1 to 25 of 176 NIST Jobs in the UK excluding London

application designs, supporting secure architecture and delivery from the outset. Compliance & Framework Alignment: Ensure security operations align with regulatory standards and frameworks such as NIST, ISO 27001, and NCSC CAF. Person SpecificationEssential: Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability ...

point security tools and data loss prevention controls are highly advantageous Skills and experience Experience working within recognised information security frameworks (e.g. ISO27001, NIST) Proven experience in an information security role, preferably within financial services or e-commerce Strong analytical capability, with the ability to interpret data and support decision ...

proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF ...

proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF ...

Lead experience MOD/GDS Secure by Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ...

strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self starter with strong communication ...

and the wider estate are sufficiently tested for signs of vulnerability. Governance, Risk & Compliance (GRC) Ensure audit readiness, control effectiveness (key SOX/ITGC, NIST/ISO mappings), and remediation governance; lead policy lifecycle and attestations. Oversee the enterprise risk process (RCSA, KRIs), executive reporting, and board risk briefings. Improve ...

including Product Defense in Depth, security technology, regulatory compliance and incident response Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications) Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines ...

assurance, finance industry, and information technology. Knowledge of vendor-agnostic cloud security concepts. Knowledge of information security and standards, including but not limited to NIST CSF 2.0. Possess a results-oriented, high-energy, self-motivated attitude and a strong commitment to customer service. Strong interpersonal, organizational, oral, and written communication ...

Information Security Manager), CISA (Certified Information Systems Auditor), CEH (Certified Ethical Hacker), or equivalent are highly desirable. In-depth knowledge of security frameworks (e.g., NIST, ISO 27001), network security protocols, firewalls, encryption, and intrusion detection systems (IDS). Strong understanding of threat landscape and risk management strategies. Proficiency in security ...

Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing such as GDPR, ISO 27001, Cloud Security Alliance, NIST 800-53, PCI DSS, ISA/IEC 62443, NERC CIP, HIPAA, etc. Knowledge of public cloud environments Azure, AWS or Google Cloud If interested, please ...

risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber ...

risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber ...

risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber ...

secure infrastructure Work alongside security operations teams to address threats and operational issues Ensure adherence to recognised standards and regulations (e.g. GDPR, ISO 27001, NIST frameworks) Maintain and update security documentation, policies, and procedures Support client-facing requirements in line with contractual security obligations Assist with both internal and external ...

implementation of the Operational Technology security strategy across engineering and operational teams. Assist in applying recognised cyber security frameworks such as National Institute of Standards and Technology Cyber Security Framework and IEC 62443 to operational environments. Work with engineering teams to understand how operational systems such as Supervisory Control and ...

enhance risk toolkit methodologies across the supply chain risk management lifecycle (onboarding and aftercare). Lead initiatives to align supply chain risk maturity with NIST Cyber Supply Chain Risk Management (C-SCRM) principles. Deliver improvements in personnel security controls following National Protective Security Authority (NPSA) guidance. Produce risk outputs linking ...

protection, secrets management, and container security (AKS). Integrate SAST/DAST/SCA tools into CI/CD pipelines and collaborate on compliance (NIST, ISO 27001, SOC 2, GDPR). Qualifications: 5+ years of hands-on cloud security experience with Azure. Proven expertise in secure architecture design and DevOps ...

budget, and to technical standards Security & Compliance Oversee implementation of security tools (EDR, MFA, XDR, backup, etc.) Maintain compliance with frameworks (Cyber Essentials, ISO, NIST) Conduct risk assessments and recommend improvements Client Engagement Act as a trusted technical advisor for key clients Attend technical review meetings and present environment health ...