IS1 & IS2 ISO27000 Series JSP440 JSP604 NCSC Guidance Material Secure by Design DefStan 05-139 Knowledge and application of non-UK Information Assurance StandardsNIST SP800 (in particular NIST SP 800-53, NIST SP 800-37, NIST SP) NIST Guidance Material Knowledge of encryption standards, technologies and key/certificate more »
Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Babcock
Officer Working knowledge HMG IA Standards, National Cyber Security Centre (NCSC) IA Publications, and MOD JSP440 Experience of international standards including ISO27000, ISO28000 andNIST Cyber Security Framework Providing customer facing ISO27k/ISO28k advice and guidance A broad understanding of computer and network technical architecture Ability to champion high more »
related to technology enhancements. Responsibilities: General Responsibilities: Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider more »
passport and current UK government security clearance (minimum SC; DV preferred). - Strong knowledge of security standardsand frameworks such as ISO/IEC27001, NIST, and the UK government's Security Policy Framework. - Proven experience in risk assessment, security auditing, and incident response. - Excellent communication and interpersonal skills, with the more »
Industry Security Qualifications, eg. CCP, CISSP, CISM (or able to achieve) · Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001) · Experience with using security baselines, mitigations and controls · Conducted cyber security analysis work, developed threat taxonomies, security architectures, security baselines and risk mitigations. more »
including but not limited to: Security governance and risk management approaches, tools, and techniques. Threat modelling (e.g. STRIDE) and socio-technical risk assessment (e.g. NIST 800-30) methodologies. Attack classification and characterisation frameworks (e.g. MITRE ATT&CK) Computer, Network and Cloud Security architectures and controls, System Hardening, Secure Boundary Protection … Transit, Public Key Infrastructure (PKI)), Security Monitoring and System Security Audit. Nationaland international security standards including the International Standards Organisation (ISO) 27000 series, NIST Cyber Security Framework, Risk Management Framework, and Special Publication 800 Series, NCSC Cyber Assessment Framework, and other industry frameworks. Familiarity with NCSC and industry best more »
