Salary: £36,000 - 50,000 per year Requirements: Proven experience operating within a security risk role or frameworks such as NIST RMF or CSF Thorough understanding of defence policies, standards, and risk management processes Excellent stakeholder engagement skills Experience in security risk management within the defence or government sector Familiarity with JSP 440, JSP 453, and MOD cyber security policies Ability to produce Security Management Plans, Security Instructions, and related policy documentation Strong understanding of risk reduction strategies like Incident Response, Vulnerability Management, and Patch Management Experience leading risk assessments, risk treatment planning, and managing IT health check activities Effective stakeholder communication skills within MOD or similar environments Current SC security clearance (minimum) Professional registration such as CISSP, CISM, CGRC, or equivalent (desirable) Chartered status or membership in a recognised cyber security or engineering body (desirable) Responsibilities: Establish and maintain robust security activities across the project lifecycle Implement continuous assurance strategies aligned with Secure by Design (SbD) guidance Ensure compliance with MOD policies such as JSP 440 and JSP 453 Provide expert advice on risk management Oversee security controls and facilitate stakeholder engagement across multiple Defence and governmental teams Provide expertise on cyber risk mitigation, identifying threats, and managing security risks throughout the system lifecycle Develop and maintain security artefacts and manage compliance with relevant standards and policies Represent the project in security forums and working groups Ensure clear communication of cyber risks to all stakeholders Oversee all assurance activities, including audits, vulnerability assessments, and remediation plans Balance business needs with security requirements to find pragmatic, effective solutions Technologies: JSP Security More: At Evodia Limited, we are seeking a highly experienced SC cleared Project Security Lead for our Defence client. This is a fantastic opportunity to contribute to key security initiatives within a complex, high-security environment, helping to safeguard critical systems and information. The role offers a flexible working pattern, with the choice of being based in Corsham, Wiltshire, or Portsmouth, Hampshire, with hybrid working of 2 to 3 days onsite per week. We provide a collaborative, supportive environment where your expertise will help shape vital security strategies for the MOD, with a 2-year contract, inside IR35, and a negotiable day rate. last updated 9 week of 2026