1 to 25 of 29 Remote JSP 440 Jobs

Recognised cyber security certifications (e.g. CISSP, CISM, CISA) Proven experience in a cyber security role Experience in customer-facing roles Familiarity with HMG/MoD cyber policies, standards (e.g. JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment More ❯

Assurance teams. Deliver security artefacts within tight timescales. Essential Skills, Qualifications & Experience Minimum 5 years’ experience in a Security Assurance Coordinator role. Expertise in defence security policies and standards (JSP 440, 453, HMG policies). Proven ability to produce RMADS, Security Instructions, and risk documentation. Knowledge of Security Incident Management processes. Experience conducting Risk Assessments and IT Health More ❯

secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. The More ❯

secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards. Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans). Conduct penetration testing, vulnerability assessments, and remediation activities. Key More ❯

Recognised cyber security certifications (e.g. CISSP, CISM, CISA) Proven experience in a cyber security role Experience in customer-facing roles Familiarity with HMG/MoD cyber policies, standards (e.g. JSP440), and processes Experience with Secure by Design implementation and related tooling Knowledge of NCSC Cyber Assurance Framework (CAF) and GovAssure audits Understanding of NIST Cyber Security Framework and risk assessment More ❯

and contain damage, and devise measures to protect against future breaches. What you’ll need: In-depth knowledge and experience with MOD policies and standards, including Secure by Design, JSP 440, and DefStan 05-138/DCPP. ISO27001 Lead Implementer/Auditor, CISSP or CISM. Strong understanding of data protection compliance and relevant privacy certifications. Proficiency in risk More ❯

series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. Experience in business growth and bid development is desirable. What We’re Looking for: Certified Information System Security More ❯

of common CS&IA bodies, standards, frameworks, guidelines and legislation, including: HMG/NCSC Information Assurance Policies, Standards and Guidelines Cross-government security accreditation and secure by design processes JSP440 (plus other standard MoD IA methods) DCPP's Cyber Security Model List X, List N Cyber Essentials Office for Nuclear Regulation (ONR) Security Assessment Principles (SyAPs) NIST GDPR, DPA, Computer More ❯

Government environments. Strong understanding of risk management frameworks and secure-by-design principles. Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D ONR SyAPs (Security Assessment Principles) Excellent stakeholder communication skills – you can clearly explain complex security concepts to both technical and More ❯

Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto More ❯

training, and policy development. Key Requirements: Experience in product security engineering for defence/government programmes Strong background in risk assessments, mitigation planning & accreditation Familiar with: ISO27000, NIST SP800, JSP440, GovS 007, Common Criteria Understanding of platform security, firmware, cloud, and TEMPEST controls Degree in relevant field and/or NCSC-certified (e.g. CISSP, CISM) Strong documentation and stakeholder engagement More ❯

training, and policy development. Key Requirements: Experience in product security engineering for defence/government programmes Strong background in risk assessments, mitigation planning & accreditation Familiar with: ISO27000, NIST SP800, JSP440, GovS 007, Common Criteria Understanding of platform security, firmware, cloud, and TEMPEST controls Degree in relevant field and/or NCSC-certified (e.g. CISSP, CISM) Strong documentation and stakeholder engagement More ❯

training, and policy development. Key Requirements: Experience in product security engineering for defence/government programmes Strong background in risk assessments, mitigation planning & accreditation Familiar with: ISO27000, NIST SP800, JSP440, GovS 007, Common Criteria Understanding of platform security, firmware, cloud, and TEMPEST controls Degree in relevant field and/or NCSC-certified (e.g. CISSP, CISM) Strong documentation and stakeholder engagement More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and More ❯

Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing & Assurance Design and More ❯

expected but not mandatory. Thorough understanding of modern IT infrastructure, applications and Cloud based technologies. Strong understanding of Secure by Design principles and MOD security policies and requirements (e.g. JSP 440, JSP 605, DEFCON 658). Proven analytical skills with a logical approach to problem-solving and the ability to develop innovative ideas and effective solutions. Effective More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯

Provide strategic guidance on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities … based systems Essential Skills & Experience: Proven experience as a Security Architect within MOD or wider defence/public sector environments Strong understanding of MOD security protocols and delivery frameworks (JSP 440, DEFCONs, etc.) Demonstrable experience in cloud security (Azure, AWS or hybrid environments), ideally within secure or classified settings Expertise in risk management, security governance, and assurance practices More ❯

testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experienceof SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability More ❯

testing Modelling Cyber security risks using established and novel frameworks Essential experience of the Principal Cyber Security Consultant: In-depth knowledge of MoD Security policy In-depth knowledge of JSP440 and JSP604 Experienceof SbD and the application of it to MoD Products, Services or Systems The ability to evaluate established and novel cyber security solution concepts and strategies The ability More ❯

into secure, compliant, and cost-effective Azure solutions. Collaborate with cybersecurity teams to ensure solutions meet UK government security classifications, accreditation processes, and relevant compliance frameworks (eg NCSC, MOD JSP, ISO 27001). Support deployment automation and Infrastructure-as-Code (IaC) approaches leveraging Azure Resource Manager (ARM), Bicep, or Terraform. Conduct Azure cost optimisation, performance tuning, and cloud governance … obtain clearance required). Desirable Skills Experience working in Defence, Aerospace, or Government sectors. Familiarity with enterprise network integration and Legacy system interfacing. Knowledge of MOD standards such as JSP 440, JSP 604, and Secure by Design principles. Exposure to Microsoft Purview, Defender for Cloud, or other advanced security services. TOGAF or SABSA certification. Certifications (Mandatory) Microsoft More ❯

within public sector/govt. Broad understanding of Security across SecOps, Cloud, Infrastructure, Networks & Engineering. Knowledge of Government cyber requirements related to Defence and Security e.g. Secure by Design, JSP 440. Excellent stakeholder management – must be able to articulate Security principles to both technical and non-technical stakeholders. Previous experience of using appropriate methodologies to identify, assess and manage More ❯

Nice to have) Experience of supporting development in a government or defence sector; Hands-on experience of configuring CI/CD tools and Kubernetes; Knowledge of MOD policies (e.g. JSP 440); Experience with Slunk, Elastic SIEM, Nessus/Tenable Management of SOC processes Environment and Benefits We have modern offices in Cody Technology Park and have well established More ❯

the following: Essential Ability to travel and work onboard surface and sub-surface vessels Ability to travel for projects as and when required (occasionally includes foreign travel) Knowledge of JSP440/441 Working knowledge of SharePoint Knowledge and experience with information management MOD security clearance or be willing to undergo Security Clearance to DV level Desirable Skills Some knowledge of More ❯

the following: Essential Ability to travel and work onboard surface and sub-surface vessels Ability to travel for projects as and when required (occasionally includes foreign travel) Knowledge of JSP440/441 Working knowledge of SharePoint Knowledge and experience with information management MOD security clearance or be willing to undergo Security Clearance to DV level Desirable Skills Some knowledge of More ❯