Old Down, Gloucestershire, United Kingdom Hybrid / WFH Options
Matchtech
risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001 / 2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan 05-138 / 139). Familiarity with HMG security and assurance frameworks is More ❯
Almondsbury, Gloucestershire, United Kingdom Hybrid / WFH Options
Frontier Resourcing
modelling, secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001 /27005, NIST 800-30 / 53, JSP 440 / 604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security … . Testing & Assurance Design and execute penetration tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI / CD integration, SAST / DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or … application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001 / 2 / 5 / 31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138 / 139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). Eligible for UK More ❯
breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO … /IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005/ 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯
breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23 / 09 Secure by Design Knowledge of security frameworks, such as ISO … /IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001 / 2, ISO27005/ 31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further More ❯
