17 of 17 Permanent JSP 440 Jobs

Assessments and the management of these Assessments Ability to interpret Penetration Test Reports and write Remediation Action Plans An appreciation of the wider UK Government Assurance Processes (such as JSP 440, DEFSTAN 05-139 or the CAF GovAssure processes). This is not an exhaustive list, and we are keen to hear from you even if you might More ❯

Cyber Security across Government and Industry to include HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information More ❯

Cyber Security across Government and Industry to include HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information More ❯

Cyber Security across Government and Industry to include HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information More ❯

series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. Experience in business growth and bid development is desirable. What We’re Looking for: Essential Certified Information System More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and More ❯

Government environments. Strong understanding of risk management frameworks and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and More ❯

security tasks at the start of delivery * Writing Security Management Plans and setting strategic direction for security projects * Designing and documenting secure approaches aligned to MOD policies and requirements (JSP 440, 453, 604, etc.) * Advising on risk and mitigation strategies across digital, DevSecOps, and infrastructure teams * Working closely with the CISO and engaging directly with public sector customers More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯

testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experienceof SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability More ❯

Industry to include; Secure By Design (SBD), CISSP, HMG Information, Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604 (plus other standard MoD IA methods). As leading players in MOD's cyber security transformation to Secure by Design (SbD), we are looking for team members and leaders More ❯

within public sector/govt. Broad understanding of Security across SecOps, Cloud, Infrastructure, Networks & Engineering. Knowledge of Government cyber requirements related to Defence and Security e.g. Secure by Design, JSP 440. Excellent stakeholder management – must be able to articulate Security principles to both technical and non-technical stakeholders. Previous experience of using appropriate methodologies to identify, assess and manage More ❯

Personnel Security across the business. Maintain and evolve security policies and procedures to reflect changing business needs, in line with Government Functional Standards such as GovS 007: Security and JSP 440/441/490 . Work in collaboration with HR, IT, and Facilities to embed security into all relevant functions and projects. Oversee security vetting procedures for More ❯

clearance (this is a higher level than security clearance) Willingness to be on site in Farnborough 2 days per week Bonus if you have: Familiarity with MOD policy (e.g. JSP 440, JSP 604) and assurance practices Experience with CI/CD tools, Kubernetes and modern DevSecOps approaches Knowledge of Tenable/Nessus, vulnerability management and SOC operations More ❯

in highly governed environments with tight SLAs. Skilled in patch management and system update procedures. It would be great if you had: Experience with secure environments and familiarity with JSP 440 and SCIDA requirements. Proficiency in scripting (e.g., Bash, Python) for secure automation. Familiarity with vulnerability management tools such as OpenSCAP and Nessus. Exposure to Red Hat deployment More ❯

in highly governed environments with tight SLAs. Skilled in patch management and system update procedures. It would be great if you had: Experience with secure environments and familiarity with JSP 440 and SCIDA requirements. Proficiency in scripting (e.g., Bash, Python) for secure automation. Familiarity with vulnerability management tools such as OpenSCAP and Nessus. Exposure to Red Hat deployment More ❯

you will be responsible for safeguarding government information while protecting Rowden’s personnel, data, and facilities. You will play a critical role in maintaining compliance with GovS 007 and JSP 440, ensuring Rowden adheres to government frameworks and security standards. In this role, you will administer and continuously enhance Rowden’s Security Management System, fostering a strong security More ❯