Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Hargreaves Lansdown Asset Management Limited
for each assigned product team/squad, and will support the implementation of secure solutions throughout the development life-cycle. You will also facilitate threat modeling workshops assisting product teams in identifying and mitigating threats. What you will be doing Oversee security related issues across multiple product teams/… Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modeling workshops with SMEs Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security … such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modeling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a task. more »
inherently secure. - Ideally you will have worked across the system lifecycle, undertaking the security risk management activities required to support each phase, from initial threat and risks assessments and specification of security requirements, through to overseeing implementation and testing of socio-technical security architectures. You will also have experience … assurance workstreams for projects delivering secure systems and services within a government context. Undertaking and producing socio-technical security risk assessments, ideally including technical threatmodelling (e.g. using STRIDE). Development and implementation of risk management strategies and plans. Specification, development and technical assurance of security policies and … Knowledge and understanding of core cyber security risk management areas, including but not limited to: Security governance and risk management approaches, tools, and techniques. Threatmodelling (e.g. STRIDE) and socio-technical risk assessment (e.g. NIST 800-30) methodologies. Attack classification and characterisation frameworks (e.g. MITRE ATT&CK) Computer more »
Develop and implement security design standards and frameworks Collaborate with engineering and product teams to incorporate security considerations into product design and development Conduct threatmodelling, vulnerability assessments, and security code reviews to identify potential security issues Develop and maintain a secure software development lifecycle (SDLC) to ensure … security is integrated at every stage Educate and train engineering and product teams on security awareness and best practices Experience with threatmodelling, risk assessment, and the development of mitigation strategies The Senior Product Security Engineer is a high-profile role with significant business and technology engagement. This more »
collaboration with the wider information security community within the ICO and across strategic partners, such as NCSC, NCA, CPNI, you will ensure that the threat landscape across the regulatory sector and at national levels are understood; that priorities and direction reflect the changing credible threats to the ICO and … that our key systems and assets are appropriately secured, assessed, monitored. As Digital Security Consultant your main responsibilities will be: Vulnerability and remediation management Threatmodelling and Threat intelligence Project and Change engagement Creation and updating of threat models for the core ICO services. Aligning these … threat models and delivering appropriate workstreams to ensure clear oversight of the controls in place for each service. Co-ordinating with relevant ICO departments to provide input and direction into areas such as physical and personnel security, and the ongoing review of credible threats to both staff and the more »
security procedures and standards to be reviewed and approved by executive management and/or formally authorised by the chief information security officer (CISO) Threatmodelling of services and applications that tie to the risk and data associated with the service or application Key Qualifications: Vast experience in … leading/mentoring teams in “secure by design” including a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services, identity management, as well as securing CI/CD pipelines. Direct, hands-on experience or a solid working knowledge of relevant security patterns more »
required projects Manage security risk for the whole project life cycle Perform security activities, including but not limited to, security design reviews, risk assessments, threatmodelling, and vulnerability management and risk mitigation on internally & externally developed software Embedding security within DevOps (eg CI/CD pipelines), developing security more »
with Windows as well as Red Hat Linux Operating System analytical, troubleshooting, and problem-solving skills basic understanding of cloud security best practices, Forensics, threatmodelling, and offensive techniques. with Scrum/Agile development. understanding of and experience with CI/CD pipelines. are a plus but not more »
Ipswich, England, United Kingdom Hybrid / WFH Options
James Adams
Collaborate with development, operations, and product teams to embed security into agile development cycles. Provide expert guidance on security best practices, including secure coding, threatmodelling, vulnerability management, and incident response. Develop and implement security policies, standards, and procedures tailored to agile and DevSecOps environments. Conduct security training more »
You will have the opportunity to foster the growth and advancement of team members within the Application Security domain. You will also lead on threat modeling and conducting comprehensive security reviews of system designs. Skills Previously worked as an Application Security Engineer or similar position. Experience in either C# … and standards, e.g. OWASP, PCI-DSS, ISO 27001, GDPR. Strong knowledge of GitLab pipelines and Akamai security software is a major advantage. Experience in threatmodelling and automated security testing. Senior Application Security Engineer - Hybrid - £500 Outside IR35 more »
/continuous deployment (CI/CD) practices.Security Practices:In-depth understanding of security best practices and standards (e.g., OWASP, NIST).Experience with security assessments, threat modeling, and proactive security mitigation.Problem Solving:Excellent analytical and problem-solving skills, capable of troubleshooting complex security issues.Communication and Collaboration:Strong communication skills to more »
Greater London, England, United Kingdom Hybrid / WFH Options
Oliver Bernard
strategies. Master the art of penetration testing with tools like Burp Suite, OWASP ZAP, and/or Kali Linux. Experience with secure coding practices, threat modeling, and API security is highly desirable. Are a skilled communicator and collaborator, able to bridge the gap between technical and non-technical audiences. more »
engineering and champion security within your current role, you're very likely to be successful.You will be training developers on writing secure code, perform threatmodelling and security testing of applications, run SAST, DAST, SCA and secret scanning tools, manage the bug bounty program and lead incident response more »
Chichester, West Sussex, South East, United Kingdom
Natures Way Foods
IT Security Engineer role. preferably manufacturing but not essential. Key Responsibilities Responsible for educating the workforce on information security through training and building awareness. Threatmodelling, mitigation, validation, including software and hardware penetration testing. Work with all functions of the IT department to design security into the system … and drive security reviews. Develop tools to assist in modelling, analysis, detection, and prevention of security threats. Secure the system while ensuring ease of use for the user and network operations. Stay current on industry developments affecting security and privacy policy. Implement security measures, plans and polices to resolve more »
overseeing application security testing, prioritising the resolution of security vulnerabilities, and increasing automation Show experience identifying potential threats and attacks to applications systems through threatmodelling (PASTA and STRIDE) Demonstrate experience with threatmodelling theories and application architecture reviews Have experience of monitoring security systems for more »
with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incident response and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will advise on … 7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incident response and security monitoring Understanding of threatmodelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM, IAM, DLP, LAN/ more »
ability to design and implement complex security solutions in line with company policies and standards.• Familiarity with various security techniques and methodologies, such as threat modeling and vulnerability management.• Proficiency in automation and scripting using Python, Shell, Ansible, Jenkins, etc.• Industry certifications in information security or information technology preferred more »
deployment (CI/CD) practices. Security Practices: In-depth understanding of security best practices and standards (e.g., OWASP, NIST). Experience with security assessments, threat modeling, and proactive security mitigation. Problem Solving: Excellent analytical and problem-solving skills, capable of troubleshooting complex security issues. Communication and Collaboration: Strong communication more »
and champion security within your current role, you're very likely to be successful. You will be training developers on writing secure code, perform threatmodelling and security testing of applications, run SAST, DAST, SCA and secret scanning tools, manage the bug bounty program and lead incident response more »
cloud platforms and be well-versed in security protocols, including SSH and HTTP. Complementary skills that will enhance your role include programming, containerisation, and threatmodelling, enabling you to provide a holistic approach to cybersecurity challenges. To qualify for this role, it is essential to hold one of more »
development of secure software, focus on embedded systems or complete solutions Have detailed experience in the security concept/design, thread analysis, risk/threatmodelling and mitigation strategies Have professional knowledge of software languages (C, Java, Java Card, Phyton, Ruest) Be familiar with "state of the art more »
ongoing security needs: Continuously assess the organization's security requirements and establish standard operating procedures to respond to inbound security issues. Develop and implement threat models: Stay informed about new threats and attack vectors, and proactively address them. Perform routine security assessments/audits: Evaluate networks, systems, code, controls more »
ongoing security needs: Continuously assess the organization's security requirements and establish standard operating procedures to respond to inbound security issues. Develop and implement threat models: Stay informed about new threats and attack vectors, and proactively address them. Perform routine security assessments/audits: Evaluate networks, systems, code, controls more »
Cyber Security Management - Incident Response, Security Monitoring, ThreatModelling Frameworks, NIST, Kill Chain, Attack Lifecycle, MITRE, Windows, UNIX, Stratus, Networks, SIEM, IAM, DLP I am looking for a Cyber Security professional for my client who is a leading investment bank based in London. You will join the Information … tools for incident analysis. Security Engagement & Best Practice Collaborate with penetration testing programs and other departments to mitigate security risks. Develop Incident Response and Threat-hunting capabilities, including frameworks like Kill Chain and MITRE. Enhance Threat Intelligence integration and implement custom IOCs for monitoring. Other Provide cybersecurity expertise … from 7 am to 7 pm on business days, with potential for ad-hoc coverage outside regular hours. Key Skills: Incident Response & Security Monitoring Threatmodelling frameworks Experience in banking/Investment Banking Managing cyber security incidents NIST, Kill Chain, Attack life cycle, MITRE Cloud Security Assessments Windows more »
compliance in ISO 27001, GDPR, PCI DSS Have a strong understanding of network security principles and practices Be experienced in conducting risk assessments and threatmodelling Be generally proficient in Linux operating systems (e.g., Red Hat, CentOS, Alma, ubuntu) Have familiarity with security technologies, including firewalls, intrusion detection more »
to mitigate risks.Act as a subject matter expert on security-related matters, collaborating with stakeholders to address security concerns and implement effective solutions.Participate in threat hunting and threatmodelling activities. To be considered for this role, you should have: Must have a strong background in a security more »