201 to 225 of 235 Remote NIST Jobs

ahead of the evolving threat landscape What we’re looking for Strong understanding of risk, and how security interacts with different platforms and projects. Experience with frameworks like ISO, NIST, CIS, PCI, OWASP, OSINT Technical know-how (cloud, apps, networks, or systems) Excellent communicator who can bridge the gap between tech and business Why join us? Salary up to More ❯

ahead of the evolving threat landscape What we’re looking for Strong understanding of risk, and how security interacts with different platforms and projects. Experience with frameworks like ISO, NIST, CIS, PCI, OWASP, OSINT Technical know-how (cloud, apps, networks, or systems) Excellent communicator who can bridge the gap between tech and business Why join us? Salary up to More ❯

ahead of the evolving threat landscape What we’re looking for Strong understanding of risk, and how security interacts with different platforms and projects. Experience with frameworks like ISO, NIST, CIS, PCI, OWASP, OSINT Technical know-how (cloud, apps, networks, or systems) Excellent communicator who can bridge the gap between tech and business Why join us? Salary up to More ❯

skills to inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an engineer — but More ❯

skills to inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an engineer — but More ❯

skills to inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an engineer — but More ❯

skills to inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an engineer — but More ❯

skills to inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you don’t need to be an engineer — but More ❯

or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation … and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes More ❯

or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation … and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes More ❯

or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation … and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes More ❯

or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation … and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes More ❯

or Partner level. Ensure that the project adheres to Deloitte's Cybersecurity capability framework, relevant information security regulations and industry standards. Examples include GDPR, EU AI Act, ISO 27001, NIST Cybersecurity Framework, and Cyber Essentials +. Communicate security awareness, concerns, and requirements to project stakeholders, including developers, project managers, and business leaders, to ensure alignment and buy-in. Maintain documentation … and controls inherent in various technologies, and related best practices. This includes OWASP Top 10 and vulnerability management. Have strong knowledge in cybersecurity frameworks and standards like ISO 27001, NIST, COBIT, and Cyber Essentials+ or equivalent. Experience with risk management methodologies, techniques, and being able to clearly understand and articulate risk. Demonstrable ability to identify risks associated with business processes More ❯

appropriate corrective action is taken. Create new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis efforts Publish routine, accurate risk analysis and assessment reports as defined by organizational risk policies and procedures to applicable audiences for each … computer science or related field preferred Security certifications (CISSP, GSEC, etc.) are highly desired. Demonstrated experience with Industry or subject specific analysis or assessment frameworks is highly desired (FAIR, NIST CSF, etc.) Experience in banking/financial industry is strongly preferred Formalized training in cyber security analysis or assessment techniques WHAT'S IN IT FOR YOU? Compensation Starting base salary More ❯

Security risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCI DSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous Competence … knowledge, and skills Competence Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. 5 years experience in an Information Security role gained in a financial services or e-commerce environment is preferred Knowledge & Skills Excellent communicator, able to translate complex topics to all areas of the business Significant experience in the area of Information More ❯

and solutions to address specific client needs. Collaborate with clients to design and implement risk mitigation strategies and incident response plans. Provide expert guidance to clients on frameworks (GDPR, NIST, ISO, HIPAA) and related strategies, with a focus on cyber security. Conduct thorough assessments of clients' existing security programs, identifying gaps and vulnerabilities. Develop and implement effective framework policies, procedures … industry best practices. Conduct tabletops/workshops with clients discussing information security best practices, incident response, and the threat landscape. Advise clients on compliance requirements, such as GDPR, HIPAA, NIST, ISO 27001, and other relevant regulations. Stay up to date with the latest cybersecurity threats, trends, and regulatory changes to provide informed guidance. Qualifications: Bachelor's degree in a relevant More ❯

team. This is an excellent opportunity to play a key role in advancing the company's security posture by delivering Governance, Risk, and Compliance (GRC) initiatives and embedding the NIST Cyber Security Framework (CSF) across the business. Key skills/responsibilities: Deliver day-to-day GRC activities, including designing and implementing security controls and managing information security risks Interpret and … Group Information Security Framework Conduct gap assessments, identify risks, and support maturity uplift across security functions Develop and maintain an information security controls catalogue, policies, and procedures aligned with NIST CSF Collaborate with business units to integrate security measures into operations Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group Information Security Framework Facilitate reviews … governance frameworks Experience in developing security controls catalogue in a financial services environment (highly desirable) Proven experience in delivering security projects within a federated organisation Desirable skills: Knowledge of NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, DORA Understanding of risk methodologies and data analysis for reporting Strong documentation skills (control matrices, process flows, SOPs) Excellent communication skills for both More ❯

technical controls to advise the engineering team. 2. Participated or led cybersecurity compliance assessments: CMMC or ISO certification 3. Documented and demonstrated experience with defense regulatory compliance like CMMC, NIST, and DFARS. 4. Hold an active or can obtain a U.S. Government Secret level or above clearance. Interview Process: 1st interview will be via Teams video. 2nd and final interview … regulatory and contractual compliance. Maintain expert awareness of all aspects of information security and compliance, including PCI, and SOC requirements for information systems and industry best practices, such as, NIST 800-53, 800-171, 172. Contribute to the development and maintenance of the Cybersecurity strategy. MINIMUM QUALIFICATIONS: Bachelor's degree in Cybersecurity, Information Systems, Communications, Computer Science or equivalent. Six … or more years of experience in cybersecurity including direct involvement with regulatory or framework compliance (CMMC, NIST 800-171, PCI, ISO 27001, SOC2, FAR, DFARS, etc.) BASIC COMPETENCIES: Internal Contacts: Contact with employees or others primarily at a routine level involving basic information exchange; Contact with peers and others involving explanation of information (these contacts may be within or outside More ❯

for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security/Technology project Lead/execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global … to ensure secure system designs and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection. Strong analytical and problem More ❯

a risk assessmentConsult on potential security components architectures (e.g. SIEM, IAM, gateways, detection and deception capabilities )Evaluate architectures against Business Line policy and major cyber security standards & regulation frameworks (NIST, ISO, JSP, etc.)Produce justification for architectural choicesEnsure technical coordination across a multi-discipline teamPresent, recommend and demonstrate solutions to customer representatives, peers or technical teamsConduct security related tasks including … Security (ISS) You can advise and give support to the rest of the team Familiar with Risk Analysis, Network Security, Cryptography, Identity & Access Management (software/hardware development, the NIST Cybersecurity Framework, cloud technologies) Able to monitor and measure risk as well as compliance You have the ability to work with customers and technical teams NICE TO HAVE: Domain knowledge More ❯

to test and evaluate systems through a Whitebox adversarial approach for the DoD in support of our Air Force clients. Work with systems that are assessed based on the NIST 800-53 Risk Management Framework security controls. Focus on the filtering capabilities and data flows, including low levels within the architecture of the system such as Mandatory Access Controls and … days of start date Additional Qualifications Experience analyzing and executing test plans and procedures Experience developing or analyzing technical documentation Experience with penetration testing or adversarial emulation Experience with NIST 800-53 security controls Knowledge of cyber threats and how to appropriately harden a system to prevent them Knowledge of vulnerability assessment tools, including Kali Linux, Wireshark, Tripwire, Burp Suite More ❯

each of the projects we deliver continue to expand, including the use of common tooling that will facilitate the tracking and reporting of assurance actions. We are also developing NIST-compliant risk assessment methodology and tooling that is raising our quality and customer confidence, you will be part of these developments. The role in P-ITSM and likely other projects … gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating More ❯

each of the projects we deliver continue to expand, including the use of common tooling that will facilitate the tracking and reporting of assurance actions. We are also developing NIST-compliant risk assessment methodology and tooling that is raising our quality and customer confidence, you will be part of these developments. The role in P-ITSM and likely other projects … gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating More ❯

each of the projects we deliver continue to expand, including the use of common tooling that will facilitate the tracking and reporting of assurance actions. We are also developing NIST-compliant risk assessment methodology and tooling that is raising our quality and customer confidence, you will be part of these developments. The role in P-ITSM and likely other projects … gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating More ❯

each of the projects we deliver continue to expand, including the use of common tooling that will facilitate the tracking and reporting of assurance actions. We are also developing NIST-compliant risk assessment methodology and tooling that is raising our quality and customer confidence, you will be part of these developments. The role in P-ITSM and likely other projects … gaining and maintaining accreditation for secure/sensitive systems using structured Risk analysis and treatment approaches Experience of process involved in continuous assurance for information security management systems, e.g. NIST, ISO Experience of developing and managing a Cyber Incident Response capability Experience of developing Security Awareness training including Threat Modelling, table top war gaming Experience in tracing through and evaluating More ❯