCSC, ISO 27001, NIST, CIS Controls). Identify, assess, and manage risks to project or organisational goals. Build alignment with executive stakeholders, board members, and external partners to ensure accountability and clear decision-making … processes. Qualifications A proven track record in leading cybersecurity risk and governance transformations in complex or government/defence environments. Deep knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls) and regulatory obligations. Experience designing and implementing cybersecurity governance structures from the ground up. Strong analytical and strategic thinking skills to assess risks and influence operational change. Excellent communication More ❯

Data, Application, Technology, and Security considerations into all project phases. Governance and Compliance: Maintain architectural practices in full compliance with healthcare regulations and standards, such as GDPR, CAF, DSPT, NIST, and NHS guidelines. Routinely review and update architectural policies to reflect evolving requirements, with embedded security throughout. Mentorship and Leadership: Provide leadership and mentorship to technical teams and subject matter … healthcare IT solutions. Proven success in leading large-scale projects and managing cross-functional teams. In-depth knowledge of healthcare regulations, standards, and best practices (e.g., GDPR, CAF, DSPT, NIST). Exceptional communication, presentation, and interpersonal skills. Relevant certifications such as TOGAF or Zachman are desirable. 5-7 years of experience in IT architecture roles, including time in senior or More ❯

opportunity has arisen to join our InfoSec team as a Security GRC Analyst, to assist in the delivery of security compliance assurance to frameworks such as PCI-DSS and NIST Cyber Security Framework. You will be managing security governance processes including Third Party Security Risk Management, and delivering controls assurance. What you'll be doing Assisting in meeting compliance requirements … within HL, such as PCI-DSS and in line with frameworks such as SWIFT CSCF, CSA CCM and NIST CSF. Assist with the technical security aspects of third-party security risk by conducting security due diligence and risk assessments for vendors, suppliers, partners, and contractors. Develop and mature processes and procedures for third party security risk management, including due diligence … in liaising with stakeholders at all levels and be confident in influencing business areas to meet compliance requirements. Demonstrable experience of working with compliance and risk management in a NIST CSF (Preferable) or ISO27001 aligned environment, along with an understanding of PCI-DSS. Experience in managing supply chain risk, including due diligence, risk escalation and treatment. Good writing capabilities, analytical More ❯

assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. … Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your ability to manage risk proactively. Proficiency in evaluating technical controls More ❯

assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. … Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your ability to manage risk proactively. Proficiency in evaluating technical controls More ❯

automated and scalable vulnerability management program using Tenable and related tools. Establish and enforce vulnerability management policies, scan configurations, and best practices, aligned to frameworks such as ISO 27001, NIST, and CIS. Integrate vulnerability scanning and remediation into CI/CD pipelines and development workflows to ensure security at speed. Automate data collection, triage, reporting, and ticketing processes using scripting … with platforms like Jira, ServiceNow, or Slack. Ability to scope penetration tests and manage findings through to remediation. Strong understanding of security frameworks and standards such as ISO 27001, NIST, and CIS. Excellent communication, presentation, and influencing skills, with the ability to explain complex technical issues to non-technical stakeholders. Analytical and solution-oriented mindset with the ability to drive More ❯

and implement scalable monitoring, alerting, and auditability solutions to support a secure, multi-cloud, geo-distributed workforce. Design, implement, and continuously improve Roku's Zero Trust Architecture, aligning with NIST SP 800-207 and SP 1800-35 guidance. Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives. Identify and implement automation opportunities … AWS; GCP is a plus Solid understanding of SaaS platforms and their identity integration Understanding of Zero Trust Architecture principles Familiarity with IT security frameworks and compliance standards (e.g., NIST, GDPR, SOC 2, PCI DSS, HIPAA) Awareness of logging, monitoring, and alerting practices related to identity and access events Basic understanding of email security and DNS Backup and recovery awareness More ❯

which your background might be better suited to. 8+ years of experience in IoT security, preferably in the medical device or the pharmaceutical industry. Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining … residual risk after applying compensating security controls Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2 and familiarity working with Quality Management Systems Experience working with teams in a structured software development lifecycle process Excellent interpersonal skills, both written and verbal, with the ability to clearly convey complex More ❯