526 to 550 of 610 NIST Jobs in the UK

complex technical documentation that can be presented across a varied enterprise corporate audiences. PREFERRED QUALIFICATIONS Experience implementing frameworks such as ISO 27001, ISO 42001, NIST 800-53, NIST 600-1 or PCI-DSS. Experience and/or certification in AWS products and services. Experience in threat modeling, secure coding, identity More ❯

objectives. This individual will provide architectural leadership across IT infrastructure, applications, and cybersecurity domains, with a strong emphasis on secure-by-design principles and NIST Risk Management Framework compliance. The role requires effective communication with senior client stakeholders and the ability to influence technical decisions through sound governance and evidence … premise infrastructure strategies. Cyber Security & Secure by Design Embed Secure by Design principles throughout the product lifecycle. Ensure architecture and solution designs comply with NIST controls, regulatory requirements, and internal cyber security policies. Collaborate with information architecture, security, risk, and compliance teams to assess architectural risk and apply appropriate mitigation … architecture (eg integration, APIs, data), and cyber security architecture (eg identity & access management, threat modelling, security controls). Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. Proven experience leading architecture governance in large-scale transformation programmes. Demonstrated ability to engage and influence More ❯

cloud environments. Lead or support vulnerability analysis activities, including risk-based prioritisation and remediation tracking. Ensure alignment with global security standards and frameworks (e.g. NIST, ISO 27001, CIS). Partner with compliance, audit, and internal stakeholders to address regulatory requirements and support evidence gathering for audits. Leverage SIEM and monitoring … as a Security Consultant, Risk Analyst, or GRC Specialist in enterprise environments—ideally within financial services. Strong working knowledge of security frameworks and standards: NIST CSF, ISO 27001, CIS, etc. Experience with security risk assessments, controls design, and compliance monitoring. Familiarity with vulnerability management practices and tools. Exposure to SIEM More ❯

cloud environments. Lead or support vulnerability analysis activities, including risk-based prioritisation and remediation tracking. Ensure alignment with global security standards and frameworks (e.g. NIST, ISO 27001, CIS). Partner with compliance, audit, and internal stakeholders to address regulatory requirements and support evidence gathering for audits. Leverage SIEM and monitoring … as a Security Consultant, Risk Analyst, or GRC Specialist in enterprise environments—ideally within financial services. Strong working knowledge of security frameworks and standards: NIST CSF, ISO 27001, CIS, etc. Experience with security risk assessments, controls design, and compliance monitoring. Familiarity with vulnerability management practices and tools. Exposure to SIEM More ❯

and data protection. Translate requirements from PSD2 SCA , PCI DSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to … Proficiency in IAM (Identity and Access Management) solutions and conducting user access reviews . Familiarity with cloud Technology and IT infrastructure. Strong knowledge of NIST frameworks (CSF, 800-53) and CIS Controls . Certifications: CRISC, CISSP, CISM, or CISA preferred (equivalent experience considered). More ❯

and data protection. Translate requirements from PSD2 SCA , PCI DSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to … Proficiency in IAM (Identity and Access Management) solutions and conducting user access reviews . Familiarity with cloud Technology and IT infrastructure. Strong knowledge of NIST frameworks (CSF, 800-53) and CIS Controls . Certifications: CRISC, CISSP, CISM, or CISA preferred (equivalent experience considered). More ❯

and OT devices and be responsible for thorough investigations, documentation, and remediation. You will also be supporting cyber frameworks and regulations such as ISO27001, NIST, NERC CIP, SOCI, and IEC 62443 OT. This role works in a collaborative environment with the expectation of individual contribution. Ability to pick up and … in Operational Technology · Extensive experience working with Microsoft products: ○ Entra ID ○ Sentinel ○ Defender XDR ○ Tenable • Experience with cyber security compliance regulations such as ISO27001, NIST, NERC CIP, SOCI, and IEC 62443 OT • Experience supporting incident response, risk management, and vulnerability remediation · Good understanding of Network Design · Experience working for a More ❯

and OT devices and be responsible for thorough investigations, documentation, and remediation. You will also be supporting cyber frameworks and regulations such as ISO27001, NIST, NERC CIP, SOCI, and IEC 62443 OT. This role works in a collaborative environment with the expectation of individual contribution. Ability to pick up and … in Operational Technology · Extensive experience working with Microsoft products: ○ Entra ID ○ Sentinel ○ Defender XDR ○ Tenable • Experience with cyber security compliance regulations such as ISO27001, NIST, NERC CIP, SOCI, and IEC 62443 OT • Experience supporting incident response, risk management, and vulnerability remediation · Good understanding of Network Design · Experience working for a More ❯

role in safeguarding our cloud infrastructure and applications. - If you have expertise in AWS security, a strong understanding of security frameworks like ISO or NIST, and the ability to drive secure coding practices, we want to hear from you! The role. As an Application Security Engineer, you will be the … in-depth security reviews, including secure code reviews and threat modelling. Develop and implement security controls to align with frameworks such as ISO 27001, NIST, and CIS benchmarks. Collaborate with development teams to enhance secure coding practices and strengthen CI/CD pipeline security. Oversee and improve cloud security in … Strong experience in AWS cloud security and related tools (e.g., AWS Shield, Security Hub, IAM). Knowledge of security frameworks such as ISO 27001, NIST, or CIS benchmarks. Experience in application security reviews, vulnerability management, and security controls implementation. Familiarity with OWASP Top 10, CWE, and secure coding practices. Proficiency More ❯

you'll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: ISO/IEC 27001:2022 NIST Cybersecurity Framework PCI-DSS 4.0.1 UK GDPR, NIS2 Directive, CAP1753, and related sector obligations This makes it a great development role for those looking to … to relevant stakeholders. Collaborates with procurement and key suppliers to ensure their ongoing security posture meets Virgin Atlantic requirements. Conducts internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements. Supports internal/external audits, evidence readiness, and corrective action tracking. Maintains the policy and control framework, identifying non … professional body. ISO 27001 Lead Implementer/Auditor certification. Sound knowledge of information security governance practices, working knowledge of ISO/IEC 27001:2022, NIST CSF, PCI-DSS, UK GDPR, and NIS2, and other aviation-related legislation. Awareness of Business Continuity, IT Service Continuity, and IT Disaster Recovery (ISO25999, COBIT More ❯

you'll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: - ISO/IEC 27001:2022 - NIST Cybersecurity Framework - PCI-DSS 4.0.1 - UK GDPR, NIS2 Directive, CAP1753, and related sector obligations . This makes it a great development role for those looking … to relevant stakeholders Colloborate with procurement and key suppliers to ensure their ongoing security posture meets Virgin Atlantic requirements Conduct internal reviews against ISO, NIST, PCI, UK GDPR, and emerging requirements Support internal/external audits, evidence readiness, and corrective action tracking Maintain the policy and control framework, identifying non … professional body. ISO 27001 Lead Implementer/Auditor certification Sound knowledge of information security governance practices, working knowledge of ISO/IEC 27001:2022, NIST CSF, PCI-DSS, UK GDPR, and NIS2 and other aviation related legislation.Awareness of Business Continuity, IT Service Continuity and IT Disaster Recovery (ISO25999, COBIT, PAS More ❯

You will need to login before you can apply for a job. View more categories View less categories Sector Retail and Wholesale Role Manager Contract Type Permanent Hours Full Time About the role Join the John Lewis Partnership's Information More ❯

and perform cyber security audits. Experience in producing Zones and Conduits Partitioning Diagrams, Cyber Security Requirements definition and cyber security Assurance. ISO 27005/NIST 800-82/NIST 800-53 Knowledge. NIS/NIS2 knowledge. Railway industry experience and TS 50701 Knowledge. Understanding of Railway frameworks (e.g. EN More ❯

etc.), supporting cloud architecture design, implementation, operations, and automation in Azure AWS and GCP. Strong knowledge and ability to demonstrate the use of the NIST Cyber Security Framework, mapping and translating NIST Cyber Security Controls to other frameworks such as ISO27001 and CIS Top 20 controls, including understanding of the More ❯

We have been awarded the "Most Loved Workplace"! At Metro Bank, people come first - our culture is all about bringing the best out in our colleagues, and making sure everyone feels valued, respected, seen and included. We strongly believe in More ❯

administration, help desk support). Monitor security tools and respond to alerts and incidents. COMPLIANCE ACTIVITIES: Change Management Incident Management Maintenance Vulnerability scanning Implement NIST SP 800-171 for internal systems. Establish a System Security Plan (SSP) . The SSP needs to go through each NIST SP 800-171 control … experience in emergent technology. Experience in architecting, building, and securing systems at scale. In-depth knowledge of cybersecurity compliance standards such as ISO, SOC, NIST, CMMC, EDRS, and ITAR. Certifications in (ISACA, CISM, CRISC, CISA, ITCA) . Certified Information Security Manager (CISM) is essential. Certified Authorization Professional (CAP) . Information More ❯

of Ministry of Defence Joint Service Publications (JSPs) such as JSP 440 and 604. Experience or awareness of Industry Standards including ISO27000, ISO28000, and NIST Cyber Security Framework. Experience or awareness of security control baselines such as NIST SP 800-53, CIS Benchmark, DISA STIGs. A broad understanding of computer More ❯

of Ministry of Defence Joint Service Publications (JSPs) such as JSP 440 and 604. Experience or awareness of Industry Standards including ISO27000, ISO28000, and NIST Cyber Security Framework. Experience or awareness of security control baselines such as NIST SP 800-53, CIS Benchmark, DISA STIGs. A broad understanding of computer More ❯

of Ministry of Defence Joint Service Publications (JSPs) such as JSP 440 and 604. Experience or awareness of Industry Standards including ISO27000, ISO28000, and NIST Cyber Security Framework. Experience or awareness of security control baselines such as NIST SP 800-53, CIS Benchmark, DISA STIGs. A broad understanding of computer More ❯

security strategy Lead and grow a small, globally distributed security team Oversee security operations , threat detection, and incident response Ensure compliance with ISO 27001, NIST, GDPR and DORA Work with tech teams to embed secure software development practices (SDLC) Build and report on security KPIs and risk posture to the … IT Security/InfoSec role ✔ Strong track record across cloud security (Azure) , network & endpoint protection , risk & compliance ✔ Solid grasp of governance frameworks : ISO 27001, NIST, GDPR, DORA ✔ Excellent communication and board-level reporting skills ✔ Hands-on where needed, while maintaining a strategic mindset 📩 Apply now or drop a note to More ❯

security strategy Lead and grow a small, globally distributed security team Oversee security operations , threat detection, and incident response Ensure compliance with ISO 27001, NIST, GDPR and DORA Work with tech teams to embed secure software development practices (SDLC) Build and report on security KPIs and risk posture to the … IT Security/InfoSec role ✔ Strong track record across cloud security (Azure) , network & endpoint protection , risk & compliance ✔ Solid grasp of governance frameworks : ISO 27001, NIST, GDPR, DORA ✔ Excellent communication and board-level reporting skills ✔ Hands-on where needed, while maintaining a strategic mindset 📩 Apply now or drop a note to More ❯

with evolving regulatory frameworks (e.g., EU AI Act, GDPR). Security Architecture : Deliver secure enterprise and application architecture aligned with best practice standards (e.g., NIST, ISO27001, CIS). Operational Technology Security : Protect critical infrastructure through robust OT security assessments and frameworks (e.g., NIST SP 800-82, CAF). What We More ❯

with evolving regulatory frameworks (e.g., EU AI Act, GDPR). Security Architecture : Deliver secure enterprise and application architecture aligned with best practice standards (e.g., NIST, ISO27001, CIS). Operational Technology Security : Protect critical infrastructure through robust OT security assessments and frameworks (e.g., NIST SP 800-82, CAF). What We More ❯

the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM … CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and More ❯

particular focus on: PCI DSS consultancy and assessments Security reviews against standards or guidelines such as the NCSC 10 Steps to Cyber Security and NIST CSF ISO 27001 gap analyses Helping our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification Conducting risk assessments Creating or … ability to consult as well as assess Have experience with ISO 27001, including implementing an ISMS and achieving certification Have experience working with the NIST CSF A good understanding of core concepts and technologies. For example, networking, Windows and Linux operating systems, and security technologies such as antimalware, IDS/… services to our clients, covering the following areas: Conduct security reviews against standards or guidelines such as the NCSC 10 Steps to Cyber Security, NIST CSF, Cyber Essentials Perform ISO 27001 gap analyses Help our clients to implement Information Security Management Systems and achieve and maintain ISO27001 certification PCI DSS More ❯