226 to 250 of 292 NIST Jobs in the UK excluding London

each of the projects we deliver continue to expand, including the use of common tooling that will facilitate the tracking and reporting of assurance actions. We are also developing NIST-compliant risk assessment methodology and tooling that is raising our quality and customer confidence, you will be part of these developments. The role in P-ITSM and likely other projects … gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating More ❯

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯

trusted advisor to clients, leading Quarterly Security Reviews and presenting clear business-focused risk assessments. Own security governance processes, ensuring compliance with frameworks such as Cyber Essentials, ISO27001, and NIST . Oversee patching, vulnerability management, and internal infrastructure security. Collaborate across service delivery, project, and account management teams to embed security consistently. Mentor and develop Security Analysts, ensuring certifications and … into actionable business outcomes for C-level stakeholders. The ideal candidate will have: 5+ years in IT security or MSP environments . Strong knowledge of Cyber Essentials, ISO27001, or NIST frameworks. Experience in vulnerability management, patch governance, and cloud security (M365/Azure). Excellent communication skills with the ability to influence both technical teams and business leaders. (Desirable) Certifications More ❯

Strong communication skills. Experience producing intelligence reports for varied audiences. Familiarity with cyber threats, threat actors, attack vectors, and vulnerabilities. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Knowledge of threat cyber security frameworks such as MITRE ATT&CK, Kill Chain and NIST CSF 2.0. The ideal candidate will combine More ❯

OT (Operational Technology) Analyst Permanent - £52k - £60k + strong benefits Location: Hybrid - South Wales Your new company I am looking to recruit an OT Analyst to join a leader in the utilities space. The business has been investing in its More ❯

OCTAVE, MITRE ATT&CK. • Up to date knowledge of cyber security threats, threat actor motivation and capability, and relevant threat group TTPs. • An understanding of risk management frameworks e.g. NIST, FAIR, Orange Book, and an understanding of Government Functional Standards e.g. GovS 007. • Knowledge of security control (and maturity) frameworks e.g. NIST (e.g. CSMA, CSF), CIS, ISO 27000 series, CSA … Cloud Controls Matrix, NCSC CAF, and an understanding of the types and functions of security controls. • An understanding of hypothetical attack paths, familiarity with NIST CSF tools and able to use it for gap analysis. • Understands Data Flow Diagrams (DFD) and trust boundaries and is able to create one using information provided about an environment. • Familiar with the functions of More ❯

requirements into SOC governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for internal and external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR/CHECK, where applicable Provide expert advice to leadership on regulatory changes … II, Cyber Essentials Plus, Crest) Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities, including audits, RFIs, and RFPs In-depth knowledge of NIST CSF, GDPR, and UK NCSC guidance Experience liaising with external auditors, regulators, and certification bodies Strong ability to develop and maintain compliance documentation and audit evidence Proven organisational skills managing More ❯

OCTAVE, MITRE ATT&CK. Up to date knowledge of cyber security threats, threat actor motivation and capability, and relevant threat group TTPs. An understanding of risk management frameworks e.g. NIST, FAIR, Orange Book, and an understanding of Government Functional Standards e.g. GovS 007. Knowledge of security control (and maturity) frameworks e.g. NIST (e.g. CSMA, CSF), CIS, ISO 27000 series, CSA … Cloud Controls Matrix, NCSC CAF, and an understanding of the types and functions of security controls. An understanding of hypothetical attack paths, familiarity with NIST CSF tools and able to use it for gap analysis. Understands Data Flow Diagrams (DFD) and trust boundaries and is able to create one using information provided about an environment. Familiar with the functions of More ❯

OCTAVE, MITRE ATT&CK. Up to date knowledge of cyber security threats, threat actor motivation and capability, and relevant threat group TTPs. An understanding of risk management frameworks e.g. NIST, FAIR, Orange Book, and an understanding of Government Functional Standards e.g. GovS 007. Knowledge of security control (and maturity) frameworks e.g. NIST (e.g. CSMA, CSF), CIS, ISO 27000 series, CSA … Cloud Controls Matrix, NCSC CAF, and an understanding of the types and functions of security controls. An understanding of hypothetical attack paths, familiarity with NIST CSF tools and able to use it for gap analysis. Understands Data Flow Diagrams (DFD) and trust boundaries and is able to create one using information provided about an environment. Familiar with the functions of More ❯

include: Creating business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government … of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a given … of the Cyber Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯

implementation of data loss protection DLP, data retention, and rights management initiatives Drive compliance with DORA, Operational Resilience, and Data Governance requirements Develop and maintain security governance frameworks (ISO27001, NIST) Manage stakeholder relationships across all organizational levels Oversee risk assessments and control implementation Lead security and data privacy policy development Monitor and report on control effectiveness Key Skills: Proven experience … in information security governance and compliance Strong knowledge of UK/EU data privacy regulations Experience with ISO27001, NIST, and GDPR frameworks Project management expertise Excellent stakeholder management skills Technical proficiency in security controls and data governance This is a unique opportunity to shape security and governance strategies while working with cutting-edge technologies and frameworks. Sound like you? Please More ❯

in supporting sales and pre-sales activities across UK-based opportunities. If you're passionate about helping clients navigate complex risk landscapes and have a strong background in ISO, NIST, and NCSC frameworks, we'd love to hear from you. What You'll Do Lead and deliver GRC advisory engagements (SMA, CRA, SDaaS). Act as a trusted advisor to … maintain strong client relationships to drive long-term value. Collaborate with internal teams to evolve service offerings and delivery models. Stay current with regulatory and standards frameworks (ISO 27001, NIST CSF, NCSC). What We're Looking For Proven experience in GRC or cybersecurity consulting. Strong client-facing skills with the ability to communicate complex concepts clearly. Deep familiarity with … ISO 27001 , NIST , and NCSC Cyber Essentials . Experience delivering security assessments and retained advisory services. Ability to contribute to sales cycles , including scoping and proposal development. Comfortable managing multiple engagements in dynamic environments. Nice to Have Certifications such as CISSP , CISM , CRISC , or ISO 27001 Lead Auditor/Implementer . Experience working with UK public sector or regulated industries. More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯

Sky's privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and … Expertise in cross platform scripting (Powershell, bash etc.). Be a subject matter expert on both legacy and modern authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls More ❯