13 of 13 Threat Modelling Jobs in Bristol

engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance … objectives. Strong communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Collaborative and detail-oriented, able to work across international teams and regulatory boundaries. Desired skills Experience supporting cybersecurity assurance within other EASA/… responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer More ❯

engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance … objectives. Strong communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer More ❯

engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance … objectives. Strong communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer More ❯

engineering principles in the context of safety-critical systems and regulated environments. Demonstrated experience leading the development of cybersecurity assurance artefacts for certification programmes. Practical understanding of airworthiness risk modelling, threat identification, attack surface reduction, and aircraft-level threat scenarios. Ability to produce certification-ready documentation aligned to EASA/UK CAA guidance, including traceability to compliance … objectives. Strong communication and interpersonal skills, with the ability to translate complex cybersecurity concepts for engineering, safety, and programme stakeholders. Knowledge of aerospace cybersecurity policy, risk management, and threat intelligence as applied to aircraft development environments. Experience Experience in cybersecurity, with at least 5 years focused on aerospace, defence, or regulated engineering environments. Proven track record of delivering security … responding to regulatory audits, design reviews, and certification authority engagements. Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer More ❯

scanning (e.g. Qualys, Sonar Cloud, Tenable or Azure-native scanners) into CI/CD pipelines. Security Analysis & Incident Response Perform root-cause analysis of security incidents and vulnerabilities. Conduct threat modelling, code and infrastructure reviews. Develop and execute incident response procedures, leveraging Sentinel playbooks and Logic Apps when required. CI/CD & Automation Integrate automated security testing (SAST More ❯

succeed in this role Deep experience in Azure infrastructure (with IaC using Bicep, ARM, or Terraform) Hands-on knowledge of DevSecOps tooling and techniques (CI/CD, secrets management, threat modelling) Experience implementing security standards across cloud and hybrid environments Familiarity with container security ( e.g. Docker, Kubernetes) A strong understanding of compliance frameworks such as ISO 27001 and More ❯

requirements and ensure the integration of security controls during the product development lifecycle Some of what you will be involved in: Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

requirements and ensure the integration of security controls during the product development lifecycle Some of what you will be involved in: Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

requirements and architecture across a large, complex naval programme, managing the complexity inherent in programmes. - Developing training and development packages for the NHS around applied systems thinking. - Providing cybersecurity threat modelling and secure-by-design expertise to a large cancer care AI startup. Day to day tasking can include: - Support and work on a number of our projects More ❯

requirements and architecture across a large, complex naval programme, managing the complexity inherent in programmes. - Developing training and development packages for the NHS around applied systems thinking. - Providing cybersecurity threat modelling and secure-by-design expertise to a large cancer care AI startup. Day to day tasking can include: - Support and work on a number of our projects More ❯

requirements and architecture across a large, complex naval programme, managing the complexity inherent in programmes. - Developing training and development packages for the NHS around applied systems thinking. - Providing cybersecurity threat modelling and secure-by-design expertise to a large cancer care AI startup. Day to day tasking can include: - Support and work on a number of our projects More ❯

risks Embed yourself within multidisciplinary delivery teams to support secure-by-design practices from the earliest stages of project initiation through to deployment and operation. Conduct detailed risk assessments, threat modelling, and architecture reviews to help teams understand and mitigate potential vulnerabilities before they impact live environments. Collaborate closely with the Strategic Security Architect and technical stakeholders Act More ❯

also contribute to security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and …/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident More ❯