1 to 25 of 32 Threat Modelling Jobs in Berkshire

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

Conduct authorized assessment of infrastructure and applications to proactively identify security weaknesses. Verify weaknesses by leveraging attacker techniques to evaluate the difficulty and effectiveness of potential attack from various threat actors. Provide comprehensive and actionable recommendations to counter the threat posed by identified security weaknesses, given the applicable threat landscape. Bring an offensive mindset to the design … and to business management and leadership, indicating the impact to the business of verified weaknesses found. Research and develop testing tools, techniques and processes. Assist incident response and security threat surveillance functions to advise on current attacker tools, techniques and procedures. Contribute to the continuous improvement of security processes, tools and techniques to counter threats faced by SITA and … our customers. Contribute to the automation of security activities as part of the DevOps lifecycle. Provide guidance on secure product design: Threat Modelling, architecture reviews. Qualifications EXPERIENCE 5-7 years' experience in at least three of the following fields: Network penetration testing Web and mobile application assessments Cloud penetration testing (Azure, AWS,...) Mastery of Unix/Linux More ❯

data pipelines. Participate in enterprise-wide architecture initiatives for AI/ML. Understand the workflow and pipeline architectures of ML and deep learning workloads. Conduct security risk assessments and threat modelling for AI/ML and other business projects performed thorough design reviews and security assessments of architectures and designs, identifying vulnerabilities, threats, and risks, and providing recommendations … common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework. Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses. Familiarity with current and emerging regulations and standards, such as the EU AI More ❯

data pipelines. * Participate in enterprise-wide architecture initiatives for AI/ML. Understand the workflow and pipeline architectures of ML and deep learning workloads. * Conduct security risk assessments and threat modelling for AI/ML and other business projects performed thorough design reviews and security assessments of architectures and designs, identifying vulnerabilities, threats, and risks, and providing recommendations … common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework. * Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses. * Familiarity with current and emerging regulations and standards, such as the EU AI More ❯

data pipelines. * Participate in enterprise-wide architecture initiatives for AI/ML. Understand the workflow and pipeline architectures of ML and deep learning workloads. * Conduct security risk assessments and threat modelling for AI/ML and other business projects performed thorough design reviews and security assessments of architectures and designs, identifying vulnerabilities, threats, and risks, and providing recommendations … common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework. * Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses. * Familiarity with current and emerging regulations and standards, such as the EU AI More ❯

is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and delivery tools (e.g. … Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants whose More ❯

have: Experience creating application security strategies, standards, and best practices. Experience working with security issues in software architecture, development, including static/dynamic analysis, dependency checks, OWASP Top10, and threat modeling. Experience in an Agile environment with modern CI/CD tools like GitHub, Jenkins, Bamboo. Ability to translate security policies into effective security controls. Knowledge of security standards More ❯

data pipelines to model deployment. Key Responsibilities Architect and implement security controls for AI/ML systems, data pipelines, and CI/CD processes. Conduct security risk assessments and threat modelling on AI/ML workflows. Drive secure coding practices and integrate security into MLOps/DevOps pipelines. Address challenges such as adversarial attacks, data poisoning, and prompt … Essential Experience & Skills Proven experience as a Security Architect with direct focus on AI/ML security. Strong knowledge of AI/ML technologies, frameworks (e.g. TensorFlow, PyTorch), and threat landscapes. Background in development or data science is highly advantageous. Expertise in secure development practices and cloud-native architectures. Hands-on experience with threat modelling, adversarial testing … . Excellent stakeholder communication and collaboration skills. Desirable Experience working on large-scale data or AI projects in regulated sectors. Exposure to the MITRE ATLAS framework or similar AI threat knowledge bases. Esther Urtecho Senior Delivery Consultant London | Bristol | Amsterdam More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

security cases ️ Leading risk assessments, managing mitigation controls, and contributing to DPIAs ? Supporting HMG Secure-by-Design assurance across the entire delivery lifecycle ?️ Feeding into control design activities—DevSecOps, threat modelling, workshops, and design reviews ? Managing and coordinating penetration testing and remediation efforts ? Leading security incident response for the programme, from detection to resolution ? Running tailored security awareness More ❯

a fast-growing FinTech that is reshaping the payments landscape. You will collaborate with engineering teams to build security into products from day one, focusing on secure cloud architecture, threat modelling, and risk management. This is not a hands-off role. You will be the go-to advisor for product teams, helping them understand risk, make informed security … assessments and drive a secure-by-design culture Collaborate with engineering teams on cloud-native architecture (GCP, AWS, Azure) Analyse vulnerabilities, prioritise risks, and manage remediation through Jira Lead threat modelling and architecture reviews Shape security tooling and process improvements What you will bring 3 to 5 years in Cyber Security, Product Security, or Secure Software Development Strong … knowledge of GCP (primary), AWS, Azure Experience with threat modelling, AppSec, and security in CI/CD pipelines Ability to communicate security concepts clearly and balance risk with business priorities A collaborative, pragmatic approach Shape security at scale in a high-growth FinTech Work in a fast-paced, collaborative environment Salary £80,000 to £90,000 + benefits More ❯

Job Description: We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities … and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and More ❯

Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design from a More ❯

Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design from a More ❯

and mentoring junior team members, will play a key role in fostering a proactive security culture. Preferred Skills, Qualifications and Experience Demonstrated mastery in securing Android platforms, including advanced threat modelling and the design of sophisticated anti-cheat mechanisms. Excellent command of low-level systems programming and operating system internals. Extensive experience in reverse engineering, ARM assembly knowledge … work efficiently with development, infrastructure, and information security teams, ensuring seamless integration of security features. Creative approach to security challenges with a relentless drive to stay ahead of emerging threat landscapes. Main Responsibilities Leading initiatives to identify, analyse, and reverse engineer sophisticated exploits, vulnerabilities, and cheat mechanisms, formulating and executing robust countermeasures. Defining, designing and implementing advanced, scalable anti … robust security features, setting strategic direction on secure development practices. Providing technical leadership and mentorship to junior developers and security engineers, fostering a culture of continuous learning and proactive threat mitigation. Assessing emerging threat vectors and hacker tactics, then updating and refining security strategies and policies to maintain the Company’s competitive edge. Guiding the creation and maintenance More ❯

and mentoring junior team members, will play a key role in fostering a proactive security culture. Preferred Skills, Qualifications and Experience Demonstrated mastery in securing Android platforms, including advanced threat modelling and the design of sophisticated anti-cheat mechanisms. Excellent command of low-level systems programming and operating system internals. Extensive experience in reverse engineering, ARM assembly knowledge … work efficiently with development, infrastructure, and information security teams, ensuring seamless integration of security features. Creative approach to security challenges with a relentless drive to stay ahead of emerging threat landscapes. Main Responsibilities Leading initiatives to identify, analyse, and reverse engineer sophisticated exploits, vulnerabilities, and cheat mechanisms, formulating and executing robust countermeasures. Defining, designing and implementing advanced, scalable anti … robust security features, setting strategic direction on secure development practices. Providing technical leadership and mentorship to junior developers and security engineers, fostering a culture of continuous learning and proactive threat mitigation. Assessing emerging threat vectors and hacker tactics, then updating and refining security strategies and policies to maintain the Company’s competitive edge. Guiding the creation and maintenance More ❯

how technology choices impact Cyber Security. Ability to scope penetration tests and guide projects on the remediation of identified vulnerabilities. Knowledge of current vulnerabilities and trends in vulnerabilities/threat landscapes. Good interpersonal and communication and self-organisation skills. Strong technical skills, with the ability to adapt in unfamiliar environments. Ability to quickly assimilate knowledge from outside own area … and layer 3 security) and network protocols (e.g., TCP/IP, TLS, SSH, DNS). Converged Business services (e.g. VoIP services), SDWAN, SDN Experience of risk management frameworks, threat modelling, and security awareness initiatives. Understanding of security standards such as NIST. Join us to be part of a team that values innovation, collaboration, and continuous learning! How to More ❯

with ForgeRock IAM stack : PingGateway, PingAM, PingIDM, PingDS Advanced cloud security knowledge (AWS CLI, security controls, policies) Strong experience with PKI, HSMs, certificate lifecycle management Proficiency in penetration testing , threat modeling, and vulnerability management Automating security with GitLab CI/CD, Chef, AWS CLI Collaborating with CISO, engineering, and product teams on secure architecture Completion of ForgeRock 4xx-level More ❯

elite team protecting next-generation trading and crypto custody infrastructure. Reporting directly to the CTO, this role involves owning the security vision, building the roadmap, writing code, reviewing architecture, threat modelling, and automating at scale, while building a high-performance team. This is what you will own: Security Engineering Strategy Define and execute the security vision across cloud … Kubernetes, CI/CD pipelines, and crypto-native systems. Own IaC scanning, secrets detection, and automated control implementation. Lead technical reviews of high-value trading and custody systems. Translate threat intel into proactive engineering solutions. Cross-Functional Collaboration Work closely with Engineering, DevOps, and Product teams to embed security from day one, not as a blocker, but as an More ❯

As a Senior Security Penetration Tester , you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate. This role requires an understanding of TVM concepts, technologies, and … cybersecurity vulnerabilities and provide appropriate mitigation actions. Liaise and coordinate with technology and business stakeholders in relation to cybersecurity patching and vulnerability management issues/actions. Maintain a cyber threat assessment methodology, align with evolving industry standards and integrate into BAU and project-based business processes. Support with proactive threat hunting for new and emerging cyber threats. Develop … and maintain dashboards with cybersecurity threat and vulnerability metrics. Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001. Base location – Hybrid – Clearwater Court, Reading. Working pattern – 36 hours, Monday to Friday. What you should bring to the role Strong knowledge of manual penetration testing techniques and confident with operating systems and More ❯

and implement solutions for next-generation secure networks. Apply innovative security primitives to enable next generation secure platforms. Collaborate across external and internal hardware and software research teams. Architectural modelling, validation, microarchitectural definition, following standards bodies, and developing proof-of-concepts secure platforms. Extending networking protocol to support next generation secure networking platforms integrity and at-testability What we … ability in conducting research on networking protocols or security of networking protocols MSc or PhD in Electrical Engineering, Computer Science or Computer Engineering or equivalent experience Computing platform security, threat models and mitigation techniques Strong background in network security and attestation protocols. Performance evaluation of secure systems Programming and debugging fundamentals across languages such as: Python, C/C++. More ❯

in securing complex, cloud-first environments within a data-rich, high-scale business — helping protect critical infrastructure and client data across global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility … through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and services Performing proactive threat hunts and maturing detection logic over time Key skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center … Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or reach out to learn more. #J-18808-Ljbffr More ❯

mentoring junior team members will play a key role in fostering a proactive security culture. Preferred Skills, Qualifications and Experience Demonstrated mastery in securing web client platforms, including advanced threat modelling and the design of sophisticated anti-cheat mechanisms. Excellent command in low-level systems programming, with extensive understanding of virtualisation and bytecode interpreter. Proven experience in architecting … and secure key management practices. Passionate for uncovering vulnerabilities and staying ahead of potential attackers. Creative approach to security challenges, with a relentless drive to stay ahead of emerging threat landscapes. Demonstrable ability to lead, coach, and inspire security engineering teams, driving best practices and ensuring continuous knowledge sharing. Main Responsibilities Leading initiatives to identify, analyse and reverse engineer … threats and hacker behaviour to refine and adapt security strategies. Providing technical leadership and mentorship to junior developers and security engineers, fostering a culture of continuous learning and proactive threat mitigation. Assessing emerging threat vectors and hacker tactics, then update and refine security strategies and policies to maintain the Company’s competitive edge. Guiding the creation and maintenance More ❯