1 to 25 of 113 Remote NIST 800 Jobs

the companys information protection requirements. • Performs or coordinates internal security assessments, penetration tests, vulnerability scans, and assess organization cybersecurity maturity Complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standards and regulations. • Provides internal customer support via assigned tickets for security … Computer Science, or similar discipline. • Provides a documented work history that includes a minimum of 5-years experience in Information Security. • Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. • Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware … to manage and continuously improve upon vulnerability management program. • Ability to propose solutions for closing identified vulnerabilities in the infrastructure. Desired Qualifications: • Certified Information System Security Professional (CISSP), NIST Cybersecurity Framework (NCSF), Certified Cloud Security Professional (CCSP) andor Certified Ethical Hacker (CEH) • Knowledge and experience with Microsoft Office and Visio. • Knowledge of WAN technologies including MPLS, SD WAN. More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate More ❯

security practices across the enterprise Stay abreast of industry trends, frameworks, and regulations (e.g., GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA) to ensure the organization is proactive in addressing emerging security threats and compliance challenges Foster relationships with key functional … and infrastructure domains. Extensive experience working with senior leadership and stakeholders to drive strategic security initiatives, influencing decisions at the enterprise level. Strong understanding of security frameworks, including NIST CSF, SABSA etc, and the ability to apply them in diverse environments. Qualifications and certifications: Degree in a technology discipline (Computer Science, Information … Management, Computer Engineering, Cybersecurity or equivalent) Professional certifications such as CISSP, CISA, CISM, CRISC, SABSA, or equivalent. Deep expertise in risk management frameworks, including ISO 27001, NIST SP 800-53, and SANS Top 20 Critical Security Controls. Experience with cloud security solutions and services Our commitment to employees: At CLS, we celebrate diversity and consider this More ❯

building security. Risk Management: Lead Cyber and Information Security Risk Management for NSoIT(D). Implement and manage cyber security risks in STREAM and ARM. Conduct and manage NIST 800-based Risk Assessments. Oversee cyber and information security architecture within STREAM. Deliver routine cyber and information security risk reporting. Act as secretary to the programme Security More ❯

3+ years' experience performing IT Audit or security control testing. Knowledge of internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001/27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). More ❯

to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain … certifications Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not essential if experience validates skills. Proficiency in security frameworks (e.g., NIST CSF, ISO 27001, SOC1,2). Prince 2, MSP, APMQ advantageous. A desire to continue learning and developing security skills and qualifications. Our commitment to employees: At CLS, we More ❯

to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain … certifications Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not essential if experience validates skills. Knowledge of security frameworks (e.g., NIST CSF, ISO 27001, SOC1,2). Prince 2, MSP, APMQ advantageous. A desire to continue learning and developing security skills and qualifications. Our commitment to employees: At CLS, we More ❯

You will need to login before you can apply for a job. AVP, IT Security Specialist - RSA Archer, NIST, GRC - London - Hybrid AVP, IT Security Specialist – RSA Archer, NIST, GRC – London – Hybrid Join a leading security governance and risk team as an AVP, IT Security Specialist . You'll play a key role in ensuring robust … security controls, compliance, and continuous risk reduction across a regulated enterprise environment. Key Responsibilities: Maintain and evolve security policy, standards, procedures, and frameworks Align security practices with NIST CSF, NIST 800–53 and other industry standards Advise business and technology teams on information security best practices Conduct regular risk assessments and maintain a risk … in Information or Cyber Security, ideally in financial services Solid understanding of security risk management principles and taxonomy Working knowledge of GRC platforms – RSA Archer preferred Familiarity with NIST CSF , NIST 800–53 , ISO 27001 , SOC 1 & 2 Good written and verbal communication skills for technical and non–technical stakeholders Strong documentation and risk More ❯

procedures. Support Authorizing Official (AO) actions by developing and delivering PAM (Privileged Access Management) solutions that include supporting documents and artifacts in accordance with RMF as defined in NIST 800-37 revision 2 and related agency specific RMF requirements Provide input … into an Audit and Accountability Plan containing methods, procedures, and planned reviews for the continuing accreditation and authorization against AU (Audit and Accountability) family controls per NIST SP 800-53 guidance Provide input to and guide implementation and/or verification and validation of an organizational access control policy and plan reflecting PAM and integrated cybersecurity … comprise IT systems including network topology. Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes. Understanding of federal cybersecurity guidance such as FISMA NIST SP 800-37 - Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach and NIST 800-137 - Information Security More ❯

is a plus. Having experience in leading and executing IT audit, IT internal control, and IT risk consulting engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs is a plus. You have advanced knowledge … of leading frameworks such as ISO 27001, NIST Cybersecurity Framework (CSF) NIST 800-53, CIS and the Cybersecurity Maturity Model. You have experience with Information Governance and Information Security Strategy plans, and assessments using industry framework; ISO, NIST, SOC-2, PCI, CIS, etc. You have advanced written and verbal communication and presentation More ❯

have a minimum of three years of experience in the field of cybersecurity and information risk management. You have working knowledge of leading frameworks such as ISO 27001, NIST Cybersecurity Framework (CSF), NIST 800-53, CIS, and the Cybersecurity Maturity Model. You have experience in writing policies, procedures, and controls in one or more More ❯

suppliers to ensure ongoing compliance with MOD standards (e.g., Secure By Design, DefStan 05-138). Conduct information security risk assessment and management using recognized frameworks such as NIST SP800. Perform information security assurance activities and manage incidents. Establish and manage internal and external Security Working Groups. Support Serco Defence projects and design activities, ensuring compliance with MOD … Secure by Design, HMG policy, NCSC guidance, NIST 800, and ISO 27001. Advise on technical requirements and compliance with formal contract security schedules (Security Aspects Letters) and recommend security technologies and controls. Provide advice and guidance to maintain existing cyber security compliances (e.g., ISO 27001, Cyber Essentials Plus), MOD certifications, and HMG security controls. Adopt a More ❯

technology and its cryptographic principles is a plus. Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with security frameworks such as NIST 800-57, ISO 27001 or PCI DSS. Are you the right candidate? Yes! We truly believe in the power that comes from the diverse backgrounds and experiences More ❯

latest trends, solutions, and best practices in the industry e.g. Application Security Posture Management (ASPM), Continuous Cyber and IT controls monitoring (CCM) Thorough understanding of compliance frameworks like NIST and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis … reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber More ❯

latest trends, solutions, and best practices in the industry e.g. Application Security Posture Management (ASPM), Continuous Cyber and IT controls monitoring (CCM) Thorough understanding of compliance frameworks like NIST and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis … reusable platform capability. It would be desirable , but not essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber More ❯

accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan 05-138 & Defstan More ❯

accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan 05-138 & Defstan More ❯

practices and security testing. Strong knowledge of common security vulnerabilities, attack vectors, and security testing frameworks, such as OWASP, MITRE ATT&CK, CVE/CVSS, and NIST SP 800-53. Experience of vulnerability scanning tools, penetration testing tools, and security testing frameworks (e.g., Nessus, Metasploit, Burp Suite, Nmap, Claire, and OpenSCAP). Extensive experience with … Red Teaming, Purple Teaming and Attack Automation. Familiarity with industry regulations and compliance standards related to cybersecurity, such as NIST CSF, SOC2, PCI DSS, and ISO 27001. A relevant professional qualification in Cyber and Information Security (e.g., OCSP, CISM, CISSP, CEH) Experience of vulnerability management and security testing in cloud environments (such as Azure, GCP and/or More ❯

Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct … penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools More ❯

Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct … penetration testing, vulnerability assessments, and remediation activities. Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) . Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools More ❯