UK-based organisations. Advise on compliance with UK regulations (e.g. GDPR, NCSC Cloud Security Principles, ISO 27001). Develop and enforce cloud security policies, procedures, and governance models. Lead threatmodelling, risk assessments, and vulnerability management initiatives. Configure and manage security tools such as Google SecOps tooling, Security Command Center, Cloud Armour, and VPC Service Controls. Collaborate with More ❯
Swindon, Wiltshire, South West, United Kingdom Hybrid / WFH Options
Stott & May Professional Search Limited
projects that protect sensitive data and digital assets. Key Responsibilities Develop and maintain security architecture for service mesh and containerised environments. Conduct risk assessments and implement mitigation strategies. Create threat models aligned with MITRE ATTACK & STRIDE frameworks. Recommend controls and enforce best practices for APIs, microservices, and data flows. Design and review secure API gateways using IBM DataPower. Implement … large, complex organisations, ideally in financial services (PCI compliance). Hands-on experience with IBM DataPower, OAuth 2.0, JWT, TLS, WS-Security, and encryption standards. Previous experience developing bespoke threat models using MITRE ATTACK & STRIDE. Ability to design secure architectures for hybrid/multi-cloud environments. Knowledge of zero-trust security models and microservices security. Ability to assess security More ❯
