20 of 20 JSP 440 Jobs in the South West

Assurance teams. Deliver security artefacts within tight timescales. Essential Skills, Qualifications & Experience Minimum 5 years’ experience in a Security Assurance Coordinator role. Expertise in defence security policies and standards (JSP 440, 453, HMG policies). Proven ability to produce RMADS, Security Instructions, and risk documentation. Knowledge of Security Incident Management processes. Experience conducting Risk Assessments and IT Health More ❯

secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. Key More ❯

secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. Key More ❯

Recognised cyber security certifications (e.g. CISSP, CISM, CISA) Proven experience in a cyber security role Experience in customer-facing roles Familiarity with HMG/MoD cyber policies, standards (e.g. JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment More ❯

and contain damage, and devise measures to protect against future breaches. What you’ll need: In-depth knowledge and experience with MOD policies and standards, including Secure by Design, JSP 440, and DefStan 05-138/DCPP. ISO27001 Lead Implementer/Auditor, CISSP or CISM. Strong understanding of data protection compliance and relevant privacy certifications. Proficiency in risk More ❯

series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Certified Information System More ❯

series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. Experience in business growth and bid development is desirable. What We’re Looking for: Certified Information System Security More ❯

of common CS&IA bodies, standards, frameworks, guidelines and legislation, including: HMG/NCSC Information Assurance Policies, Standards and Guidelines Cross-government security accreditation and secure by design processes JSP440 (plus other standard MoD IA methods) DCPP's Cyber Security Model List X, List N Cyber Essentials Office for Nuclear Regulation (ONR) Security Assessment Principles (SyAPs) NIST GDPR, DPA, Computer More ❯

of common CS&IA bodies, standards, frameworks, guidelines and legislation, including: HMG/NCSC Information Assurance Policies, Standards and Guidelines Cross-government security accreditation and secure by design processes JSP440 (plus other standard MoD IA methods) DCPP’s Cyber Security Model List X, List N Office for Nuclear Regulation (ONR) Security Assessment Principles (SyAPs) NIST GDPR, DPA, Computer Misuse Act More ❯

Government environments. Strong understanding of risk management frameworks and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and More ❯

Government environments. Strong understanding of risk management frameworks and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and More ❯

expected but not mandatory. Thorough understanding of modern IT infrastructure, applications and Cloud based technologies. Strong understanding of Secure by Design principles and MOD security policies and requirements (e.g. JSP 440, JSP 605, DEFCON 658). Proven analytical skills with a logical approach to problem-solving and the ability to develop innovative ideas and effective solutions. Effective More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯

testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experienceof SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability More ❯

testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experienceof SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability More ❯

are we looking for? This role of Project Security Advisor is great for you if: Strong understanding of HMG and MOD security frameworks, including SPF/GovS 007, SAL, JSP 440, and CSM. Experience conducting audits, investigations, and risk management. Knowledge of HMG/MOD information and cyber security principles, standards, and best practices. We're all about More ❯

accreditation, ensuring all necessary documentation is up to date Support MOD SAQ (Supplier Assurance Questionnaire) compliance, working with internal teams to meet security requirements such as MOD Security Policy JSP440 Ensure adherence to government and financial sector security regulations across the agency Internal training Delivery compliance training to staff on GDPR, security awareness and best practices and ISO requirements Ensure More ❯

accreditation, ensuring all necessary documentation is up to date Support MOD SAQ (Supplier Assurance Questionnaire) compliance, working with internal teams to meet security requirements such as MOD Security Policy JSP440 Ensure adherence to government and financial sector security regulations across the agency Internal training Delivery compliance training to staff on GDPR, security awareness and best practices and ISO requirements Ensure More ❯

within public sector/govt. Broad understanding of Security across SecOps, Cloud, Infrastructure, Networks & Engineering. Knowledge of Government cyber requirements related to Defence and Security e.g. Secure by Design, JSP 440. Excellent stakeholder management – must be able to articulate Security principles to both technical and non-technical stakeholders. Previous experience of using appropriate methodologies to identify, assess and manage More ❯

you will be responsible for safeguarding government information while protecting Rowden’s personnel, data, and facilities. You will play a critical role in maintaining compliance with GovS 007 and JSP 440, ensuring Rowden adheres to government frameworks and security standards. In this role, you will administer and continuously enhance Rowden’s Security Management System, fostering a strong security More ❯