26 to 50 of 58 NIST 800 Jobs in the UK

accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer, regulatory and More ❯

and contribute to security awareness across teams. Clearly communicate risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001/2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan More ❯

Skills & Experience Required: 8+ years of experience in Information Security or IT , with 3+ years in IT Audit or security control testing Familiar with security frameworks such as NIST 800-53, ISO 27001, CIS Controls, COBIT Hands-on experience using RSA Archer, ServiceNow , and familiarity with automation and data-driven testing Working knowledge of cloud environments More ❯

in scripting and automation for security tasks (e.g. Python, PowerShell). Information Security Frameworks: Working knowledge of common frameworks and standards, such as ISO 27001/2/5, NIST800-53, and Cyber Essentials. Risk Management and Compliance: Thorough understanding of Information Security Risk Management and Compliance frameworks, including ability to assess information risks and select appropriate controls. Data Protection More ❯

MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Knowledge or application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Managing risks and services in accordance with customer, regulatory and legislative expectations. Experience outside of traditional enterprise IT scenarios extending to proprietary and More ❯

be doing * Designing robust, secure-by-design architectures aligned to MOD and wider government standards * Writing and maintaining formal security policies and documentation * Managing risk using frameworks like NIST 800-53 and producing key security artefacts (RMAs, Security Aspects, Test Plans, etc.) * Working with cross-functional teams including DevSecOps, Software, Infrastructure and Agile delivery * Leading on More ❯

be doing * Designing robust, secure-by-design architectures aligned to MOD and wider government standards * Writing and maintaining formal security policies and documentation * Managing risk using frameworks like NIST 800-53 and producing key security artefacts (RMAs, Security Aspects, Test Plans, etc.) * Working with cross-functional teams including DevSecOps, Software, Infrastructure and Agile delivery * Leading on More ❯

improvement, training, and policy development. Key Requirements: Experience in product security engineering for defence/government programmes Strong background in risk assessments, mitigation planning & accreditation Familiar with: ISO27000, NIST SP800, JSP440, GovS 007, Common Criteria Understanding of platform security, firmware, cloud, and TEMPEST controls Degree in relevant field and/or NCSC-certified (e.g. CISSP, CISM) Strong documentation More ❯

Security Assurance Team (SAT), providing risk management and assurance of programme artefacts. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise … security training and briefings Support development of relevant security documentation; including RMADS, CoCo, RAR, SSP, POAM, OSMP (including SyOps). Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable More ❯

monitoring, alerting, and auditability solutions to support a secure, multi-cloud, geo-distributed workforce. Design, implement, and continuously improve Roku's Zero Trust Architecture, aligning with NIST SP 800-207 and SP 1800-35 guidance. Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives. Identify and implement automation … GCP is a plus Solid understanding of SaaS platforms and their identity integration Understanding of Zero Trust Architecture principles Familiarity with IT security frameworks and compliance standards (e.g., NIST, GDPR, SOC 2, PCI DSS, HIPAA) Awareness of logging, monitoring, and alerting practices related to identity and access events Basic understanding of email security and DNS Backup and recovery More ❯

or equivalent professional certification. Experience: 3+ years in a Cyber/Engineering role. Involvement in MOD accreditation and secure by design processes. Knowledge of standards like NIST SP 800-30, 37, 53. Experience managing risks and services in compliance with regulations. Experience with software, firmware, and hardware security. Conducting risk assessments, threat modelling, vulnerability analysis. Overseeing More ❯

making across engineering and leadership teams. - Support Compliance and Audit Readiness: Build and maintain solutions that automate evidence gathering and real-time compliance monitoring across frameworks such as NIST 800-53, HITRUST, PCI-DSS, and FedRAMP. - Collaborate Across Teams: Partner with cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and … Microsoft Sentinel, Defender XDR, Purview, Entra ID, Azure Policy. - Hands-on experience integrating or piloting AI agents or LLMs in operational workflows. - Knowledge of compliance standards such as NIST, HIPAA, FedRAMP, PCI, SOC2, or HITRUST. - Security certifications such as SC-200, GCSA, or equivalent. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment More ❯

the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM) or equivalent. Associate/… Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding role More ❯

the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM) or equivalent. Associate/… Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding role More ❯

the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM) or equivalent. Associate/… Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding role More ❯

in your day-to-day. What you'll be doing Designing robust, secure-by-design architectures aligned to MOD and wider government standards Managing risk using frameworks like NIST 800-53 and producing key security artefacts (RMAs, Security Aspects, Test Plans, etc.) Working with cross-functional teams including DevSecOps, Software, Infrastructure and Agile delivery Providing strategic More ❯

in your day-to-day. What you'll be doing Designing robust, secure-by-design architectures aligned to MOD and wider government standards Managing risk using frameworks like NIST 800-53 and producing key security artefacts (RMAs, Security Aspects, Test Plans, etc.) Working with cross-functional teams including DevSecOps, Software, Infrastructure and Agile delivery Providing strategic More ❯

in your day-to-day. What you'll be doing Designing robust, secure-by-design architectures aligned to MOD and wider government standards Managing risk using frameworks like NIST 800-53 and producing key security artefacts (RMAs, Security Aspects, Test Plans, etc.) Working with cross-functional teams including DevSecOps, Software, Infrastructure and Agile delivery Providing strategic More ❯

client projects: Design and manage comprehensive security programmes tailored to diverse environments, including hybrid IT/OT settings. Deliver projects aligned with industry frameworks and compliance requirements, such as NIST800-53, ISO27001, NIST CSF, NIS 2, DORA. Leverage emerging technologies such as AI, IoT, cloud solutions, and advanced threat detection systems. Advise on their application, assess their suitability More ❯

platforms. Proficiency in digital forensics and log analysis across Networking, Windows, Mac, Linux, or Cloud environments. Strong understanding of evidence collection and prioritisation procedures. In-depth knowledge of NIST 800-61 incident response lifecycle, including containment, eradication, and recovery. Experience in digital forensics, including evidence acquisition and chain-of-custody practices. Familiarity with frameworks such as More ❯

risks in business terms and advising on mitigation. Excellent stakeholder communication skills, up to C-level. Strong analytical and reporting abilities. Familiarity with risk management frameworks (ISO 3100X, NIST 800 series, ENISA, EBIOS, OCTAVE, FAIR). Preferred: Background in information security and security frameworks (eg, MITRE ATT&CK, ISO 2700X). Experience working in multinational environments. More ❯

Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa 80,000 Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource More ❯

Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa £80,000 Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource More ❯

EBA Guidelines). Has a comprehensive understanding of what it takes to comply with cyber security industry standards and frameworks in practise (e.g. ISO 27001, NIST CSF, SP 800-53, NCSC CAF, Cyber Essentials). Has a thorough understanding of cyber security threat and risk with the ability to think like an attacker and design controls More ❯

OSCP, etc.). Experience of supporting audits such as ISO27001. Experience of working with security risk management frameworks such as ISO31000. Knowledge of security control frameworks such as CIS, NIST800-53 and ISO27001. How we work We're a mission-led, product-driven team. We move fast, stay focused and take ownership - from brief to build to impact. Debate is More ❯