Offre d'emploi DV Cleared Security Engineer

Security Engineer (Commission & Access Control) - DV Cleared - London - Up to £100,000 per annum

Are you a technically adept security engineer with active DV (Developed Vetting) clearance and a passion for designing and enforcing identity, commission, and access control systems within secure IT environments? If so, Morela has an exciting opportunity for you.

Morela is partnering with a leading UK consultancy operating across defence, intelligence, and critical national infrastructure sectors. They are seeking a DV‑cleared Security Engineer with expertise in commission (authorization policies) and access control within IT systems. This role merges technical security engineering with strategic oversight, delivering high-assurance access mechanisms for mission-critical systems.

You'll join a dynamic team responsible for ensuring secure and compliant access across classified and high-stake environments in both public sector and government settings.

Core Responsibilities

• Access Control & Commissioning
  
  
  Design, implement, and manage authorization models and commission processes across IT systems (identity management, role‑based access control, privilege management, segregation of duties).





• Policy Enforcement & Workflow Configuration
  
  
  Configure and maintain access control workflows, access control lists (ACLs), and entitlement models; integrate with identity providers (e.g. Active Directory, IAM solutions).





• Security Tool Deployment
  
  
  Deploy and configure tools for access governance, identity lifecycle, and privileged access management in alignment with defence‑grade standards





• Security Assurance & Compliance
  
  
  Ensure commission controls comply with MOD policies (e.g. JSP 440/JSP 604) and security frameworks such as NIST, ISO 27005, STIGs, and UK Functional Standard 007





• Vulnerability Assessment & Access Review
  
  
  Support regular access reviews, entitlement audits, and role certification; identify and remediate potential vulnerabilities in provisioning and access enforcement.





• Incident Management & Response
  
  
  Participate in access-related incident response, including unauthorized access investigations, root‑cause analysis, and mitigation measures.





• Client Engagement & Training
  
  
  Collaborate with stakeholders to understand access requirements, deliver training on commission controls, and promote best practices for secure identity governance.





• Continuous Improvement
  
  
  Contribute to improving internal delivery processes, capability frameworks, and team com