151 to 175 of 604 Remote NIST Jobs

strategic objectives, digital transformation ambitions, and best practice governance framework – ITILv4 including GDAD. The post holder will work closely with the security team to ensure compliance with GDAD and NIST CSF 2.0. This role will work closely with IT service providers, ensuring effective governance, compliance, and performance while maintaining alignment with LCC’s digital roadmap. Roles & Responsibilities End-User Computing … Strategy & Governance Ensure that end-user compute services align with GDAD framework, GDS Service Manual, and PDCF project governance. Work with the security team to maintain compliance with NIST CSF 2.0 Maturity Level 5, embedding cyber resilience and security best practices into service delivery. ITIL 4 Service Management Implementation Ensure all ITIL processes including incident, problem, change, and request fulfilment … continuously monitored and optimised using Service Now, Power BI dashboards and analytics. Provide regular reports and insights to senior leaders, demonstrating service performance and areas for improvement. Security, Compliance, & NIST CSF 2.0 Maturity Work with the Security team to ensure the End User Compute services are compliant with zero-trust security models, protecting end-user devices, identity management, and endpoint More ❯

or Bash Familiarity with open-source diagnostic and assessment tools such as Nmap, Wireshark, and Kali Linux Solid understanding of established security frameworks and models (e.g., MITRE ATT&CK, NIST, and related methodologies) Comfortable using general productivity and communication software for remote collaboration Bachelor's degree in cybersecurity, information technology, or a related field Qualifications Strong analytical thinking and problem More ❯

attack vectors, malware, and security trends is crucial. Developing and implementing security policies, standards, and procedures: This includes creating guidelines aligned with industry best practices and regulatory requirements (e.g., NIST CSF, ISO 27001, GDPR). Designing and architecting secure IT environments: This may involve network security design, cloud security architecture (AWS, Azure, GCP), and implementing security technologies. Developing and assisting More ❯

Security Analyst plays a key role in supporting Allianz UK's Information Security initiatives, with a focus on executing the Governance, Risk, and Compliance (GRC) activities and implementing the NIST Cyber Security Framework (CSF) across the organisation. The NIST analyst will involve in day-to-day GRC operations, such as designing and implementing security controls, interpreting requirements from the Group … Information Security Analyst at Allianz UK, you will be pivotal in advancing the company's Information Security initiatives by executing Governance, Risk, and Compliance (GRC) activities and implementing the NIST Cyber Security Framework (CSF) organization-wide. Your role will involve daily GRC operations, including designing and implementing security controls, interpreting requirements from the Group Information Security Framework, and managing non … analysing potential risks, and monitoring progress on maturity uplifting across security functions. You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units More ❯

attack vectors, malware, and security trends is crucial. Developing and implementing security policies, standards, and procedures: This includes creating guidelines aligned with industry best practices and regulatory requirements (e.g., NIST CSF, ISO 27001, GDPR). Designing and architecting secure IT environments: This may involve network security design, cloud security architecture (AWS, Azure, GCP), and implementing security technologies. Developing and assisting More ❯

changes, and industry best practices. Required Skills & Experience: Proven experience in Information Security, Cybersecurity, and/or Information Privacy. Deep understanding of regulatory frameworks: GDPR, DPA 2018, ISO 27001, NIST , and FCA guidelines. Strong knowledge of security controls, data lifecycle management, and access control models. Experience within the banking or financial services sector is essential. Demonstrated ability to engage with More ❯

risk assessments and gap analyses for clients. Provide in-depth control reviews, maturity ratings, and remediation actions based on Governance, Risk, and Compliance (GRC) frameworks such as Cyber Essentials, NIST, CIS, and ISO27001 Conduct comprehensive vulnerability assessments of client systems to identify potential security risks. Assist with the implementation of security measures through TSG and partner-led services including Managed … Relevant professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). Familiarity with GRC frameworks such as ISO27001, NIST, CIS benchmarks, and Cyber Essentials/Plus. Proven experience in a cybersecurity consultancy role, with a strong understanding of cybersecurity principles, protocols, and standards. Demonstrable experience working on multiple client More ❯

of experience in a GRC consultancy or lead security role with significant client-facing responsibilities. Proven ability to independently deliver information security engagements across ISO 27001, SOC 2, GDPR, NIST, or similar frameworks. In-depth knowledge of information security principles, compliance standards, and regulatory requirements. A recognised certification in information security, audit, or compliance (e.g. ISO 27001 Lead Implementer/ More ❯

incidents, including investigation, containment, root cause analysis, and reporting. Work with internal teams to continuously improve incident response processes. Support compliance and alignment with ISO 27001, Cyber Essentials, SWIFT, NIST and other relevant frameworks. Communicate effectively with various stakeholders including engineers, product managers, operations team, senior management, and auditors about the information security posture, risks, and mitigation strategies. Qualifications Bachelor … AWS Security) are a plus. Experience Minimum of 8 years’ experience in information security roles, ideally in the financial sector. Experience working with ISO 27001, Cyber Essentials, and preferably NIST CSF, SOC 2, or SWIFT frameworks. Strong understanding of security in the context of software development and application security (OWASP, SDLC, DevSecOps). Hands-on, pragmatic approach with the ability More ❯

to engineering teams building client-facing SaaS and AI applications. Liaise with risk, compliance, and assurance functions to ensure security alignment with regulatory frameworks (e.g., ISO 27001, SOC 2, NIST). Evangelize cloud security best practices internally and with clients to build trust and awareness. Essential Requirements 8+ years in cybersecurity roles, with 3+ years focused specifically on cloud and More ❯

/AKS), and infrastructure protection. Hands-on knowledge of DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security More ❯

/AKS), and infrastructure protection. Hands-on knowledge of DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security More ❯

willing to undergo DBS and Counter Terrorist Check. It would be great if you had: Certifications such as CISSP, or other relevant qualifications. Experience with additional frameworks (e.g., SOC2, NIST, NCSC CAF). More than 2 years’ experience delivering IT or cybersecurity solutions. Benefits: 30 days annual leave + 8 bank holidays Additional day off for your birthday 3% employer More ❯

willing to undergo DBS and Counter Terrorist Check. It would be great if you had: Certifications such as CISSP, or other relevant qualifications. Experience with additional frameworks (e.g., SOC2, NIST, NCSC CAF). More than 2 years’ experience delivering IT or cybersecurity solutions. 30 days annual leave + 8 bank holidays Additional day off for your birthday Cycle to Work More ❯

and one of LinkedIn's Top Companies 2024 Do you have proven experience in cyber security, information assurance or resilience management? If you have a strong working knowledge of the NIST Cyber Security Framework then this could be your chance to join us! We're looking for someone with excellent communication skills to work across the business to provide assurance … on Clarion's cybersecurity strategy, ensuring alignment with the National Institute of Standards and Technology (NIST) Cyber Security Framework. Familiar with UK housing sector regulation, applicable standards and data protection requirements (e.g. GDPR, ISO27001, ISO27002, ISO27701) you'll be responsible cyber assurance to support the security posture across systems and services that support tenants and operations. You'll communicate the More ❯

and one of LinkedIn's Top Companies 2024 Do you have proven experience in cyber security, information assurance or resilience management? If you have a strong working knowledge of the NIST Cyber Security Framework then this could be your chance to join us! We're looking for someone with excellent communication skills to work across the business to provide assurance … on Clarion's cybersecurity strategy, ensuring alignment with the National Institute of Standards and Technology (NIST) Cyber Security Framework. Familiar with UK housing sector regulation, applicable standards and data protection requirements (e.g. GDPR, ISO27001, ISO27002, ISO27701) you'll be responsible cyber assurance to support the security posture across systems and services that support tenants and operations. You'll communicate the More ❯

and one of LinkedIn's Top Companies 2024 Do you have proven experience in cyber security, information assurance or resilience management? If you have a strong working knowledge of the NIST Cyber Security Framework then this could be your chance to join us! We're looking for someone with excellent communication skills to work across the business to provide assurance … on Clarion's cybersecurity strategy, ensuring alignment with the National Institute of Standards and Technology (NIST) Cyber Security Framework. Familiar with UK housing sector regulation, applicable standards and data protection requirements (e.g. GDPR, ISO27001, ISO27002, ISO27701) you'll be responsible cyber assurance to support the security posture across systems and services that support tenants and operations. You'll communicate the More ❯

and one of LinkedIn's Top Companies 2024 Do you have proven experience in cyber security, information assurance or resilience management? If you have a strong working knowledge of the NIST Cyber Security Framework then this could be your chance to join us! We're looking for someone with excellent communication skills to work across the business to provide assurance … on Clarion's cybersecurity strategy, ensuring alignment with the National Institute of Standards and Technology (NIST) Cyber Security Framework. Familiar with UK housing sector regulation, applicable standards and data protection requirements (e.g. GDPR, ISO27001, ISO27002, ISO27701) you'll be responsible cyber assurance to support the security posture across systems and services that support tenants and operations. You'll communicate the More ❯

Strong understanding of zero-trust networking and platforms like Palo Alto Prisma.• Experience with Microsoft Azure and Google Cloud Platform networking.• Familiarity with compliance frameworks such as HIPAA, GDPR, NIST, and ISO 27001.• A data-driven mindset with a focus on user experience and operational excellence.• Experience working in a product-centric model, embedding DevSecOps and SRE principles.• Excellent leadership More ❯

Strong understanding of zero-trust networking and platforms like Palo Alto Prisma. • Experience with Microsoft Azure and Google Cloud Platform networking. • Familiarity with compliance frameworks such as HIPAA, GDPR, NIST, and ISO 27001. • A data-driven mindset with a focus on user experience and operational excellence. • Experience working in a product-centric model, embedding DevSecOps and SRE principles. • Excellent leadership More ❯

policies, access controls, and malware protections Lead incident identification and response efforts, ensuring swift containment and root cause analysis Oversee system hardening and compliance with industry standards (CIS, STIG, NIST) Contribute to strategic security planning and advise engineering and programme leadership on cyber risks Provide oversight and review of technical documentation, ensuring quality and audit readiness Represent cyber security in … in defence, government, or secure sectors Advanced knowledge of AWS security services, network security, endpoint protection, and vulnerability management Strong working knowledge of compliance frameworks and standards (CIS, STIG, NIST, Government Functional Standard 007) Proven ability to lead security planning, risk assessments, and incident response activities Excellent documentation, communication, and collaboration skills Eligibility for DV (Developed Vetting) clearance Experience leading More ❯

is responsible for applying and documenting Information System (IS) security principles, practices, and procedures under the Risk Management Framework (RMF) to maintain compliance with applicable security regulations such as NIST, CNSSI, and NISPOM as well as governing the development and management of classified information systems. This position requires the ISSM to be a strong advocate for integrating security into front … monitoring requirements such as audit log reviews, security patching, and hardware/software configuration Lead the organization's CMMC compliance program, ensuring alignment and adherence to DoD cybersecurity standards (NIST SP 800-171, etc.) Develop, document, and guide the implementation of practical, actionable information security policies, procedures, and controls aligned with CMMC and NIST standards (SSP, POAM, etc.) Continuously assess … years of progressive experience in information security Expertise in RMF and ATO processes Previous experience with classified information system security management and administration Proven ability to translate CMMC/NIST SP 800-171 requirements into documented, implementable procedures Experience maturing a cybersecurity program, including developing processes and documentation Strong background in defense contracts and classified information handling procedures. Experience implementing More ❯

into CI/CD Familiarity with SAST/DAST/SCA tools like Fortify, Whitesource Database, datalake knowledge – Postgres, Oracle, Databricks, Snowflake Familiarity with Secure SDLC frameworks such as NIST SSDF, OpenSAMM, BSIMM Security Forensic analysis skills Equal Opportunity Employer: S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to More ❯

Knowledge and Demonstrable Experience: Of MOD accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan More ❯

role. In addition, the following technical knowledge or experience will be helpful for some of our projects: Expertise in consultancy. Knowledge of secure by design. Cybersecurity industry standards (e.g. NIST, ISO 27001, ISA/IEC 62443, etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR More ❯