1 to 25 of 68 Threat Modelling Jobs in England

Threat Modelling Consultant Rate - £550 per day Inside IR35 Location - London twice a week on site Duration - 6 months initial We are looking to recruit an experienced Threat Modelling Consultant to design and implement comprehensive threat models for 90-100 diverse applications. You will evaluate … application-generated logs, develop threat detection strategies and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics and automation to enhance the customer's application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored for a large ...

product teams to ensure security is integrated into design and development activities. Provide architectural guidance across agile sprints and feature releases. Security Risk & Threat Analysis Conduct threat modelling independently across application and platform designs. Perform risk assessments to identify vulnerabilities and architectural weaknesses. Design appropriate security controls … Practice, supporting the maturity of the clients security architecture capability. Help identify capability gaps and support the development of consistent approaches across teams, including: Threat modelling frameworks Secure development lifecycle practices Security architecture standards Provide ad-hoc security architecture support across other programmes where needed. Essential Skills & Experience ...

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the life cycle. Working closely with stakeholders, you will define security architectures … Design - Embed security into every stage of the solution life cycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (eg STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

functions and a relentless focus on operational excellence, the Head of Security Services builds and empowers high-performing teams to deliver 24/7 threat detection, rapid incident response, and proactive risk management. This includes ownership of security controls, security testing, tech assurance and vulnerability and threat management … Leadership Team. Operations & Service Delivery • Oversee daily operations of technical security functions, working collaboratively with the SOCs to provide 24/7 visibility and threat detection ensuring services are resilient, risk-aware, and aligned with business needs. • Regularly review and modernise SOC processes, technologies, and talent. • Partner with MSSPs ...

appetite, and regulatory requirements. Solution Delivery : Provide architectural guidance during project lifecycle (HLD/LLD), review designs, and ensure solutions meet security requirements. Risk & Threat Management : Conduct threat modelling, assess vulnerabilities, and ensure appropriate mitigating controls are designed and implemented. Governance & Standards : Define and maintain security policies …/LLD, patterns, data flows). Hands on understanding of cloud environments (Azure/AWS/GCP), networks, applications, and data protection. Familiarity with threat modelling, risk assessment, and regulatory compliance. Excellent communication skills, able to explain complex security topics to technical and non-technical audiences. Technical standards ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities … offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. Developing innovative analytical techniques to identify incidents effectively. Collaborating with an outsourced ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities … offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. Developing innovative analytical techniques to identify incidents effectively. Collaborating with an outsourced ...

/Hybrid/Remote The ideal candidate will have an active Security clearance and a strong background in Cyber Security Assurance within a high-threat government environment. Skills and experience. Experience in producing GovAssure and Secure-By-Design assessments, including Risk Assessment Papers, Risk Treatment Plans, Risk Business Cases … Management Plans. Knowledge and experience with security architecture and Security Information and Event Management (SIEM) tools, such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable knowledge of cybersecurity frameworks and standards, including ...

security professionals who want to transition into a GenAI-focused career path and develop deep expertise in securing AI/ML systems. Key Responsibilities Threat Analysis and Vulnerability Assessment Conduct regular threat modelling and vulnerability assessments across AI/ML systems, including data pipelines, model APIs … skills in Python and Bash Strong knowledge of cloud technologies, specifically AWS and Azure Strong understanding of API development and API security Experience with threat modelling, penetration testing, and vulnerability assessments Familiarity with secure software development practices (OWASP, DevSecOps) Interest in or exposure to data science ...

deployment and tuning (Defender for Endpoint, CrowdStrike), Intune/Jamf device management, privileged access workstations, JIT/JEA models API and application security: threat modelling (STRIDE/PASTA), OAuth 2.0/OIDC implementation review, secrets management (Key Vault, HashiCorp Vault), and secure SDLC integration PKI, certificate lifecycle automation … automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines ...

secure architecture patterns across cloud, infrastructure, applications, and data platforms. Provide architectural security guidance throughout the project lifecycle , including HLD and LLD reviews. Conduct threat modelling, vulnerability assessments, and risk analysis , ensuring appropriate mitigation strategies. Define and maintain security standards, policies, and guardrails aligned to regulatory obligations such … high-quality architecture documentation (HLD, LLD, security patterns, data flows). Hands-on understanding of cloud environments (Azure, AWS, or GCP) . Knowledge of threat modelling, risk assessment, and regulatory compliance frameworks . Strong communication skills with the ability to explain complex security concepts to both technical ...

teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. Rationale/deliverables: Contribute … enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team Key Responsibilities Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps , especially around ...

strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish …/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience ...

Integrate security controls into CI/CD pipelines and modern development workflows, enabling secure and automated deployment of cloud and AI workloads. Participate in threat modelling, risk assessment, and security design reviews for AI applications, APIs, and cloud services. Support evaluation and onboarding of emerging AI security tools … securing GenAI, Agentic AI, vector databases, model APIs, or data pipelines used by LLMs. Knowledge of responsible AI principles, model governance, or AI-specific threat modelling (e.g., adversarial ML, data poisoning, prompt injection). Background working in regulated industries such as Financial Services or Insurance. Strong stakeholder communication ...

productivity. Mentor senior engineers and influence technical leaders across the organisation. Secure-by-Design & Compliance Embed secure-by-design principles into architectural decisions. Ensure threat modelling is performed for new features and major changes. Champion secure coding standards and integration of security testing into the delivery pipeline. Collaborate … delivery of product capabilities. Strong background in cloud-native architectures (microservices, event-driven, distributed systems). Deep understanding of secure-by-design principles, threat modelling, cryptography basics, and modern security practices. Experience with API design, integration patterns, and domain-driven design (DDD) and Event Driven Design. Ability ...

strategic change projects; define and implement security standards across the full software development lifecycle; develop API security standards and secure integration patterns and conduct threat modelling and risk assessments for new technology implementations. Location/WFH: There's a hybrid work from home model with three days … City office with rooftop bar. About you: You have an indepth knowledge of Application Security and secure software development You have experience of conducting threat modelling, security risk assessments and security architecture reviews You're keen to take ownership of Greenfield systems and processes You're collaborative ...

help embed secure development practices across their software and related hardware products. Youll work closely with engineers and leadership to drive secure SDLC, lead threat modelling, assess vulnerabilities, and support alignment with the EU Cyber Resilience Act. Key experience: Product Security/Application Security/Secure SDL Familiarity … with threat modelling and vulnerability assessments Good understanding of software principles Secure coding principles/OWASP Ability to engage with software teams and speak their language Hands-on, engineering-facing role with real influence across product development. ...

currently looking for an experienced Security Design Consultant, to work on assignment with a financial services customer. As a Security Design Consultant, you conduct threat modelling and risk assessments, and be responsible for the design and implementation of secure architecture solutions and security controls. What they are looking … Architecture level experience in cyber security Threat modelling experience Risk assessment experience Strong understanding of security frameworks such as NIST and ISO 27001 Cloud experience Operational background/experience This is an exciting opportunity for an experienced Security Design Consultant to join a truly world-class business, which ...

Product Security Management System (PSMS) and propose improvements when gaps or inefficiencies are identified. Support evidence generation required for Cybersecurity Conduct security analyses , threat modelling and vulnerability assessments within the digital engineering environment. Support incident investigations and maintain accurate records of product-security-relevant decisions . Essential Skills … product, system or cyber security engineering industries. (Internal BAE Systems training is available for Product Security specialism) An awareness of secure-by-design principles , threat modelling, risk assessment methodologies and security control design. Practical knowledge of security policies, standards and good practice frameworks in highly regulated industries Experience ...

Product Security Management System (PSMS) and propose improvements when gaps or inefficiencies are identified. Support evidence generation required for Cybersecurity Conduct security analyses , threat modelling and vulnerability assessments within the digital engineering environment. Support incident investigations and maintain accurate records of product-security-relevant decisions . Essential Skills … product, system or cyber security engineering industries. (Internal BAE Systems training is available for Product Security specialism) An awareness of secure-by-design principles , threat modelling, risk assessment methodologies and security control design. Practical knowledge of security policies, standards and good practice frameworks in highly regulated industries Experience ...

Product Security Management System (PSMS) and propose improvements when gaps or inefficiencies are identified. Support evidence generation required for Cybersecurity Conduct security analyses , threat modelling and vulnerability assessments within the digital engineering environment. Support incident investigations and maintain accurate records of product-security-relevant decisions . Essential Skills … product, system or cyber security engineering industries. (Internal BAE Systems training is available for Product Security specialism) An awareness of secure-by-design principles , threat modelling, risk assessment methodologies and security control design. Practical knowledge of security policies, standards and good practice frameworks in highly regulated industries Experience ...

world national security impact, while enjoying hybrid working and strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration ...

client audit requests as they relate to AI use at the firm. Perform detailed security analysis of application architectures to provide assurance. Understand threat modelling and participate in major incidents responses with IAM and AI components. Review and approve the IAM components of solution designs. Collaborate with cloud ...

Responsibilities Design end-to-end API security architecture across cloud and on-premise environments. Define API security standards covering authentication, authorization, encryption, and threat protection. Lead architectural reviews, threat modelling, and risk assessments for API integrations. Select, architect, and optimize API gateways, WAFs, and security controls. Develop … patterns). Nice to Have Certifications: CISSP, CCSP, GIAC, SABSA. Experience with DevSecOps, container security, and microservices architecture. Knowledge of SIEM, API analytics, and threat intelligence. ...

align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share … adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure ...