15 of 15 NIST Jobs in Gloucestershire

Compliance role A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) Experience with the design concepts associated with adoption of Cloud platforms (AWS and More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

an asset. Licensure/Certifications: Industry certification (i.e. AWS CSA, ISC2 ISSAP, SABSA SCF or similar) Knowledge, Skills, Demonstrated Capabilities & Competencies: Familiarity with various security certifications such as ISO2700, NIST, etc., sufficient to provide immediate leadership and guidance to individuals, teams and departments in meeting the organization's security requirements Excellent management, analytical and problem-resolution skills Working knowledge of More ❯

lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability … assessments, and remediation activities. The Person Key Skills & Experience: Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53). Experience with defence and government security standards (JSPs, Def Stan 05-138/139). Proficiency in security testing tools, technologies, and techniques. Ability to analyze and mitigate security More ❯

in Cyber Security Good understanding of core security principles and tools Exposure to network security, vulnerability management, or risk assessments (preferred) Familiarity with security frameworks such as ISO 27001, NIST, or PCI DSS (preferred) Professional certifications like Security+, CEH, or CISSP are desirable Analytical mindset, attention to detail, and a proactive approach to learning What You'll Get Dedicated Mentorship More ❯

with the ability to interface at the highest level and exhibit good verbal, written and presentation skills. Experience of working within key Cyber Security principles and standards (ISO 27001, NIST, Cyber Essentials, MITRE). [i] Experience working in a customer-facing role desirable. You should have experience in managing team driven workloads. Demonstrable experience driving continuous improvement initiatives. Benefits & culture More ❯

modelling, secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing … experience (5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK More ❯

IAM configurations. Strong understanding of IAM concepts (authentication, authorization, provisioning, SSO, MFA, PAM). Familiarity with directories (Active Directory, LDAP). Knowledge of industry security frameworks and compliance (e.g., NIST, ISO 27001). Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from More ❯

variety in your day-to-day. What you'll be doing Designing robust, secure-by-design architectures aligned to MOD and wider government standards Managing risk using frameworks like NIST 800-53 and producing key security artefacts (RMAs, Security Aspects, Test Plans, etc.) Working with cross-functional teams including DevSecOps, Software, Infrastructure and Agile delivery Providing strategic guidance on cyber More ❯

response and contribute to security awareness across teams. Clearly communicate risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001/2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan 05-138/139). More ❯

include: Creating business risk models and associated material, in support of operational cyber security and business planning across a range of different domains or sectors using established frameworks (e.g. NIST, UK Government) Undertake cyber security audit processes in support of operational and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, UK Government … of organisational maturity and risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a given … of the Cyber Security Risk Consultant: Digitally literate (including fluency in Microsoft Office tools) Minimum of 2-3 years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯

of action The ability to understand how architects and designers employ technology to build systems of interest Digitally literate (including fluency in Microsoft Office tools) Able to understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't More ❯

and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and non-technical audiences. Security Clearance eDV clearance is More ❯

Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this More ❯