251 to 275 of 276 NIST Jobs in the UK excluding London

framework, ensuring effective identification, assessment, and remediation of risks. Conduct detailed risk and control assessments across business units, projects, vendors, and IT systems, aligning with standards like ISO 27001, NIST CSF, and CIS Controls. Manage and enhance Third-Party Risk Management, including cybersecurity assessments of external partners and suppliers. Collaborate with stakeholders to develop and track cyber risk treatment plans … while fostering strong relationships to embed a risk-aware culture across the organisation. Experience you will have: Expertise in cybersecurity risk frameworks and compliance, including CIS Controls, ISO 27001, NIST CSF, GDPR, SOX, and PCI. Strong technical and analytical skills, with the ability to assess risks, identify gaps, and propose mitigation strategies across IT systems and third parties. Excellent communication More ❯

Find out more about our commitment to equity, diversity, and inclusion on our website . Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security … data to determine attack vectors and impacts. Maintain forensic readiness in environments with high availability and low tolerance for downtime. Ensure forensic activities comply with sector-specific regulations (e.g., NIST CSF, NERC CIP, ISA/IEC 62443). Support audits, insurance claims, and legal proceedings with documented forensic evidence. Maintain readiness for compliance reviews related to critical infrastructure. Continuously explore … response performance. Aligning forensic practices with organizational risk management strategies. Working knowledge of legal processes for evidence handling and chain of custody. Familiarity with standards and regulations such as: -NIST CSF/NIST 800-61 -ISA/IEC 62443 -ISO/IEC 27001 Conducting end-to-end digital forensic investigations (disk, memory, network). Hands-on experience with forensic tools More ❯

Find out more about our commitment to equity, diversity, and inclusion on our website . Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security … data to determine attack vectors and impacts. Maintain forensic readiness in environments with high availability and low tolerance for downtime. Ensure forensic activities comply with sector-specific regulations (e.g., NIST CSF, NERC CIP, ISA/IEC 62443). Support audits, insurance claims, and legal proceedings with documented forensic evidence. Maintain readiness for compliance reviews related to critical infrastructure. Continuously explore … response performance. Aligning forensic practices with organizational risk management strategies. Working knowledge of legal processes for evidence handling and chain of custody. Familiarity with standards and regulations such as: -NIST CSF/NIST 800-61 -ISA/IEC 62443 -ISO/IEC 27001 Conducting end-to-end digital forensic investigations (disk, memory, network). Hands-on experience with forensic tools More ❯

GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders More ❯

GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders More ❯

GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders More ❯

GCP) is required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … working in Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders More ❯

implement best-in-class security and disaster recovery solutions. What You'll Do: AWS cloud migration & build scalable infrastructure Automate deployments & CI/CD pipelines Ensure security & compliance with NIST 800-53 Manage containerization (Docker) Implement disaster recovery & high availability solutions Lead the migration of on-premises infrastructure to AWS , ensuring minimal disruption and maximum efficiency Design and implement scalable … optimize AWS services including EC2, S3, RDS, Lambda, VPC, IAM, CloudWatch, and CloudTrail Monitor system performance, conduct audits, and troubleshoot infrastructure issues Implement security and compliance measures aligned with NIST 800-53 Automate infrastructure provisioning using Terraform, CloudFormation, or AWS CDK Optimize cost-efficiency of cloud resources DevOps & Automation (40%) Design, implement, and manage CI/CD pipelines for seamless … CI/CD tools (Jenkins, GitLab CI/CD, AWS CodePipeline) Strong scripting skills in Python, Bash, or PowerShell Solid understanding of networking, cloud security best practices, and compliance (NIST 800-53) Experience with monitoring & logging tools (Prometheus, ELK Stack, Splunk) Excellent problem-solving and communication skills Location: Our office is located in Portsmouth, NH but we are now accepting More ❯

across multiple projects and programmes Design and implement Sentinel playbooks to automate detection and response Lead on PSN audit readiness and ensure compliance with key frameworks (Cyber Essentials, ISO27001, NIST, GDPR) Conduct cyber risk assessments, maintain the risk register, and drive remediation activity Provide regular reports and updates to senior stakeholders on cyber posture, risks, and progress Support and mentor … within a Local Government environment (this is essential) Direct experience supporting or leading PSN audits and wider compliance activities Strong working knowledge of core security frameworks: ISO27001, Cyber Essentials, NIST, GDPR Excellent stakeholder management and reporting skills, with the ability to operate independently in a complex environment CISSP certification is required Please only apply if you have Local Government experience More ❯

Your new company With over 160 years of experience, this organisation combines a strong heritage with a clear focus on innovation and progress. It prioritises safety, sustainability, and high-quality service, while fostering an inclusive workplace where people are empowered More ❯

impact to the organization • Risk analysis and mitigation of potential vulnerabilities • Applying risk management frameworks and methodologies • Performing data classification • Conducting security risk reviews • Control framework implementation, such as NIST 800-53, ISO 27001, Fed Ramp and NIST CSF • Knowledge of penetration tests on web applications and tools. • Maintaining systems/applications records status for reporting and alerts • Providing advice More ❯

Director of Cyber Security - NIST CSF, Risk Management, Incident Response - Dublin - £150,000 + 40% bonus A leading international gaming and entertainment company are searching for a Director of Cyber Security to drive their Group cyber security strategy and build resilience across their global operations. The Director of Cyber Security's responsibilities will be: Lead implementation of Group cyber security … strategy, driving a long-term approach to building resilience and capability. Supervise 2nd line Cyber Risk, Standards and Assurance teams, implementing technology security policies and NIST CSF standards. Strengthen cyber governance and risk management, providing timely and accurate risk reporting to senior management and risk committees. Lead Security Monitoring & Incident Response teams, ensuring robust processes across critical business systems. Oversee … Platforms & Services Security teams, ensuring assets comply with NIST CSF v2 and Group policies. Manage SEC reporting requirements for significant cyber incidents and educate stakeholders on GDPR and regulatory responsibilities. Collaborate with Legal, Risk, DPO and Finance teams to add value and improve cyber risk management. Support merger and acquisition activities by assessing cyber risk in proposed acquisitions. Create and More ❯

structures, policies, and practices within Technology and Network functions. Design a fit-for-purpose Technology Risk Management Framework that aligns with business needs and industry standards (e.g. ISO 27001, NIST, COBIT). Develop practical tools such as risk registers, heatmaps, control libraries, and risk assessment templates. Stakeholder Engagement & Knowledge Transfer: Work closely with internal stakeholders to understand current risks and … Familiarity with regulatory and compliance requirements relevant to telecom (e.g., GDPR, NIS2, national telecom regulations). Experience working with risk and control frameworks such as ISO 31000, ISO 27001, NIST CSF, COBIT, or COSO. Ability to communicate clearly and influence senior stakeholders. Self-starter, capable of driving outcomes independently in a short time frame. Preferred Certifications: CRISC, CISM, CISSP, CISA More ❯

system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage … certifications. Maintain up-to-date knowledge of legal & regulatory requirements impacting Technology and Operations and its Partners. Apply comprehensive knowledge of legal, regulatory obligations, and industry best practices (e.g., NIST, COBIT, ISO27001, PAS 555) to ensure compliance with technology standards. Schedule and review risk and compliance audits; direct issues to appropriate resources for investigation and resolution. Our people make us … as we continue to deliver for our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player who More ❯

and systems. - Assess and remediate gaps in security practices and influence operational teams to adopt security-first approaches. - Drive adherence to industry standards and frameworks such as ISO 27001, NIST, or similar. - Provide expert input to enhance security frameworks, policies, and procedures. - Lead and support security awareness initiatives across business units. What We’re Looking For - Strong understanding of information … security principles, particularly in GRC. - Hands-on experience with ISO 27001, NIST, or similar standards. - Excellent communication and stakeholder engagement skills - able to translate technical security concepts into clear business language. - Proven ability to embed governance and compliance into large, complex organisations. - Ability to balance technical, operational, and business priorities. Why Apply? This is more than a technical role - it More ❯

legal, and policy teams to develop, manage, and ensure compliance with industry regulations and internal policies Implement and support information security and privacy standards/frameworks (e.g. ISO 27001, NIST, CIS) Work directly with engineering teams and architects to review system and data architectures in line with best practices Analyse and communicate the impact of vulnerabilities, controls, and mitigations on … technical and non-technical audiences Manage stakeholder expectations across projects with a pragmatic, agile, and solution-oriented approach Key Skills & Experience In-depth knowledge of cybersecurity frameworks such as NIST, ISO 27001, and CIS Proven experience in a similar governance-focused role involving internal controls, risk management, and audit readiness Strong ability to bridge the gap between technical teams and More ❯

Cloud Security Engineer Kent – Hybrid 12-month FTC - Competitive Salary VIQU have partnered with a leading automotive organisation seeking a Cloud Security Engineer to join their growing security function. This role has been created to help bridge the gap between More ❯

application, end to end encryption and life cycle management. Technical Skills & Experience: Expertise in Cybersecurity Industry 4.0, OT & IoT Security adaptive security approaches. Experience in working with framework like NIST CSF, IEC 62443, NIST 800-82 etc. Should have a strong understanding of broad cybersecurity risk management and Infrastructure security and a base level understanding OT Security including concepts and … enhance clients' security posture. Should be open to explore modern technologies and the OT Security product space and assess technology from vendors. Knowledge of security industry regulations and standards NIST, EU NIS Directive, IEC 62443. Industry qualifications (CCSK, CEH, CCSP, GICSP, CISM, CISA, SABSA) would be desirable. Knowledge on any of the platforms such as Nozomi Network, Claroty, Armis, PAS More ❯

/OT Continuity Plan and Backup Management Procedure. Defining and documenting RTOs and RPOs, and conducting Asset Impact Analyses. Leading risk assessments and ensuring compliance with standards such as NIST, NIS2, and ISO 22301. Planning and executing backup integrity tests and realistic recovery scenarios. Facilitating tabletop and live failover exercises, and reporting on continuity readiness to senior stakeholders. Collaborating with … DR platforms and OT technologies (SCADA, PLC, HMI). Proven experience defining RTO/RPO frameworks and conducting impact analyses. Familiarity with regulatory frameworks and standards (e.g., ISO 22301, NIST). Certifications such as CBCP, ISO 22301 Lead Implementer, DRICert, or ITIL Foundation (preferred). Excellent communication and stakeholder coordination skills. A proactive, analytical mindset with a passion for resilience More ❯

to join our global client's new UK cybersecurity team. This role is predominantly end-client facing, advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. Skills & Experience Required: 3+ years of experience working in Cyber Security within an AWS cloud environment Any experience with CrowdStrike would … with PCI DSS Vulnerability management & Compliance Lead on Audits Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with stakeholders and clients, as well as the ability to provide training and mentoring around cybersecurity Ideally, some relevant cybersecurity certifications This role is full-time onsite More ❯

collaborative team of infrastructure and DevOps engineers Build secure, scalable infrastructure (Windows/Linux, VMs, containers) Drive CI/CD, automation, and Infrastructure as Code practices Ensure compliance with NIST, NCSC, CIS, JSP, and ISO 27001 Oversee backup, DR, and business continuity strategies Maintain strong cyber hygiene and proactively manage vulnerabilities Create documentation and a knowledge-sharing culture Work cross … hands-on expertise with strategic oversight. Essential Experience & Skills: Proven experience in secure IT infrastructure & DevOps leadership Strong technical background in systems administration & automation Solid grasp of compliance frameworks (NIST, NCSC, JSP) Excellent communication and stakeholder management Tech Stack You'll Work With: OS: Windows Server, Hardened Linux Containers/Orchestration: Docker, Kubernetes, Portainer DevOps Tools: Jenkins, Artifactory, Jira, Azure More ❯

Are you a cloud infrastructure professional with a strong security focus? Are you looking for a broader role, offering the opportunity for continued learning and development while embracing tech for good? Do you have the skills to innovate and influence More ❯

Press Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: Identity & Access Management Engineer Date: 10 Jul 2025 Company: Royal London Group Job Title: Identity & Access Management Engineer - IGA Contract Type: Permanent More ❯

Job Title: PAM Consultant- SC Cleared Location: Hybrid – Stafford Park 1, Telford TF3 3BD (3 days/week Onsite) Duration: 3months+ Description We are seeking a highly experienced Privileged Access Management (PAM) Consultant to lead the assessment and strategic planning More ❯

include: Creating business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government … of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a given … of the Cyber Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯