21 of 21 JSP 440 Jobs in the UK excluding London

Assessments and the management of these Assessments Ability to interpret Penetration Test Reports and write Remediation Action Plans An appreciation of the wider UK Government Assurance Processes (such as JSP 440, DEFSTAN 05-139 or the CAF GovAssure processes). This is not an exhaustive list, and we are keen to hear from you even if you might More ❯

Cyber Security across Government and Industry to include HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information More ❯

Cyber Security across Government and Industry to include HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information More ❯

Cyber Security across Government and Industry to include HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information More ❯

series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Certified Information System More ❯

training, and policy development. Key Requirements: Experience in product security engineering for defence/government programmes Strong background in risk assessments, mitigation planning & accreditation Familiar with: ISO27000, NIST SP800, JSP440, GovS 007, Common Criteria Understanding of platform security, firmware, cloud, and TEMPEST controls Degree in relevant field and/or NCSC-certified (e.g. CISSP, CISM) Strong documentation and stakeholder engagement More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and More ❯

Government environments. Strong understanding of risk management frameworks and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and More ❯

security tasks at the start of delivery * Writing Security Management Plans and setting strategic direction for security projects * Designing and documenting secure approaches aligned to MOD policies and requirements (JSP 440, 453, 604, etc.) * Advising on risk and mitigation strategies across digital, DevSecOps, and infrastructure teams * Working closely with the CISO and engaging directly with public sector customers More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯

Industry to include; Secure By Design (SBD), CISSP, HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604 (plus other standard MoD IA methods). As leading players in MOD's cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders More ❯

testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experienceof SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability More ❯

clearance (this is a higher level than security clearance) Willingness to be on site in Farnborough 2 days per week Bonus if you have: Familiarity with MOD policy (e.g. JSP 440, JSP 604) and assurance practices Experience with CI/CD tools, Kubernetes and modern DevSecOps approaches Knowledge of Tenable/Nessus, vulnerability management and SOC operations More ❯

within public sector/govt. Broad understanding of Security across SecOps, Cloud, Infrastructure, Networks & Engineering. Knowledge of Government cyber requirements related to Defence and Security e.g. Secure by Design, JSP 440. Excellent stakeholder management – must be able to articulate Security principles to both technical and non-technical stakeholders. Previous experience of using appropriate methodologies to identify, assess and manage More ❯

in highly governed environments with tight SLAs. Skilled in patch management and system update procedures. It would be great if you had: Experience with secure environments and familiarity with JSP 440 and SCIDA requirements. Proficiency in scripting (e.g., Bash, Python) for secure automation. Familiarity with vulnerability management tools such as OpenSCAP and Nessus. Exposure to Red Hat deployment More ❯

in highly governed environments with tight SLAs. Skilled in patch management and system update procedures. It would be great if you had: Experience with secure environments and familiarity with JSP 440 and SCIDA requirements. Proficiency in scripting (e.g., Bash, Python) for secure automation. Familiarity with vulnerability management tools such as OpenSCAP and Nessus. Exposure to Red Hat deployment More ❯

the following: Essential Ability to travel and work onboard surface and sub-surface vessels Ability to travel for projects as and when required (occasionally includes foreign travel) Knowledge of JSP440/441 Working knowledge of SharePoint Knowledge and experience with information management MOD security clearance or be willing to undergo Security Clearance to DV level Desirable Skills Some knowledge of More ❯

the following: Essential Ability to travel and work onboard surface and sub-surface vessels Ability to travel for projects as and when required (occasionally includes foreign travel) Knowledge of JSP440/441 Working knowledge of SharePoint Knowledge and experience with information management MOD security clearance or be willing to undergo Security Clearance to DV level Desirable Skills Some knowledge of More ❯

you will be responsible for safeguarding government information while protecting Rowden’s personnel, data, and facilities. You will play a critical role in maintaining compliance with GovS 007 and JSP 440, ensuring Rowden adheres to government frameworks and security standards. In this role, you will administer and continuously enhance Rowden’s Security Management System, fostering a strong security More ❯