Jira has a permissive approach to default permissions, and you will sort of need to undo that.
Have a look at the permission schemes - each one of these has a line in it telling Jira who can see the project. This, by default, will be "any logged in user". You will probably want to remove that and replace it with another rule that lets in only the users you want. "Role: developer" for example.
Once you've done, that, your users will only be able to see projects you have added them to.
Next, within a project, if you want to hide tasks from people, you will still add them to the project, but define an "issue security scheme". These let you put a "level" on an issue. The "level" is a permission-like rule, it says "only people named in the level can see issues with this level on it".
Your case is very simple - you only need one level, and you can put rules into that level starting with "Project administrators" and "Assignee". Any issue with that level set on it will now only be visible to the assignee and the project admins.
Note - this only applies to company-managed projects. You can't do this in team-managed projects.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.