Welcome to EHJ & SJ Consultancy

Providers in bespoke
security services
to both IT and Critical

Hello There

We Are EHJ & SJ Consultancy

We provide a range of digital security services supporting: IT migration programmes, new or existing Infrastructure security reviews, cloud based risk assessments and perform or coordinate security testing. We can also provide services to implement and undertake security DevOps for all organisations.

Clients we've worked with
Cups of Coffee/year
Vulnerabilities discovered
Happy Clients

What We Do

We’ve got everything you need to secure your business or organisation

Security Architecture

We offer a complete security architecture as a service to all Clients wishing to know whether a current design has implemented procedures in-line with best security practices, or to ascertain whether your current Infrastructure requires further assessment from a security domain specialist from EHJ & SJ Consultancy.

Digital Technology Solutions

Working with leading Cloud providers, we can develop and provide secure IT solutions to meet your Infrastructure needs, which have a high availability and redundancy built into the design. We also provide and implement custom tooling used by many within the security domain to actively monitor and protect your environment to ensure the threat surface of an attack is reduced whilst utilising security features within our provided Cloud environment to ensure our solutions are protected.

Vulnerability Discovery

Understanding or complying with PCI-DSS and industry best practices often requires a network/web security assessment. At EHJ & SJ Consultancy, we can offer these services for both Network and Web Based Infrastructure and provide comprehensive solutions to mitigate vulnerabilities. We also offer a Vulnerability Management process, which can be adopted by any organisation.

Audit, Risk & Compliance

Pertaining an inventory or understanding what Assets an organisation possesses is often difficult, complex and hard to manage as part of a standard BAU lifecycle. EHJ & SJ Consultancy are an experienced consultancy that has worked with multiple organisations to determine the best way to assess and audit organisations to ISO 27001, Cyber Essentials, ISA 62443 and PCI-DSS. We also can perform gap analysis reviews on both Data Centre, Cloud and Critical Infrastructure if required.

Application Security & SecDevOps

Building security into the Software Development Lifecycle (SDL) is pivotal to ensuring vulnerabilities are mitigated from day 0 and that an application conforms to best security practices. We offer services to any business wishing for us to consult on how best to design your applications whether this be mobile or web based. We also offer a practical implementation on performing SecDevOps using our preferred approach to implementing security during continuous CI/CD pipeline deployments.

Systems Engineering

We offer a Systems architecture services for anyone wishing to align multiple disciplines within our service which we offer. Here at EHJ & SJ Consultancy we can manage and assess the risks involved in working on projects dealing with multiple domains.

Recent Works

We love what we do, check out some of our latest works

Travelex Cloud Migration Programme

Cloud Security & Auditing

Working with Travelex Digital Transformation programme, EHJ & SJ Consultancy have been working with the Travelex teams to assess the current security posture of their cloud deployment, ensuring best practices are being adhered to based on a security risk assessing configurations and providing recommendations in the form of providing architecture solutions to ensure compliance with Financial regulations.

Santander PSD2: Open Banking

Application Security and SecDevOps

As part of Santanders Digital transformation to comply with the EU PSD2 programme, EHJ & SJ Consultancy were brought in to address security of the development lifecycle by adopting SAST/DAST principles into Santanders pipeline delivery methods. In addition to this, EHJ & SJ Consultancy provide solutions to the management and operation of the banks cryptography ensuring FCA compliance.

Tesco Banking

Web Security

As part of on-going Security process for Tesco Banking, EHJ & SJ Consultancy were drafted in to undertake a threat model exercise to determine the security posture for Tesco Banks legacy Infrastructure. This resulted in providing an End-to-End security risk assessment to allow Tesco Bank to focus on potential areas prone to cyber security attacks.

Network Rail: TMS Project

Infrastructure Security Auditing

As part of the National Railway Infrastructure upgrade programme, Control centres required to be modernised with the latest technology to ensure efficient running of the Railway are highly targeted by Hackers. Here at EHJ & SJ Consultancy, we were brought in to perform an audit to Network Rails Security Assurance Framework to determine whether the suppliers were providing systems which non-complaint to ISA 62443 and ISO 27002 standards. Performing this assessment against multiple suppliers ensured a complete supply risk assessment of the integrated design was undertaken in a timely manner.

Southern TMS ITT Bid

Security Architecture Services

Working with Stanway Consulting, EHJ & SJ Consultancy were invited to support Southern in their ITT Bid for a new Traffic Management System control centre. EHJ & SJ Consultancy were required to setout non-functional requirements for the invited suppliers of the bid, which involved drafting a Cyber Security strategy.

LUL Railway Control Systems

Security Architecture

Our previous involvement with London Underground Ltd was to create and implement a secure PLC system with system monitoring that was secure as part of the Train Describer upgrade programme on the SSL lines. We achieved this providing a fully fledged TD system with real time monitoring utilising some best practices taken from ISA 62443 to ensure overall compliance with LUL Security standards.

Our Clients

EHJ & SJ Consultancy has been honoured to work with these clients

Delivering quality whilst under time constraints is always a pressure, but EHJ & SJ Consultancy managed to do this whilst proactively promoting security as an organisational wide responsibility. Happy with the relationship we have with EHJ & SJ Consultancy and would recommend them on their ability to apply Application Security and Security Architecture services.

Author image
Eduardo Martinez Barrios Santander Payments & Industry Oversight - Open Banking

Ensuring security was taken seriously and implemented on a project that had no regard for cyber security was attributed to EHJ & SJ Consultancy's input on the TMS programme. We successfully managed to undertake a full security audit of our suppliers design and have the ability to assess the risks to the overall safety profile.

Author image
Network Rail TMS Programme Network Rail

EHJ & SJ Consultancy provided us with excellent input on how security can be built into a contract and what a security lifecycle looks like, something that has been missing for many years working on these types of Infrastructure projects.

Author image
Network Rail: Southern ITT Bid Stanway Consulting

Contact Us

Reach out for a new project or just say hello

Send Us A Message

Something went wrong. Please try again.
Your message was sent, thank you!

Contact Info

Where to Find Us

EHJ & SJ Consultancy, 2nd Floor Market Square, Aylesbury, HP20 1TN

Email Us At