21 of 21 JSP 440 Jobs in the UK

series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Certified Information System More ❯

configure tools for access governance, identity life cycle, and privileged access management in alignment with defence-grade standards Security Assurance & Compliance Ensure commission controls comply with MOD policies (eg JSP 440/JSP 604) and security frameworks such as NIST, ISO 27005, STIGs, and UK Functional Standard 007 Vulnerability Assessment & Access Review Support regular access reviews, entitlement … Active Directory, Azure AD, Okta), PAM/IGA systems, SSO/SAML/OAuth, and access governance tools. Security Framework Knowledge : Understanding of defence and public-sector security frameworks (JSP 440/604, STIGs, ISO 27001, Government Functional Standard 007) Incident & Risk Handling : Proven ability to conduct security incident investigations relevant to unauthorized access and remediate gaps. Communication More ❯

and configure tools for access governance, identity lifecycle, and privileged access management in alignment with defence-grade standards Security Assurance & Compliance Ensure commission controls comply with MOD policies (e.g. JSP 440/JSP 604) and security frameworks such as NIST, ISO 27005, STIGs, and UK Functional Standard 007 Vulnerability Assessment & Access Review Support regular access reviews, entitlement … Active Directory, Azure AD, Okta), PAM/IGA systems, SSO/SAML/OAuth, and access governance tools. Security Framework Knowledge : Understanding of defence and public-sector security frameworks (JSP 440/604, STIGs, ISO 27001, Government Functional Standard 007) Incident & Risk Handling : Proven ability to conduct security incident investigations relevant to unauthorized access and remediate gaps. Communication More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience working within secure or classified settings Expertise in risk management, security governance, and assurance practices Excellent stakeholder engagement and communication skills Active DV More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯

clearance (this is a higher level than security clearance) Willingness to be on site in Farnborough 2 days per week Bonus if you have: Familiarity with MOD policy (e.g. JSP 440, JSP 604) and assurance practices Experience with CI/CD tools, Kubernetes and modern DevSecOps approaches Knowledge of Tenable/Nessus, vulnerability management and SOC operations More ❯

SOC's mission of monitoring, detecting, analysing, and responding to cyber threats. Knowledge of the following policies and process. Required: NIST NCSC SOC Guidance NCSC CAF (CNI) Desirable: MoD JSP 440 MoD JSP 503 MoD JSP More ❯

from home. Essential experience of the Security Lead Relevant experience of the Maritime Defence and MOD IT Domain, including knowledge of Government/MOD IA policy and process including JSP440, JSP453, JSP628, DIANs and NCSC IA guidance. Able to demonstrate the application of contextualised risk management in the application of technical/procedural/physical security controls within the risk More ❯

management or assurance (military or civilian). Strong stakeholder engagement skills and the ability to explain technical risks in simple terms. Familiarity with security frameworks or policies such as JSP440, NCSC guidance, ISO 27001, Cyber Essentials or similar. Ability to travel and work on-site at secure locations. Qualifications and Training: SC clearance is essential (DV desirable). If you More ❯

police forces across the UK. NPPV3 Clearance is essential, and you must be based in the UK. Key Skills and Experience: Extensive experience applying standards such as ISO27001 , NIST , JSP440/JSP604 , and NCSC guidance Proven background in information risk management , governance , and security assurance Experience leading or contributing to risk assessments , audits , and security documentation Strong knowledge of technical More ❯

Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto More ❯

methodologies (e.g., NIST, ISO 27005). Experience developing security documentation and mitigation strategies. Excellent communication and technical writing skills. Desirable Experience Familiarity with MOD/HMG security policies (e.g., JSP 440, 604, 892). Experience working with classified government systems. Knowledge of Agile, DevSecOps, and CI/CD in secure environments. Understanding of secure system design and cloud More ❯

methodologies (e.g., NIST, ISO 27005). Experience developing security documentation and mitigation strategies. Excellent communication and technical writing skills. Desirable Experience Familiarity with MOD/HMG security policies (e.g., JSP 440, 604, 892). Experience working with classified government systems. Knowledge of Agile, DevSecOps, and CI/CD in secure environments. Understanding of secure system design and cloud More ❯

Government environments. Strong understanding of risk management frameworks and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and More ❯

scale transformation programmes Essential Skills & Experience Active SC Clearance is essential – candidates without current clearance cannot be considered Strong knowledge of UK government security standards (e.g. NCSC guidance, ISO27001, JSP 440) Proven experience designing and implementing secure systems in enterprise or government settings Familiarity with cloud platforms (AWS/Azure), identity management, secure networking, encryption, and SIEM Strong More ❯

testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experienceof SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability More ❯

Industry to include; Secure By Design (SBD), CISSP, HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604 (plus other standard MoD IA methods). As leading players in MOD's cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders More ❯

technical certifications. Experience with infrastructure automation tools such as PowerShell, Ansible and Terraform. Understanding of datacentre power and cooling requirements. Knowledge of secure environments and security regulations such as JSP 440 or SCIDA. Experience with monitoring tools like SCOM or SolarWinds. If you are interested in this role but not sure if your skills and experience are exactly More ❯

technical certifications. Experience with infrastructure automation tools such as PowerShell, Ansible and Terraform. Understanding of datacentre power and cooling requirements. Knowledge of secure environments and security regulations such as JSP 440 or SCIDA. Experience with monitoring tools like SCOM or SolarWinds. If you are interested in this role but not sure if your skills and experience are exactly More ❯

technical certifications. Experience with infrastructure automation tools such as PowerShell, Ansible and Terraform. Understanding of datacentre power and cooling requirements. Knowledge of secure environments and security regulations such as JSP 440 or SCIDA. Experience with monitoring tools like SCOM or SolarWinds. If you are interested in this role but not sure if your skills and experience are exactly More ❯

in highly governed environments with tight SLAs. Skilled in patch management and system update procedures. It would be great if you had: Experience with secure environments and familiarity with JSP 440 and SCIDA requirements. Proficiency in scripting (e.g., Bash , Python ) for secure automation. Familiarity with vulnerability management tools such as OpenSCAP and Nessus . Exposure to Red Hat More ❯