10 of 10 Threat Modelling Jobs in East London

expertise and excellence, working collaboratively across government to deliver holistic, customer centric cyber security services. This includes consultancy support that continually evolves to emerging technologies and the ever-changing threat and risk landscape. It is an exciting time to be part of our active and encouraging Cybersecurity and Architecture communities, working within HMRC and across HMG. As an Enterprise … TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design Patterns: Establish baselines for current security technologies and develop design patterns to support solution architects in implementing effective … DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations More ❯

pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications such as CISSP, OSCP, GWAPT, CEH or CSSLP More ❯

adjacent fields (e.g. Data, DevOps, Cloud) on the fundamentals and best practices of cyber security. Be part of updating training content to reflect current cyber industry trends, tools and threat landscapes. Work closely with the curriculum team to improve and tailor course content and delivery methods. Some weeks will require travel into the London HQ for in-person sessions … security engineering, consulting, or operations Ability to teach and explain key cyber domains, and at least one of the below: Network and infrastructure security Security operations and incident response Threat intelligence and threat modelling Governance, risk & compliance (GRC) Cloud security Penetration testing and vulnerability management Excellent communication & presentation skills. Desirable: Certifications such as CISSP, CISM, CEH, CPENT More ❯

IR35: Inside Work structure: Remote Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

days per week onsite in their Central London office), offering the chance to work at the forefront of AI innovation while owning key areas of security architecture, detection, and threat response. The Opportunity: This is not your average Cyber Security role. My client operates in a highly complex, high-volume AI environment – think machine learning at scale, proprietary models … role ✔ Strong understanding of securing AI/ML environments – from data pipelines and training environments to model deployment ✔ Experience with cloud security (AWS/GCP preferred), IAM , SIEM , and threat modelling ✔ Knowledge of secure coding practices , container security (Docker/Kubernetes), and infrastructure as code ✔ Ability to collaborate cross-functionally with software engineers, ML researchers, and product teams More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities Design, develop … and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and More ❯

Event Hub Practical experience with Infrastructure as Code tools like Terraform and Bicep Excellent communication skills and the ability to support and mentor junior colleagues Desirable Skills Experience with threat modelling Background working on globally distributed systems Exposure to financial services or highly regulated environments Who Should Apply: This role is suited to individuals seeking a challenging, high More ❯

infrastructure. Reporting directly to the CTO, this is not a purely strategic or oversight role. You’ll be owning the security vision, building the roadmap, writing code, reviewing architecture, threat modelling, and automating at scale, while building a high-performance team around you. This is what you will own: Security Engineering Strategy Define and execute the security vision … Technical Execution Design and implement secure-by-default patterns in AWS, Kubernetes, CI/CD pipelines, and crypto-native systems. Own IaC scanning, secrets detection, and automated control implementation. Threat Modelling & Incident Readiness Lead technical reviews of high-value trading and custody systems. Translate threat intel into proactive engineering solutions. Cross-Functional Collaboration Work closely with Engineering More ❯

global customers. Managing and securing containerized applications using Kubernetes, EKS, and ECS in production environments. Building and maintaining Infrastructure as Code using Terraform while embedding security best practices. Conducting threat modelling exercises to proactively identify and mitigate security risks across the platform. Collaborating with development teams to integrate security seamlessly into CI/CD pipelines and deployment processes. … S3, serverless technologies, and cloud-native security implementations. Proficiency with container orchestration platforms including Kubernetes, EKS, and ECS. Advanced Terraform skills for secure infrastructure provisioning and management. Experience with threat modelling methodologies and security risk assessment. Strong understanding of DevOps practices with security integration experience. This is a fantastic opportunity to shape security strategy within an innovative e More ❯

in securing complex, cloud-first environments within a data-rich, high-scale business — helping protect critical infrastructure and client data across global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility … through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and services Performing proactive threat hunts and maturing detection logic over time Key skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center … Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or reach out to learn more. More ❯