6 of 6 Permanent NIST Jobs in the East Midlands

and the wider estate are sufficiently tested for signs of vulnerability. Governance, Risk & Compliance (GRC) Ensure audit readiness, control effectiveness (key SOX/ITGC, NIST/ISO mappings), and remediation governance; lead policy lifecycle and attestations. Oversee the enterprise risk process (RCSA, KRIs), executive reporting, and board risk briefings. Improve ...

implementation of the Operational Technology security strategy across engineering and operational teams. Assist in applying recognised cyber security frameworks such as National Institute of Standards and Technology Cyber Security Framework and IEC 62443 to operational environments. Work with engineering teams to understand how operational systems such as Supervisory Control and ...

scaling high‐performing engineering teams. Deep expertise in cloud security, particularly across AWS and Azure. Strong understanding of security frameworks and compliance standards (e.g., NIST, ISO 27001, PCI‐DSS). Hands‐on experience with security automation tools (SAST, DAST, IAST, RASP), container security, and orchestration platforms. Familiarity with programming and ...

and insight to senior stakeholders About You Experience within cyber GRC, IT audit, or risk management Strong understanding of frameworks such as ISO 27001, NIST, or similar Confident communicator, able to translate technical risks into business impact Proactive and detail-oriented, with a collaborative approach ...

and strong stakeholder skills, including: CISM qualification (or equivalent) Strong knowledge of ISO 27001, ideally as a Lead Auditor or Auditor Working knowledge of NIST CSF and NIST SP 800-53 Excellent understanding of relevant legal, regulatory and compliance requirements Proven experience implementing and operating security management in line with ...

work, gap analyses and audits Working on SIEM, EDR and Vulnerability Management tools. Working in compliance with various security frameworks (ISO27001, Cyber Essentials +, NIST, CAF.) Working alongside the MSSP to ensure that risks and alerts raised are relevant to the organisation, reducing false positives wherever possible Assisting with vulnerability …/IDS, EDR, SIEM, Vulnerability scanning - any toolsets considered. Experience working in alignment with security best practice frameworks (e.g. ISO27001, Cyber Essentials +, NIST, CAF) Experience working alongside 3rd parties to enhance security posture would be ideal (MSSPs, Auditors etc.) Experience responding to audit requirements and artefact gathering would also ...