19 of 19 NIST Jobs in the City of London

security policies, procedures, and best practices. Provide cybersecurity awareness training and guidance to end users and internal teams. Participate in audits and ensure guidelines from industry standards (ISO 27001, NIST, SOC 2) are followed internally and best practices regularly reviewed. Proactively assess recovery capabilities, with the aim of minimizing business impact in case of incidents. Plan and rehearse incident response More ❯

e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence technical and business stakeholders across all levels of an organization Experience supporting RFP/RFI processes, technical solution documentation, and bill More ❯

closely with DevOps to embed security in CI/CD pipelines and infrastructure-as-code processes - Enforce security policies, standards, and procedures aligned with frameworks like ISO 27001 and NIST - Monitor and report on risk posture, incident trends, and compliance status to inform leadership decisions - Guide and support junior cybersecurity professionals and interns through technical coaching and feedback You: - Bachelor … SIEM platforms (especially Azure Sentinel) and vulnerability management tools - Strong knowledge of incident response, infrastructure hardening, and cloud security controls - Familiarity with SOC 2, ISO 27001, Cyber Essentials, and NIST frameworks - Experience with core security technologies: firewalls, EDR, IAM, DLP, encryption - Strong communication, documentation, and stakeholder engagement skills Benefits: - Join a growing business in a thriving and innovative sector - Join More ❯

Risk Management and/or Information Security Proven experience conducting application-level security risk assessments Strong understanding of: Secure software and network architecture Risk management frameworks (eg ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) OWASP Top 10, encryption, data classification, and secure data flows Ability to read and interpret HLDs/LLDs to identify More ❯

Risk Management and/or Information Security Proven experience conducting application-level security risk assessments Strong understanding of: Secure software and network architecture Risk management frameworks (eg ISO 3100X, NIST 800-30/37/39, ENISA, EBIOS, OCTAVE, FAIR) OWASP Top 10, encryption, data classification, and secure data flows Ability to read and interpret HLDs/LLDs to identify More ❯

security posture. Experience & Knowledge: 8+ years in Information Security with a strong architecture focus. Expert in lateral movement risks, network segmentation, and endpoint security. Deep familiarity with security frameworks: NIST, ISO 27001, Zero Trust. Extensive experience with Windows and Linux hardening. Skilled in protocol analysis, network architecture, and infrastructure design. Technical Toolkit: Strong command of Azure Log Analytics, KQL, and More ❯

and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks More ❯

About Us Integrity360 is one of Europe’s leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services for our 300+ clients. With four top-class More ❯

regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management, scenario-based testing, and oversight of third-party providers. More ❯

regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management, scenario-based testing, and oversight of third-party providers. More ❯

experience delivering cyber/IT security projects in a regulated environment. Strong understanding of cybersecurity domains: IAM, threat intel, incident response, vendor risk, etc. Familiarity with frameworks such as NIST, ISO 27001, PCI-DSS, and FFIEC. Solid grasp of the full project delivery lifecycle (PDLC). Strong stakeholder management, documentation, and analytical skills. More ❯

Senior IT GRC Analyst City of London/Hybrid £Competitive + strong bonus and benefits GRC Frameworks, ISO 27001, NIST A prestigious financial services organisation in the heart of the City of London is seeking a Senior IT GRC Analyst to join its dynamic team. In this collaborative role, you will support the development and enhancement of IT Governance, Risk … security and operational risk assessments. High attention to detail, ensuring accuracy in documentation, assessments, and compliance activities. Strong understanding of information security risk management principles, frameworks (e.g., ISO 27001, NIST), and compliance practices. Exposure and understanding of IT infrastructure, business applications, and their associated risks and controls. Experience collaborating with internal and external audit teams, including supporting audit readiness and More ❯

strategies. Deploy, configure, and manage security tools to optimize detection, response, and reporting functions. Skills & Knowledge Solid understanding of SOC best practices, incident response, and regulatory frameworks (e.g., GDPR, NIST, ISO 27001). Hands-on experience with security technologies such as SIEM, IDS/IPS, EDR, etc. Excellent communication skills, including the ability to explain technical topics to non-technical More ❯

demonstrate excellent communication, documentation, analytical and troubleshooting skills, with the ability to work independently while coordinating across multiple teams. Additional exposure to regulatory frameworks such as NIS, ISO 27001, NIST-800 or Cyber Essentials would be beneficial, as would experience with DevOps and cloud-based PAM strategies. The environment is largely based on Microsoft and VMware on-premises infrastructure, with More ❯

operational controls (such as back-ups, resilient design, anti-virus) are essential * Knowledge of Threat modelling, control frameworks and Risk assessment techniques (such as ISO2700x, COBIT, COSO, ITIL and NIST Cyber Security Framework) is desirable * Knowledge of Cloud Security practices is desirable Experience in the following areas would be beneficial- * Security Design in projects (setting requirements, reviewing architecture) * Risk assessment More ❯

industry trends, certifications, and evolving technologies to maintain thought leadership in cyber security. Skills & Experience: Deep knowledge of cyber security domains such as vulnerability management, cyber tolerant backup, DORA, NIST frameworks, and SOC services. Proven consultative selling experience in technical services, ideally across multiple industries. Strong communication skills with the ability to simplify technical concepts and influence stakeholders. Recognised as More ❯

Tracker * Optional failure remediation support to control owners Key Skills/Knowledge: * Knowledge of IT domain, IT control frameworks, IT related regulations. * Knowledge of control and regulatory frameworks (e.g. NIST, PS21/3, COBIT, DORA, etc.). * Analytical Skills * Ability to take a rigorous and methodical approach to IT control testing * Exceptional stakeholder management and communication skills to engage effectively More ❯

Compliance, Audit, and Third-Party Risk). Guide clients through their governance journeys, from discovery to go-live, ensuring alignment with best practices and regulatory expectations (GDPR, ISO 27001, NIST, etc.). Translate complex risk and compliance needs into scalable, tech-enabled solutions using the OneTrust platform. Collaborate with cross-functional teams — from legal and privacy professionals to IT and More ❯

results, perform quality checks, and track closure progress. Provide optional remediation support where failures are identified. Skills & Experience: Strong background in IT domain , control frameworks, and regulatory standards (e.g. NIST, PS21/3, COBIT, DORA ). CISA certification preferred. Proven ability to manage end-to-end IT controls testing independently. Confident engaging with stakeholders across risk, control, and governance teams. More ❯