1 to 25 of 148 Threat Modelling Jobs in England

Senior Threat Modeler 12 months initially Remote (with occasional visits to Preston or Frimley) £41.94 per hour Role Description • Supports the overall delivery of the threat modelling function and wider UK SOC by evaluating the clients estate and its capability. • Proactively protects the client through continual testing of security controls. • Understands Cyber Threat Intelligence and Active … Defence techniques and best practices. • Good knowledge of cyber threat landscape, current affairs and geopolitics, including threat groups and how to apply this knowledge within an operational environment. • Understands the MITRE ATT&CK Framework, Threat Intelligence Platforms and the coordination of Advanced Threat Protection (ATP) and tactics, techniques and procedures (TTPs) to support Cyber Operations. • Knowledge … areas, manage own development including participating in on the job training and attending training programmes as appropriate, and support/provide mentorship to others in the team. • Supports the Threat Modelling Lead when required, particularly on forecasting future team operations. • Is a subject matter expert (SME) on emerging threats and will work on complex issues as a fully More ❯

Senior Threat Modeler - 12 month contract - Preston, Lancashire or Frimley, Surrey (Remote) - £41.94 ph UMB or £31.19 ph PAYE (Inside IR35) Key skills required for this role Important Senior Threat Modeler The Role Supports the overall delivery of the threat modelling function and wider UK SOC by evaluating the BAE Systems' estate and its capability. Proactively … protects BAE Systems through continual testing of security controls. Understands Cyber Threat Intelligence and Active Defence techniques and best practices. Role Responsibilities: Note limited to Building and implementing processes and procedures for continuous and effective threat modelling capability. Maintains an in-depth understanding of the external and internal security environment and how the organisation reacts to security … risk reduction in the long term. Contributes to, plans and delivers activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape. The assessment, validation and reporting of information on current and potential cyber threats to maintain an organisation's situational awareness. The verification that systems and processes meet the More ❯

Overview Senior Threat Modeler - Job Title: Senior Threat Modeler Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role What you'll be doing: Maintains an in-depth understanding of the external and internal security environment and how the organisation reacts to … security threats Contributes to, plans and delivers activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape The assessment, validation and reporting of information on current and potential cyber threats to maintain an organisation's situational awareness Identifying security gaps and building attack simulations to support Purple Team engagements … attack patterns to prioritise future remediation efforts Is a subject matter expert (SME) on emerging threats and will work on complex issues as a fully contributory member of the Threat Modelling Team, with limited guidance from the Line Manager Produces reports detailing key threats and risks to the organisation at a strategic level for business units to digest More ❯

The Role Supports the overall delivery of the threat modelling function and wider UK SOC by evaluating the BAE Systems' estate and its capability. Proactively protects BAE Systems through continual testing of security controls. Understands Cyber Threat Intelligence and Active Defence techniques and best practices. Role Responsibilities: Note limited to Building and implementing processes and procedures for … continuous and effective threat modelling capability. Maintains an in-depth understanding of the external and internal security environment and how the organisation reacts to security threats. Performs continuous evaluation of the organisation's estate, assessing function capability, and suggesting improvements where necessary. Identifying security gaps, and building attack simulations to support Purple Team engagements by illustrating potential attack … risk reduction in the long term. Contributes to, plans and delivers activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape. The assessment, validation and reporting of information on current and potential cyber threats to maintain an organisation's situational awareness. The verification that systems and processes meet the More ❯

Threat Intelligence AnalystFully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity … penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams … to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present More ❯

Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest … cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC … teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans More ❯

risks across our platform and products. Your primary mission is to ensure we build secure systems by providing expert security analysis, architectural guidance, and process leadership. You will lead threat modelling sessions, conduct in-depth security reviews of new features, manage our penetration testing programme, and triage complex findings. This role requires a deep understanding of technology and … and application platforms, against potential threats. What you'll get to do? Conduct comprehensive security architecture and design reviews, ensuring that security is embedded from the start Lead the threat modelling process (e.g., using STRIDE) for new products and features, identifying potential design flaws and defining security requirements Manage the end-to-end penetration testing lifecycle, from scoping … DevSecOps mindset that we have created across our technology teams Requirements What skills are essential: Significant experience in a security-focused role with a strong emphasis on risk analysis, threat detection, and architectural review Proven expertise in conducting threat modelling and security design reviews for complex, cloud-native applications (AWS/GCP, Kubernetes) Deep understanding of common More ❯

strategy across infrastructure, applications, and data. Lead hands-on development of security roadmaps, maturity models, and control frameworks tailored to Fuse's risk profile. Directly contribute to architecture reviews, threat modelling sessions, and key design decisions across product and platform teams. Build and mentor a high-performing security team, including hiring, coaching, and managing performance. Develop KPIs and … data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews of critical systems; design and deliver security awareness training programs for all employees to promote a culture of … proactive risk management. Build threat intelligence capabilities to stay ahead of emerging risks. Balance risk management with product and engineering velocity. Incident Response & Resilience Own response plans for high-severity threats and incidents. Build robust detection, containment, and remediation processes. Drive business continuity and disaster recovery strategy. Technology & Infrastructure Security Partner with engineering to embed security in the SDLC More ❯

and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other … align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and … response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act More ❯

Validate the effectiveness of security controls and recommend improvements. Deliver security architecture for cloud and hybrid environments. Scope and review IT Health Checks (ITHC) and produce remediation plans. Conduct threat modelling, risk assessments, and design proportional controls. Produce security architecture artefacts including standards and blueprints. Travel to client sites (approx. 40-60%) as required for classified system access. … HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain, attack trees), HLD/LLD reviews Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM. Working towards or holding CIISEC Full Membership or UK Cyber More ❯

site travel The Role As SOC Manager, you will: Establish goals and priorities with your team, focusing on: Improving incident response times Reducing false positives and extraneous alerts Enhancing threat detection capabilities Oversee staff activities to ensure focus on the right priorities Review team performance metrics, incident reports, and other key indicators Lead incident response efforts with clear procedures … Operations informed, preparing clear and concise reports Key Responsibilities Manage SOC service and process improvements, auditing incidents, identifying new use cases and automations Act as POC for SOC engineering, threat intelligence, and threat exposure management Provide guidance to Level-2 SOC security analysts during investigations and incident resolution Lead coordination of individual information security incidents Mentor security analysts … on risk management, security controls, incident analysis, SIEM monitoring, and operational tasks Document incidents from detection to resolution Ensure threat management, threat modelling, and identification of threat vectors Develop use cases for security monitoring Create reports, dashboards, and metrics for SOC operations; present to senior management Act as focal point for security investigations, preparing reports and More ❯

software development lifecycle - from designing controls and integrating testing into CI/CD pipelines to supporting vulnerability management and remediation. Acting as the go-to expert for secure design, threat modelling, and compliance, you'll make sure teams have the knowledge, tools, and confidence to build securely from the start. Alongside this, you'll maintain clear documentation and … of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs A collaborative, proactive approach to solving problems More ❯

software development lifecycle - from designing controls and integrating testing into CI/CD pipelines to supporting vulnerability management and remediation. Acting as the go-to expert for secure design, threat modelling, and compliance, you'll make sure teams have the knowledge, tools, and confidence to build securely from the start. Alongside this, you'll maintain clear documentation and … of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs A collaborative, proactive approach to solving problems More ❯

design across technology platforms including cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration … and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application More ❯

a key contributor to the Cyber team by focusing on application security architecture and implementing a robust risk management programme. Collaborating closely with different teams to devise plans, perform threat modelling, adopt architecture best practices, drive secure development lifecycles, and manage risk remediation. Providing expertise in security best practices and compliance while undertaking hands-on security testing. Identifying … review sprints to ensure application security is prioritised before deployment. Partnering with architecture and development teams to review application design and code for security vulnerabilities. Establishing and promoting a threat modelling capability to evangelise secure coding practices in the development lifecycle. Delivering technical advice to ensure security standards are fully understood and complied with across teams. Developing and More ❯

security is embedded into all areas of the business and appropriate technical controls are in place throughout our infrastructure. This company facing role will assist new initiatives such as Threat Modelling and assist projects through the tender process. This is a hybrid working role, with a requirement to be in our Warwick a few times per month. What … mitigation actions and solutions, and assisting ongoing risk treatment activity. Assist the security testing process from scoping, planning and stakeholder management through to remediation requirements lifecycles. Creation of the Threat Modelling process to be used across all services and systems Who you are: You're a security professional who knows how to keep systems and data safe without More ❯

practice across the practice. What you'll be doing: Leading application security architecture for high-profile public sector clients. Advising on and implementing secure development practices aligned with OWASP, threat modelling, and secure SDLC frameworks. Supporting pre-sales, solution design, and client engagements across consulting projects. Mentoring and upskilling client teams and internal consultants on application security. Experience … required: Consulting experience in application security architecture, preferably with exposure to public sector clients. Deep knowledge of OWASP Top 10, secure coding practices, threat modelling, and vulnerability management. Experience influencing design and security strategy across large programmes. Strong communication and client-facing skills; able to present to both technical and executive stakeholders. The package: Up to More ❯

drive awareness of security from the earliest stages of design through to deployment. You'll help integrate automated security tooling and checks into our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and … in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with engineers and promotes secure-by-default practices We might not be right for you if: You More ❯

governance and identity lifecycle processes in a highly View job & apply CTI Analyst Location: London Job type: Permanent Financial Services firm seeks an Operational CTI Analyst to join its Threat Intelligence team. Th View job & apply Senior Manager - BCM Second Line Location: Frankfurt Salary: 125,000 + Benefits Job type: Permanent Sector: Banking We are seeking a Senior Manager … hybrid Job type: Permanent Leading banking group seeks a Cryptography Analyst to join their security team. As an Analyst in We are seeking a highly motivated and skilled Insider Threat Investigations Lead to join a newly formed Insider Threat Team. This role focuses on identifying, preventing, and responding to risks posed by individuals with authorized access to organisational … This role suits someone with strong investigative skills, an analytical mindset, the ability to interpret and act on data, and the capability to execute initiatives that strengthen the insider threat programme. Key Responsibilities Support the delivery of the insider threat programme, including developing tools, standards, and procedures to detect, prevent, and respond to insider threats. Utilise advanced detection More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards More ❯