Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Hargreaves Lansdown Asset Management Limited
all product teams, dealing with complex projects daily and serving as the escalation point for the Product Security Specialist (PSS). You will lead threatmodelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists … a team of Product Security Specialist (PSS). Providing leadership, technical guidance, and support to the Product Security Specialists. You will lead/facilitate threatmodelling workshops with SMEs. Engaging with key stakeholders to identify threats and recommend countermeasures. Collaborating with strategy, transformation, and digital engineering parts of … such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threatmodelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a more »
Wigan, Greater Manchester, North West, United Kingdom Hybrid / WFH Options
Police Digital Services
Join Police Digital Service in a NMC Cyber Threat Intelligence (CTI) role (Hybrid/Lancashire) Police Digital Service are looking to hire CTI roles at the following levels: Cyber Threat Intelligence Specialist - Mid-Tier Threat Intelligence Role; Recommended for those with experience in cyber threat intelligence … or associated fields. Veterans with an intelligence background and an interest in cyber are encouraged to apply Senior Cyber Threat Intelligence Specialist - Senior Threat Intelligence Role; Recommended for those with significant cyber threat intelligence experience As a member of the Threat Intelligence team, you'll be … involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threatmodelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - ThreatModelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threatmodelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - ThreatModelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threatmodelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - ThreatModelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
respond promptly to mitigate security threats. Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. Participate in threatmodelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. Stay up-to-date with the latest security trends … controls and NIST Guidelines. Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. Experience with security incident response and handling, including log analysis and forensics. Strong communication … Workflow Within 3 months: Security Incident Handling and Remediation Security Automation and Tooling Security Compliance and Auditing Collaboration with Development Teams Within 6 months: ThreatModelling and Risk Assessment Continuous Improvement Initiatives Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »
Develop and implement security design standards and frameworks Collaborate with engineering and product teams to incorporate security considerations into product design and development Conduct threatmodelling, vulnerability assessments, and security code reviews to identify potential security issues Develop and maintain a secure software development lifecycle (SDLC) to ensure … security is integrated at every stage Educate and train engineering and product teams on security awareness and best practices Experience with threatmodelling, risk assessment, and the development of mitigation strategies The Senior Product Security Engineer is a high-profile role with significant business and technology engagement. This more »
Skelmersdale, Lancashire, North West, United Kingdom Hybrid / WFH Options
Police Digital Services
Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As … a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the … impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable more »
the Governance, Risk, and Compliance (GRC) team to inform on risk, compliance, and assurance matters related to the portfolio of change initiatives. Ensure that Threat Modeling is implemented for identified programs, projects, and engineering initiatives within the portfolio. Work closely with the Security Culture team to ensure alignment and more »
level executives. Complementary Technical Skills: Hands-on experience with programming languages, databases, and IoT. Knowledge of containerisation technologies such as Docker. Experience with Attack & Threat Modelling. Familiarity with Red Team testing and social engineering attack methodologies. Working knowledge of CobaltStrike. Experience with bug bounty programs and vulnerability disclosure policies. more »
Greater London, Grange, United Kingdom Hybrid / WFH Options
Remarkable Jobs
Consultant (Pen Tester) Complementary Technical Skills: Hands-on experience with programming languages, databases, and IoT Knowledge of containerization technologies (e.g., Docker) Experience with Attack & Threat Modeling Red Team testing and social engineering methodologies Working knowledge of CobaltStrike Experience with bug bounty programs and vulnerability disclosure policies Security Testing Consultant more »
Reading, England, United Kingdom Hybrid / WFH Options
Oracle
/exploit them, real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE) Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited What We’ll Give You A team of more »
Luton, England, United Kingdom Hybrid / WFH Options
Hays
the companies’ clients, who are mainly in the defence sector, but can include government and non-defence clients. Conducting cyber risk assessment activities including threatmodelling, vulnerability analysis and analysis of mitigation solutions. Coordinating with other product engineers, system architects, and developers to provide oversight in the development more »
You will have the opportunity to foster the growth and advancement of team members within the Application Security domain. You will also lead on threat modeling and conducting comprehensive security reviews of system designs. Skills Previously worked as an Application Security Engineer or similar position. Experience in either C# … and standards, e.g. OWASP, PCI-DSS, ISO 27001, GDPR. Strong knowledge of GitLab pipelines and Akamai security software is a major advantage. Experience in threatmodelling and automated security testing. Senior Application Security Engineer - Hybrid - £500 Outside IR35 more »
Ideally this person would have Vulnerability management experience. System Admin background desired but not essential, this includes experience across Unix, Windows, Cisco, Networking, etc. ThreatModelling exposure flexible This is a permanent position that operates on a hybrid work setup of 2 days in the office, 3 days more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Erin Associates
processes. Core skills & experience for this Security Analyst role: Security review methodologies: SAST, DAST, SBOM, SCA Implementing security tooling in CI/CD pipelines Threat modeling Code review (Java or C#) Familiarity with security frameworks like PCI, ISO 27001, Cyber Essentials This company offers structured training, career development opportunities … details, call 0161 438 1177 or follow us on Twitter @erinassociates for similar roles. Key words: Security Reviews, ISO Standards, SBOM, SCA, SAST, DAST, ThreatModelling, Security Tooling, Code Review, Manchester, North West, Java C#, Infosec, IT Security analyst Please get in touch on 0161 438 1177 if more »
Greater London, England, United Kingdom Hybrid / WFH Options
Oliver Bernard
strategies. Master the art of penetration testing with tools like Burp Suite, OWASP ZAP, and/or Kali Linux. Experience with secure coding practices, threat modeling, and API security is highly desirable. Are a skilled communicator and collaborator, able to bridge the gap between technical and non-technical audiences. more »
Exeter, Devon, South West, United Kingdom Hybrid / WFH Options
Met Office
activities for projects, services, and third party suppliers. Leading the evaluation of business-supporting cyber security needs, undertake cyber security related risk assessments, conduct threatmodelling, and ensure activities are consistent with applicable regulations and legislation. Providing advice to a range of stakeholders on how to remedy identified more »
Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Hargreaves Lansdown Asset Management Limited
for each assigned product team/squad, and will support the implementation of secure solutions throughout the development life-cycle. You will also facilitate threat modeling workshops assisting product teams in identifying and mitigating threats. What you will be doing Oversee security related issues across multiple product teams/… Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modeling workshops with SMEs Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security … such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modeling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a task. more »
ll do Provide security guidance to engineering teams on new products and technologies Taking ownership and driving the application security and privacy initiatives Perform threat modeling and architecture review on upcoming features and products Perform regular security assessments through penetration testing and code reviews of products Encourage and train … C#, Go) i.e you can code and perform security code reviews You’re experienced in working with highly technical engineering teams You have performed threat modeling and architectural review for years You like bug hunting and penetration testing (bonus points if you share your Bugcrowd/HackerOne profiles) Experience more »
Reading, England, United Kingdom Hybrid / WFH Options
Oracle
of new TTPs (Tactics, Techniques & Procedures) of the attackers, mimic them in your technical security risk assessments and/or quickly react to new threat scenarios to provide continuous security assurance Collaborate with engineering teams to help them triage and fix security issues Mentor members of the team in …/exploit them, Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE) Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited What We’ll Give You A team of more »