51 to 75 of 1,930 NIST Jobs in the UK

tooling Candidate Profile Essential Skills and Experience 4–7 years’ experience in IT operations, cybersecurity, or a similar technical role Strong knowledge of cybersecurity best practices, frameworks (ISO 27001, NIST, CIS), and common attack vectors Hands-on experience with: Microsoft 365, Azure AD/Entra ID, and Intune Endpoint protection tools Cloud security principles (AWS preferred) VPNs, firewalls, and network More ❯

Excellence Lead C-level workshops on cyber strategy, risk management, and investment planning. Create business cases that communicate ROI and business enablement. Conduct maturity assessments using frameworks such as NIST CSF, ISO 27001, and industry-specific standards. Facilitate threat and risk workshops tailored to client environments. Showcase innovation through demos of emerging technologies like XDR, SASE, and SOAR. Practice Development … mentoring and team leadership capabilities Technical Expertise Broad understanding of cyber domains (cloud, identity, operations, compliance) Hands-on experience with major cloud platforms and security technologies Familiarity with frameworks (NIST, ISO, COBIT) and regulatory compliance (DORA, NIS2) Solution architecture experience and vendor-neutral evaluation approaches Qualifications Degree in a relevant field or equivalent practical experience Preferred certifications CISSP (with 5+ More ❯

and analyze security logs and alerts, fine-tuning detections and response playbooks. Risk & Compliance Support Work with GRC and compliance teams to implement security controls aligned with ISO 27001, NIST, SOC 2, and GDPR. Support security reviews for third-party vendors, M&A due diligence, and cloud risk assessments. Ensure compliance with regulatory frameworks and internal security policies. Required Skills More ❯

and analyze security logs and alerts, fine-tuning detections and response playbooks. Risk & Compliance Support Work with GRC and compliance teams to implement security controls aligned with ISO 27001, NIST, SOC 2, and GDPR. Support security reviews for third-party vendors, M&A due diligence, and cloud risk assessments. Ensure compliance with regulatory frameworks and internal security policies. Required Skills More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff Please only apply if you are able to work from their Debden offices Monday-Friday. Hybrid More ❯

understanding of cloud technologies traditional networking skills. Having good working knowledge and experience of Microsoft Azure security architecture. Experience in key cloud and network security architecture. Good understanding of NIST Framework. Exposure to security monitoring technologies Understanding of Incident Response, Cyber Kill Chain, ATT&CK · Knowledge & experience of common program language e.g., Python, C++, PowerShell, JavaScript Being able to perform More ❯

understanding of cloud technologies traditional networking skills. Having good working knowledge and experience of Microsoft Azure security architecture. Experience in key cloud and network security architecture. Good understanding of NIST Framework. Exposure to security monitoring technologies Understanding of Incident Response, Cyber Kill Chain, ATT&CK · Knowledge & experience of common program language e.g., Python, C++, PowerShell, JavaScript Being able to perform More ❯

Work with IT, security, and development teams to ensure solutions meet business needs. Required Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and More ❯

SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance More ❯

and present findings to stakeholders or clients. Maintain thorough documentation of investigation steps, timelines, and decisions taken. ⚖️ Compliance & Risk Mitigation Ensure all incident handling aligns with frameworks such as NIST, ISO 27001, and GDPR. Work with compliance teams to manage regulatory reporting during security incidents. Your Profile 🔑 Essential Skills & Experience: Bachelor’s degree in Computer Science, Information Security, or a More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff NB: Please only apply if you are able to work from their Debden (IG10) offices Monday More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff NB: Please only apply if you are able to work from their Debden (IG10) offices Monday More ❯

the latest trends, solutions, and best practices in the industry e.g. Application Security Posture Management (ASPM), Continuous Cyber and IT controls monitoring (CCM) Thorough understanding of compliance frameworks like NIST and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis, threat … and reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber security certification e.g. Certified Information More ❯

the latest trends, solutions, and best practices in the industry e.g. Application Security Posture Management (ASPM), Continuous Cyber and IT controls monitoring (CCM) Thorough understanding of compliance frameworks like NIST and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis, threat … and reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber security certification e.g. Certified Information More ❯

framework development, and digital transformation security initiatives. Requirements Technical Skills: Professional Security Certifications: CISSP, CISM, or equivalent senior security qualifications Security Frameworks: Deep expertise in ISO27001, SOC 2, CE+, NIST, and other governance frameworks Cloud Security: Advanced knowledge of Azure, Microsoft 365, and cloud security architecture Risk Management: Proven experience developing risk management frameworks and compliance programs Incident Response : Hands More ❯

ll bring: A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics … ll bring: A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics More ❯

focus on hands-on security engineering and operations. In-depth knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud More ❯

vendors. Must have hands-on experience configuring a range of cybersecurity tooling and hardening cloud environments, particularly Microsoft Azure. Well-versed knowledge of cybersecurity and data protection frameworks including NIST, ISO27001 and DPA. Experience managing PCI DSS compliance for an organisation is preferred. Proficient at articulating technical cybersecurity concepts and risks to the business in a simple and effective manner More ❯

analysis, including static and dynamic analysis techniques. Ability to develop and refine threat-hunting methodologies and define SIEM use cases. Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.). Ability to work under pressure in a fast-paced, dynamic security environment. Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident documentation. What More ❯

our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response … and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role based in Dudley, UK, with travel up to 30% of the time. Responsibilities Implement … security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and More ❯

security incident investigations, implement remediation strategies, and develop proactive measures to mitigate future risks. Compliance: Ensure cloud environments comply with regulatory standards and organizational policies (e.g., GDPR, ISO 27001, NIST, or SOC 2). Automation & CI/CD: Integrate security tools into CI/CD pipelines to enable automated vulnerability scanning, compliance checks, and secure deployments. Monitoring and Threat Detection More ❯

our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response … and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role based in Dudley, UK, with travel up to 30% of the time. Responsibilities Implement … security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and More ❯

Microsoft Defender for Endpoint, AlertLogic, Web Application Scanning, Tripwire, Tenable Nessus). Strong problem-solving, analytical, reporting and organizational skills. Experience or understanding of of security compliance frameworks; ISO27001, NIST, SOC2, Cyber Essentials, etc. Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, or similar) are highly desirable. Detail-oriented with a proactive approach to problem-solving. Ability to prioritize tasks effectively More ❯

focus on hands-on security engineering and operations. In-depth knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and Google Cloud More ❯

SIEM, IDS/IPS,firewalls, antivirus, and cloud security. · Be familiar with SOAR tools and their benefits · You have experience with security frameworks and standards, such as ISO 27001,NIST, PCI-DSS, GDPR · A good understanding of industry attack trends and defences · Understanding of core operating system concepts in Windows, MacOS, and Linux · A fundamental understanding of how threat actors More ❯