1 to 25 of 29 Threat Modelling Jobs in London

appetite, and regulatory requirements. Solution Delivery : Provide architectural guidance during project lifecycle (HLD/LLD), review designs, and ensure solutions meet security requirements. Risk & Threat Management : Conduct threat modelling, assess vulnerabilities, and ensure appropriate mitigating controls are designed and implemented. Governance & Standards : Define and maintain security policies …/LLD, patterns, data flows). Hands on understanding of cloud environments (Azure/AWS/GCP), networks, applications, and data protection. Familiarity with threat modelling, risk assessment, and regulatory compliance. Excellent communication skills, able to explain complex security topics to technical and non-technical audiences. Technical standards ...

/Hybrid/Remote The ideal candidate will have an active Security clearance and a strong background in Cyber Security Assurance within a high-threat government environment. Skills and experience. Experience in producing GovAssure and Secure-By-Design assessments, including Risk Assessment Papers, Risk Treatment Plans, Risk Business Cases … Management Plans. Knowledge and experience with security architecture and Security Information and Event Management (SIEM) tools, such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable knowledge of cybersecurity frameworks and standards, including ...

security professionals who want to transition into a GenAI-focused career path and develop deep expertise in securing AI/ML systems. Key Responsibilities Threat Analysis and Vulnerability Assessment Conduct regular threat modelling and vulnerability assessments across AI/ML systems, including data pipelines, model APIs … skills in Python and Bash Strong knowledge of cloud technologies, specifically AWS and Azure Strong understanding of API development and API security Experience with threat modelling, penetration testing, and vulnerability assessments Familiarity with secure software development practices (OWASP, DevSecOps) Interest in or exposure to data science ...

secure architecture patterns across cloud, infrastructure, applications, and data platforms. Provide architectural security guidance throughout the project lifecycle , including HLD and LLD reviews. Conduct threat modelling, vulnerability assessments, and risk analysis , ensuring appropriate mitigation strategies. Define and maintain security standards, policies, and guardrails aligned to regulatory obligations such … high-quality architecture documentation (HLD, LLD, security patterns, data flows). Hands-on understanding of cloud environments (Azure, AWS, or GCP) . Knowledge of threat modelling, risk assessment, and regulatory compliance frameworks . Strong communication skills with the ability to explain complex security concepts to both technical ...

deployment and tuning (Defender for Endpoint, CrowdStrike), Intune/Jamf device management, privileged access workstations, JIT/JEA models API and application security: threat modelling (STRIDE/PASTA), OAuth 2.0/OIDC implementation review, secrets management (Key Vault, HashiCorp Vault), and secure SDLC integration PKI, certificate lifecycle automation … automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines ...

teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. Rationale/deliverables: Contribute … enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team Key Responsibilities Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps , especially around ...

. Youll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. We dont expect you to know everything … just to be curious, practical, and willing to dive in. What Youll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/ ...

delivery without owning build or operations. Key Responsibilities Attend regular project and design meetings to understand requirements and delivery milestones. Perform initial and iterative threat modelling for new features, integrations, and architectural changes. Advise on secure architecture design, including IAM, network segmentation, encryption, and data protection. Recommend … being consistently applied. Essential Experience Proven experience as a Security Architect or senior cyber security consultant in digital delivery environments. Strong Secure by Design, threat modelling, and risk-based security expertise. Experience advising product teams in agile, cloud-based delivery contexts. Confident engaging with architects, developers, and delivery ...

strategic change projects; define and implement security standards across the full software development lifecycle; develop API security standards and secure integration patterns and conduct threat modelling and risk assessments for new technology implementations. Location/WFH: There's a hybrid work from home model with three days … office with rooftop bar. About you: You have an in depth knowledge of application security and secure software development You have experience of conducting threat modelling, security risk assessments and architecture reviews You're collaborative and pragmatic with great communication skills Apply now to find out more about ...

Analyst with expertise across Microsoft Security stack, including Microsoft XDR, Microsoft Defender, Sentinel, and the wider M365 security ecosystem. You'll be handling IR, threat detection, threat hunting, lead complex investigations and develop advanced detection content. What you'll do: Lead and manage high-severity security incidents from … identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps), and custom detection use cases ...

client audit requests as they relate to AI use at the firm. Perform detailed security analysis of application architectures to provide assurance. Understand threat modelling and participate in major incidents responses with IAM and AI components. Review and approve the IAM components of solution designs. Collaborate with cloud ...

align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share … adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure ...

privileged access Experience with network security, encryption, key management, and secure connectivity Knowledge of application security principles, including secure APIs, data protection, and threat modelling Experience designing for security resilience. Desirable Skills: Hands-on experience with cloud security services and tooling (e.g. AWS Security Hub, Azure Defender, Sentinel ...

DevOps and infrastructure teams to embed security into cloud deployments Monitor and improve cloud security posture Identify and remediate vulnerabilities across cloud systems Support threat modelling and security architecture discussions Required Skills: Experience working with AWS, Azure or GCP environments Understanding of cloud security best practices Familiarity with … container technologies such as Docker or Kubernetes Experience with infrastructure-as-code tools such as Terraform Strong understanding of security monitoring and threat detection Nice to Have: Experience with cloud security tools such as Prisma, Wiz or Lacework Knowledge of DevSecOps practices Security certifications such as CISSP, CCSP ...

community. Advisory & Assessment - Provide hands-on security advisory support to software engineering teams, architects and product owners. Conduct security design reviews, code assessments and threat modelling activities. Assess development pipelines, tooling and environments to identify security weaknesses and improvement opportunities. Monitoring & Detection - Monitor development environments, repositories and pipelines ...

pragmatic approach with strong collaboration and stakeholder engagement skills. The curiosity to drive and innovate our Cyber strategy, especially in response to the evolving threat landscape. Excellent prioritisation and planning skills, thriving under pressure in complex environments. Flexibility and agility in delivering outcomes aligned to BA s cyber vision. … technical guidance. Experience designing secure solutions within an Agile development environment. Understanding of aviation systems would be advantageous. Strong background in AWS Security and Threat Modelling is essential. What we offer: We believe that all the people who work with us should feel valued for the part they ...

engineering foundation, with practical knowledge of modern application architectures (e.g., microservices, APIs, distributed systems). Proven ability to design and document architectures using visual modelling techniques such as C4, UML, and data flow diagrams. Hands-on experience with at least one major cloud provider, ideally AWS, including Infrastructure … Code, platform services, networking, and security controls. Deep understanding of secure and resilient system design, including authentication patterns, threat modelling, performance considerations, and observability. Familiarity with Ruby, Python, or Java, and modern development practices such as CI/CD, TDD, and containerization. Experience guiding technology decisions, evaluating options ...

services + maintaining a strong security culture. Investigating security incidents and breaches, performing vulnerability scans for releases, vulnerability risk assessments + remediation planning. Conducting threat modelling to identify risks and inform secure design decisions. Providing assurance over patching operations, release notes + change management activities. Assessing external threat ...

role with no trackside/site access required. Key Responsibilities Cybersecurity Governance & Assurance Produce and maintain: Cyber Security Management Plans (CSMP) Risk assessments and threat models Assurance and compliance documentation Control framework mappings Align artefacts to client standards (TfL/Network Rail) and industry frameworks Support continual improvement … quality oversight to junior engineers/graduate staff Essential Experience Cybersecurity governance & assurance in enterprise or critical infrastructure environments Proven delivery of: Risk assessments Threat modelling Cyber security management documentation Control framework mapping Strong knowledge of ISO/IEC 27001 and IEC 62443 Solid understanding of network architecture ...

around data protection and network modernisation. Ensure security best practices are followed across projects and tasks, including network and data security controls. Assisting with threat modelling, gap assessments, and risk evaluations for both data and network assets. Promoting the adoption of modern security frameworks and secure-by-design ...

Harness. You will play a pivotal role in navigating and modernizing monolithic systems using APIs, microservices, and gateways, while implementing Infrastructure as Code for threat modeling. Key Responsibilities: Lead the design and implementation of GCP-based DevOps architecture. Drive continuous integration and deployment using Harness. Manage and deploy containers ...

about influence, clarity, and partnership translating complex technical concepts into actionable guidance while building trusted relationships across the organisation. You will design reference architectures, threat models, and secure design patterns across hybrid, cloud-native, and on-premises environments, establishing the frameworks and guardrails that drive consistent, resilient, and scalable ...

real time operational insight. Cybersecurity & Compliance Embed ISA/IEC 62443 NIS2 and UK CNI security principles into OT designs. Conduct risk assessments threat modelling and architecture reviews across OT environments. Collaborate with cybersecurity teams to implement segmentation zero trust principles and secure remote access for OT assets. ...

policies and reference architectures. Build identity roadmaps (internal, external, group) aligned to NIST CSF v2.0 maturity. The ability to create trust/data models, threat models, and metrics to measure identity assurance. Familiarity with conducting current-state assessments and define future-state TOM and capability improvements. Can provide specialist ...

policies and reference architectures. Build identity roadmaps (internal, external, group) aligned to NIST CSF v2.0 maturity. The ability to create trust/data models, threat models, and metrics to measure identity assurance. Familiarity with conducting current-state assessments and define future-state TOM and capability improvements. Can provide specialist ...