226 to 250 of 276 NIST Jobs in the UK excluding London

and human-to-machine) Knowledge/understanding of hardware security modules (HSMs) for storing cryptographic keys securely, including integration with enterprise applications for key generation and usage. Familiarity with NIST's Post-Quantum Cryptography (PQC) standardization efforts and practical approaches for transitioning to quantum-resistant encryption schemes. Knowledge of FIPS 140-2 and FIPS 140-3 validated cryptographic modules and More ❯

management. Solid IT general controls (ITGCs) knowledge. IT outsourcing arrangements, including service delivery, supplier management, and data security considerations. IT governance, strategy, and operating models. Knowledge of IT frameworks (NIST, COBIT, ISO, ITIL) is desirable. Knowledge of project change methodology is desirable. Self-motivated and proactive in approach, able to act independently and on own initiative. Excellent analytical, influencing, presentation More ❯

integration of network infrastructures. This role is crucial for ensuring the security integrity of our projects, working within an Agile Scrum framework and adhering to Secure by Design and NIST methodologies. Contract Rate : £600 per day Location : Basingstoke Job Type : Contractor (On-site) Contract Duration: ASAP until 31/12/2025Clearance Required: DV Clearance active is mandatory Day-to More ❯

experience with OT/ICS networking Strong background in industrial firewalls and network segmentation Familiar with common OT protocols and monitoring tools Knowledge of industry security standards (IEC 62443, NIST 800-82) Certifications are welcome but not required. Interested? Send your CV or get in touch for a chat. More ❯

storage platforms. Expertise in storage array deployment, replication, and fault tolerance. Knowledge of secure-by-design principles and system hardening practices. Familiarity with security compliance frameworks such as STIG, NIST, or CIS. Skilled in enterprise hardware installations and cabling management. It would be great if you had: Dell EMC or VMware certifications. Experience with infrastructure automation tools like PowerShell, Ansible More ❯

storage platforms. Expertise in storage array deployment, replication, and fault tolerance. Knowledge of secure-by-design principles and system hardening practices. Familiarity with security compliance frameworks such as STIG, NIST, or CIS. Skilled in enterprise hardware installations and cabling management. It would be great if you had: Dell EMC or VMware certifications. Experience with infrastructure automation tools like PowerShell, Ansible More ❯

Eclipse C++ Development IDE & plugins, anti-malware tools, configuring switch/firewall/NAS and other network devices, setup of RHEL subscription and update services, all within a secure NIST based framework. The task package requires the derivation of detailed use cases and design from the high-level use cases/requirements and design, and implementation and test of the More ❯

storage platforms. Expertise in storage array deployment, replication, and fault tolerance. Knowledge of secure-by-design principles and system hardening practices. Familiarity with security compliance frameworks such as STIG, NIST, or CIS. Skilled in enterprise hardware installations and cabling management. It would be great if you had: Dell EMC or VMware certifications. Experience with infrastructure automation tools like PowerShell, Ansible More ❯

document, and maintain effective security controls supported by periodic audit and technical alarms. Maintain effective security documentation (ASA, AAS, SBD etc) supported by periodic audit and reviews to ensure NIST compliance. Aim to improve compliance scores where possible. Implement and manage effective security reviews of new or updated products and systems, in-line with Ayvens central requirements. Advise the business … with experience of Operational Security or management of a Security Operations Centre (SOC). Proven knowledge and experience of industry standards and best practice e.g. ISO 27000 series, OWASP, NIST cyber security framework. Knowledge of risk management frameworks and methodologies. Good understanding of GDPR, and data protection. Experience of implementing or delivering security awareness and education. Experience of building strong More ❯

align with the client's risk profile and operational needs. Guide clients in developing and improving their incident response processes, including playbook creation and alignment with security frameworks like NIST and ISO 27001. Regularly review and optimise SIEM configurations to reduce false positives, improve detection accuracy, and adapt to evolving threat landscapes. Advisory & Compliance: Advise clients on aligning SIEM deployments … years of experience in SIEM consulting, SOC, or security operations roles with a focus on threat detection and response. Strong understanding of threat detection methodologies, security frameworks (e.g., NIST, ISO 27001), and compliance requirements. Experience with SIEM design and architecture, data ingestion, log management, and custom dashboard creation. Familiarity with cloud-native security solutions and knowledge of security practices in More ❯

Security risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCI DSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous Competence … knowledge, and skills Competence Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. 5 years experience in an Information Security role gained in a financial services or e-commerce environment is preferred Knowledge & Skills Excellent communicator, able to translate complex topics to all areas of the business Significant experience in the area of Information More ❯

history reviews and thorough evaluations of supplier policies and procedures, current security controls, third party pen testing reports, vulnerability management reports, and information security reports such as SOC2 Reports, NIST or ISO 27001 reports, PCI DSS etc). Manage relationships with large third-party suppliers involved in transformative, high-impact projects and Business as usual activities. This included facilitating collaboration … to responsible teams. Review the daily threat intelligence report generated by TI reporting tools Ensure that third-party risk management practices adhere to relevant regulations (e.g., GDPR, ISO 27001, NIST, etc.). Establish procedures for responding to third-party risk incidents, ensuring minimal impact on business operations working closely with the security operations lead and business continuity lead. Develop and More ❯

with familiarity in Test-Driven Development (TDD) and collaborative coding practices. Desirable Skills Security specific training (related to Secure coding and Security +) Knowledge of Jenkins & nodeJS Knowledge of NIST framework and how controls work. Supervisory Responsibilities This job does not have supervisory duties Job Posting End Date: Thursday 7th August :59pm Why join us? Allstate NI is proud to More ❯

change programmes, and digital transformation initiatives. Develop and deliver a compliance strategy aligned with legislation (e.g., UK GDPR, Data Protection Act 2018, PCI-DSS), internal policies, external frameworks (e.g., NIST CSF, ISO 27001) and aligned with sector-specific best practice (e.g UCISA, NCSC) Develop and deliver a Security Assurance Testing program, including internal and external audit, penetration testing and associated … practices. Highly Desirable Certifications Industry-recognised certifications such as CISSP, CISM, GIAC (e.g., GDSA, GCIH, GCIA), and CompTIA CASP+ Framework-related qualifications (e.g. ISO 27001 Lead Implementer/Auditor, NIST CSF, TOGAF or SABSA) demonstrating capability in structured security operations and strategic alignment. To learn more about this exciting opportunity and benefits we offer, please read the job description and … the wider IT& Digital department to provide a coordinated and effective cyber defence capability. We align our work with recognised frameworks such as the NCSC Cyber Assessment Framework (CAF), NIST CSF, and CIS Controls, ensuring we keep pace with industry best practice while tailoring our approach to the unique challenges of the higher education sector. As part of the team More ❯

Security risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCI DSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous Competence … knowledge, and skills Competence Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. 5 years’ experience in an Information Security role gained in a financial services or e-commerce environment is preferred Knowledge & Skills Excellent communicator, able to translate complex topics to all areas of the business Well versed in IT security capabilities, framework More ❯

including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global secure development policy, including approved tools, practices, and … or with regulated industries or large enterprises is highly desirable. Mergers and Acquisitions integration experience is a plus Familiarity with industry frameworks and standards: OWASP SAMM, OWASP ASVS, BSIMM, NIST SSDF, ISO 27034. Lead teams and projects. This could be as an DevSecOps team lead, security architect, or manager for SSDLC initiatives. Professional certifications in security are highly valued, such More ❯

opportunity for an Information Security Consultant looking to elevate their career. We're looking for someone with hands-on experience in ISO 27001 implementation and auditing, and expertise in NIST to drive our Compliance Team's service offerings forward. Work with a innovative, industry-leading Cyber Security team Play a key role in the development of internal and client security … ready to make an impact in Cyber Security, this role is for you! Responsibilities: Ensure protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews More ❯

Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach More ❯

Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) Please reach More ❯

effectiveness of cyber governance. Lead continuous improvement initiatives and mentor key personnel within governance functions. Ensure all policies, procedures, and controls are compliant with regulatory standards (NCSC, ISO 27001, NIST, CIS Controls). Identify, assess, and manage risks to project or organisational goals. Build alignment with executive stakeholders, board members, and external partners to ensure accountability and clear decision-making … processes. Qualifications A proven track record in leading cybersecurity risk and governance transformations in complex or government/defence environments. Deep knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls) and regulatory obligations. Experience designing and implementing cybersecurity governance structures from the ground up. Strong analytical and strategic thinking skills to assess risks and influence operational change. Excellent communication More ❯

control, incident response, vulnerability management), ensuring effectiveness and consistency. Leading in the review and enhancement of IT and infosec risk and control frameworks (e.g., ISO 27001, ITIL, ISO2 2301, NIST), ensuring alignment with business objectives and regulatory requirements. Coordinating and representing IT risk in internal , external audits and certification processes (e.g., ISO 27001, Cyber Essentials , ISO22301, etc. ), acting as the … Demonstrated leadership in delivering IT risk or audit initiatives, including managing projects, mentoring team members, and driving outcomes. Strong knowledge of industry frameworks and standards, such as ISO 27001, NIST, CISControls, and regulatory requirements like GDPR. Provenability to engage and influence stakeholders across IT, Information Security, and business functions, building trusted relationships at all levels. We also acknowledgethattheconfidencegap and imposter More ❯

assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. … Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your ability to manage risk proactively. Proficiency in evaluating technical controls More ❯

assets by working collaboratively with colleagues across multiple departments. Your day-to-day responsibilities will include supporting policy development in line with leading frameworks such as ISO 27001 or NIST, overseeing vulnerability management activities alongside IT professionals, conducting architectural reviews for new projects, and helping drive continuous improvement in technical controls. You will also be instrumental in managing third party … proven experience on protecting sensitive data within regulated environments. Your background should include hands-on involvement with risk assessments, policy development aligned with industry standards like ISO 27001 or NIST, vulnerability management activities spanning identification through remediation, and direct participation in incident response processes. Demonstrable experience applying risk assessment methodologies to identify vulnerabilities and recommend effective mitigations is highly valued. … Recognised information security frameworks such as ISO 27001 or NIST ensures you can contribute meaningfully to policy development. A solid understanding of core security technologies-including firewalls, intrusion detection systems, endpoint protection platforms-and their practical application is important. Experience supporting vulnerability management processes from identification through remediation demonstrates your ability to manage risk proactively. Proficiency in evaluating technical controls More ❯

and implement scalable monitoring, alerting, and auditability solutions to support a secure, multi-cloud, geo-distributed workforce. Design, implement, and continuously improve Roku's Zero Trust Architecture, aligning with NIST SP 800-207 and SP 1800-35 guidance. Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives. Identify and implement automation opportunities … AWS; GCP is a plus Solid understanding of SaaS platforms and their identity integration Understanding of Zero Trust Architecture principles Familiarity with IT security frameworks and compliance standards (e.g., NIST, GDPR, SOC 2, PCI DSS, HIPAA) Awareness of logging, monitoring, and alerting practices related to identity and access events Basic understanding of email security and DNS Backup and recovery awareness More ❯

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯