1 to 25 of 48 JSP 440 Jobs

Recognised cyber security certifications (e.g. CISSP, CISM, CISA) Proven experience in a cyber security role Experience in customer-facing roles Familiarity with HMG/MoD cyber policies, standards (e.g. JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment More ❯

Assurance teams. Deliver security artefacts within tight timescales. Essential Skills, Qualifications & Experience Minimum 5 years’ experience in a Security Assurance Coordinator role. Expertise in defence security policies and standards (JSP 440, 453, HMG policies). Proven ability to produce RMADS, Security Instructions, and risk documentation. Knowledge of Security Incident Management processes. Experience conducting Risk Assessments and IT Health More ❯

secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. The More ❯

secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. Key More ❯

Recognised cyber security certifications (e.g. CISSP, CISM, CISA) Proven experience in a cyber security role Experience in customer-facing roles Familiarity with HMG/MoD cyber policies, standards (e.g. JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment More ❯

and contain damage, and devise measures to protect against future breaches. What you’ll need: In-depth knowledge and experience with MOD policies and standards, including Secure by Design, JSP 440, and DefStan 05-138/DCPP. ISO27001 Lead Implementer/Auditor, CISSP or CISM. Strong understanding of data protection compliance and relevant privacy certifications. Proficiency in risk More ❯

series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. Experience in business growth and bid development is desirable. What We’re Looking for: Certified Information System Security More ❯

of common CS&IA bodies, standards, frameworks, guidelines and legislation, including: HMG/NCSC Information Assurance Policies, Standards and Guidelines Cross-government security accreditation and secure by design processes JSP440 (plus other standard MoD IA methods) DCPP's Cyber Security Model List X, List N Cyber Essentials Office for Nuclear Regulation (ONR) Security Assessment Principles (SyAPs) NIST GDPR, DPA, Computer More ❯

of common CS&IA bodies, standards, frameworks, guidelines and legislation, including: HMG/NCSC Information Assurance Policies, Standards and Guidelines Cross-government security accreditation and secure by design processes JSP440 (plus other standard MoD IA methods) DCPP’s Cyber Security Model List X, List N Office for Nuclear Regulation (ONR) Security Assessment Principles (SyAPs) NIST GDPR, DPA, Computer Misuse Act More ❯

security tasks at the start of delivery • Writing Security Management Plans and setting strategic direction for security projects • Designing and documenting secure approaches aligned to MOD policies and requirements (JSP 440, 453, 604, etc.) • Advising on risk and mitigation strategies across digital, DevSecOps, and infrastructure teams • Working closely with the CISO and engaging directly with public sector customers More ❯

Government environments. Strong understanding of risk management frameworks and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and More ❯

Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto More ❯

training, and policy development. Key Requirements: Experience in product security engineering for defence/government programmes Strong background in risk assessments, mitigation planning & accreditation Familiar with: ISO27000, NIST SP800, JSP440, GovS 007, Common Criteria Understanding of platform security, firmware, cloud, and TEMPEST controls Degree in relevant field and/or NCSC-certified (e.g. CISSP, CISM) Strong documentation and stakeholder engagement More ❯

training, and policy development. Key Requirements: Experience in product security engineering for defence/government programmes Strong background in risk assessments, mitigation planning & accreditation Familiar with: ISO27000, NIST SP800, JSP440, GovS 007, Common Criteria Understanding of platform security, firmware, cloud, and TEMPEST controls Degree in relevant field and/or NCSC-certified (e.g. CISSP, CISM) Strong documentation and stakeholder engagement More ❯

training, and policy development. Key Requirements: Experience in product security engineering for defence/government programmes Strong background in risk assessments, mitigation planning & accreditation Familiar with: ISO27000, NIST SP800, JSP440, GovS 007, Common Criteria Understanding of platform security, firmware, cloud, and TEMPEST controls Degree in relevant field and/or NCSC-certified (e.g. CISSP, CISM) Strong documentation and stakeholder engagement More ❯

security tasks at the start of delivery • Writing Security Management Plans and setting strategic direction for security projects • Designing and documenting secure approaches aligned to MOD policies and requirements (JSP 440, 453, 604, etc.) • Advising on risk and mitigation strategies across digital, DevSecOps, and infrastructure teams • Working closely with the CISO and engaging directly with public sector customers More ❯

security tasks at the start of delivery * Writing Security Management Plans and setting strategic direction for security projects * Designing and documenting secure approaches aligned to MOD policies and requirements (JSP 440, 453, 604, etc.) * Advising on risk and mitigation strategies across digital, DevSecOps, and infrastructure teams * Working closely with the CISO and engaging directly with public sector customers More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and More ❯

security tasks at the start of delivery • Writing Security Management Plans and setting strategic direction for security projects • Designing and documenting secure approaches aligned to MOD policies and requirements (JSP 440, 453, 604, etc.) • Advising on risk and mitigation strategies across digital, DevSecOps, and infrastructure teams • Working closely with the CISO and engaging directly with public sector customers More ❯

Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation. Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto More ❯

business's information security interests within the Detection Division. Candidate Profile Proven leadership skills with excellent interpersonal and influencing abilities. Thorough knowledge of Security Policy Framework/GOV S007, JSP 440. Experience in securing and maintaining ISO 27001 and MOD accreditation. Understanding of GDPR compliance requirements. Ability to produce security risk assessments and recommend mitigations. Experience with CPNI requirements More ❯

months remaining. Experience (Nice to have) Support development in a secure-by-design methodology; Experience in the UK Defence sectors is highly desirable; Knowledge of MOD policies (e.g. JSP 440, 453/604, 892); Knowledge and experience of Agile, DevSecOps, CI/CD principles and their application in secure environments. Key Responsibilities and Tasks Creation of Security Management More ❯

expected but not mandatory. Thorough understanding of modern IT infrastructure, applications and Cloud based technologies. Strong understanding of Secure by Design principles and MOD security policies and requirements (e.g. JSP 440, JSP 605, DEFCON 658). Proven analytical skills with a logical approach to problem-solving and the ability to develop innovative ideas and effective solutions. Effective More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯