22 of 22 JSP 440 Jobs in England

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience working within secure or classified settings Expertise in risk management, security governance, and assurance practices Excellent stakeholder engagement and communication skills Active DV More ❯

clearance (this is a higher level than security clearance) Willingness to be on site in Farnborough 2 days per week Bonus if you have: Familiarity with MOD policy (e.g. JSP 440, JSP 604) and assurance practices Experience with CI/CD tools, Kubernetes and modern DevSecOps approaches Knowledge of Tenable/Nessus, vulnerability management and SOC operations More ❯

SOC's mission of monitoring, detecting, analysing, and responding to cyber threats. Knowledge of the following policies and process. Required: NIST NCSC SOC Guidance NCSC CAF (CNI) Desirable: MoD JSP 440 MoD JSP 503 MoD JSP More ❯

management or assurance (military or civilian). Strong stakeholder engagement skills and the ability to explain technical risks in simple terms. Familiarity with security frameworks or policies such as JSP440, NCSC guidance, ISO 27001, Cyber Essentials or similar. Ability to travel and work on-site at secure locations. Qualifications and Training: SC clearance is essential (DV desirable). If you More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and More ❯

Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto More ❯

methodologies (e.g., NIST, ISO 27005). Experience developing security documentation and mitigation strategies. Excellent communication and technical writing skills. Desirable Experience Familiarity with MOD/HMG security policies (e.g., JSP 440, 604, 892). Experience working with classified government systems. Knowledge of Agile, DevSecOps, and CI/CD in secure environments. Understanding of secure system design and cloud More ❯

methodologies (e.g., NIST, ISO 27005). Experience developing security documentation and mitigation strategies. Excellent communication and technical writing skills. Desirable Experience Familiarity with MOD/HMG security policies (e.g., JSP 440, 604, 892). Experience working with classified government systems. Knowledge of Agile, DevSecOps, and CI/CD in secure environments. Understanding of secure system design and cloud More ❯

scale transformation programmes Essential Skills & Experience Active SC Clearance is essential – candidates without current clearance cannot be considered Strong knowledge of UK government security standards (e.g. NCSC guidance, ISO27001, JSP 440) Proven experience designing and implementing secure systems in enterprise or government settings Familiarity with cloud platforms (AWS/Azure), identity management, secure networking, encryption, and SIEM Strong More ❯

testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experienceof SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability More ❯

Industry to include; Secure By Design (SBD), CISSP, HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604 (plus other standard MoD IA methods). As leading players in MOD's cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders More ❯

understanding of the current security landscape and cyber security consulting principles. Strong experience managing cyber security strategy, risk management, and compliance in alignment with security policies (e.g. RMADS, JSP604, JSP440, SbD). Expertise in Public Key Infrastructure (PKI), identity management and federation, firewalls, SIEM, vulnerability scanning, and cryptography. Experience overseeing incident response, vulnerability management, and security service delivery, ideally within More ❯

and stakeholder management skills and demonstrable experience challenging suppliers within defence to ensure plans are realistic, achievable, and offer value for money. Familiarity with relevant standards (e.g. SbD, JSP604, JSP440) and security policies. This role is perfect for a dedicated professional looking to make a significant impact in the ICT sector within defence. Within this leading technology focused consultancy, you More ❯

and stakeholder management skills and demonstrable experience challenging suppliers within defence to ensure plans are realistic, achievable, and offer value for money. Familiarity with relevant standards (e.g. SbD, JSP604, JSP440) and security policies. This role is perfect for a dedicated professional looking to make a significant impact in the ICT sector within defence. Within this leading technology focused consultancy, youll More ❯

technical certifications. Experience with infrastructure automation tools such as PowerShell, Ansible and Terraform. Understanding of datacentre power and cooling requirements. Knowledge of secure environments and security regulations such as JSP 440 or SCIDA. Experience with monitoring tools like SCOM or SolarWinds. If you are interested in this role but not sure if your skills and experience are exactly More ❯

technical certifications. Experience with infrastructure automation tools such as PowerShell, Ansible and Terraform. Understanding of datacentre power and cooling requirements. Knowledge of secure environments and security regulations such as JSP 440 or SCIDA. Experience with monitoring tools like SCOM or SolarWinds. If you are interested in this role but not sure if your skills and experience are exactly More ❯

in highly governed environments with tight SLAs. Skilled in patch management and system update procedures. It would be great if you had: Experience with secure environments and familiarity with JSP 440 and SCIDA requirements. Proficiency in scripting (e.g., Bash , Python ) for secure automation. Familiarity with vulnerability management tools such as OpenSCAP and Nessus . Exposure to Red Hat More ❯

be advantageous if you also had : Prior experience working in the Defence domain. Understanding and/or practical experience of working within Secure by Design (SbD) principles (ie/JSP 440/604). Familiarity with AWS. Knowledge of accessibility standards (WCAG). Experience with React. Experience with Express. Experience with the Elastic stack. Experience with graph databases. More ❯

effectively in a team environment. It would be advantageous if you also had : Prior experience working in the Defence domain. Awareness of Secure by Design (SbD) principles (ie/JSP 440/604). Familiarity with AWS. Knowledge of accessibility standards (WCAG). Experience with React. Experience with Express. Experience with the Elastic stack. Experience with graph databases. More ❯

in the Defence domain, and/or delivering software solutions into Defence customers. Understanding and/or practical experience of working within Secure by Design (SbD) principles (ie/JSP 440/604). Familiarity with Cloud technologies such as AWS, Azure and or GCP. Knowledge of accessibility standards (WCAG/GDS etc ). Experience with CI/ More ❯

This would suit someone working towards or be qualified in CISSP/CISA/CISM and experience in risk and regulatory frameworks and standards, such as NIST, ISO27001, MOD JSP440, JSP604. Working for a very successful MSP who supports HMG’s security classification system working on defence projects. You must be security cleared or be willing and able to go … in workshops, meetings etc IT Health Checks (ITHC), audits, continuous improvement To co-ordinate and support with MOD and other authority assurance activities To support with the Completion of JSP processes Supporting the Development and maintenance of our Information Security Management System (ISMS) to best support the Company’s activities, including Risk Management and Accreditation Document Sets (RMADS) and More ❯

assurance across the product lifecycle * Act as the primary security lead in front of MOD stakeholders and suppliers * Apply Secure by Design principles to de-risk products and ensure JSP440 compliance * Collaborate with engineering and delivery teams to resolve security risks and issues * Influence security design decisions and advocate best practices in a fast-paced delivery environment Requirements: * Proven experience … delivering product security assurance within Defence or MOD programmes * Strong understanding of JSP440, Secure by Design, and product security lifecycle practices * Ability to operate independently, challenge suppliers, and represent security interests with confidence * End-to-end product security lifecycle experience (desirable) * Active SC Clearance is essential If you're a proactive Product Security Consultant who can lead security engagements in More ❯