1 to 25 of 178 Remote NIST Jobs

OCP, including their security considerations. Proficiency in integrating security into DevOps pipelines with tools such as Jenkins, GitHub, Artifactory, Terraform, and Vault. Common Security and Architecture Frameworks Security Frameworks: NIST Cybersecurity Framework (CSF) ISO 27001 and 27002 CSA CCM (Cloud Controls Matrix) CIS Controls Architecture Frameworks: SABSA (Sherwood Applied Business Security Architecture) TOGAF (The Open Group Architecture Framework) AWS Well More ❯

designing and implementing enterprise security and solution security architectures for large organisations leveraging frameworks such as SABSA and TOGAF Implementation of cybersecurity controls using industry-leading practices such as NIST CSF, NIST 800-53, OWASP, Centre for Internet Security (CIS), ISO 27001, COBIT etc Experience in maintaining compliance with regulations and standards such as NISD, GDPR, PCI-DSS etc in More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

strong understanding of industrial control systems and SCADA systems. Proficiency in OT protocols and technologies, including Modbus, DNP3, OPC, etc. Knowledge of relevant cybersecurity standards and regulations, such as NIST Cybersecurity Framework, CIS and NERC-CIP Experience with IPS/IDS, network monitoring and SIEM/SOAR technologies. Knowledge and related experience in OT security issues and techniques. Effective communication More ❯

this role you must have demonstrable hands-on expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including the NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the UK Telecom Security Act would be advantageous More ❯

You'll Bring Prior and proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM More ❯

Prior and proven experience gained as a Security Architect or in a Technical Cyber Consultant/Engineer role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM More ❯

transformation initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK financial regulations, GDPR, and industry standards (ISO 27001, NIST, PCI DSS, etc). Experience running risk assessments, threat modelling, and security testing programmes. Ability to engage and influence senior stakeholders, balancing security with commercial and operational priorities. Strong communication More ❯

transformation initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK financial regulations, GDPR, and industry standards (ISO 27001, NIST, PCI DSS, etc). Experience running risk assessments, threat modelling, and security testing programmes. Ability to engage and influence senior stakeholders, balancing security with commercial and operational priorities. Strong communication More ❯

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE/CE+, GDPR, NIS2, ONR Security Domains/Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring More ❯

Exploit DB Metasploit SIEM, SOAR & Monitoring - Microsoft Sentinel SOAR platforms (ServiceNow SOAR) Automation & Scripting - Python, PowerShell, Bash, Ansible Reporting & Metrics - Power BI ServiceNow dashboards Excel (advanced analysis) Frameworks & Standards - NIST CSF, ISO 27001, OWASP, CE/CE+, GDPR, NIS2, ONR Security Domains/Capabilities - Identity and Access Management (IAM) Network Security Data Protection Cloud Security Controls Application Security Security Monitoring More ❯

SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS . Strong communication and presentation skills, with the ability to work across technical and business teams. Relevant certifications (e.g., CISSP, GIAC, SC-200, Splunk, IBM QRadar Specialist, Chronicle More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

to undergo DV clearance/UK Citizen/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC More ❯

with further experience in the development and documentation of integrated solution and detailed designs encompassing both cloud and on premise environments. Understanding and awareness of industry frameworks such as NIST, NCSC CAF, CIS, IEC 62443. Knowledge of NIS-r Directive advantageous. Ability to evaluate and propose tooling and technologies within Severn Trent to enhance its security posture. Knowledge of Operation More ❯

security, and the design and implementation of security solutions Proficient in security modelling, frameworks, and tools (e.g., SparxEA, Archi) with deep knowledge of security principles, methodologies, and industry standards (NIST, ISO 27001, PCI-DSS, GDPR) Skilled in threat and risk modelling, governance, and aligning security controls with business strategy, regulation, and technical constraints Stakeholder engagement and communication skills, with experience More ❯

and application teams to integrate security at every stage Guide the use of encryption, identity management, and secure access controls Recommend security tools and ensure alignment with frameworks like NIST, ISO 27001, and MOD standards What you bring: 2-3 years' experience in security/solution architecture or a technical cyber role Solid grasp of Zero Trust, Defence in Depth More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated More ❯

Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information More ❯