1 to 25 of 64 Threat Modelling Jobs in London

Threat Intelligence AnalystFully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest cybersecurity … penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC teams … to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present More ❯

Threat Intelligence Analyst Fully Onsite in London Inside IR35 Contract Deerfoot Recruitment has been engaged to identify an experienced Threat Intelligence Analyst for a leading global banking organisation with an advanced cyber defence function in London. This is a fantastic opportunity to shape threat intelligence, work alongside Red/Blue Teams, and operationalise intelligence using the latest … cybersecurity, penetration testing, and Breach & Attack Simulation (BAS) platforms. Key Responsibilities: Monitor and analyse global cyber threat landscapes, identifying threats, adversary tactics, and emerging risks Collaborate with Red Team, Blue Team, and Penetration Testing specialists to integrate intelligence into Breach & Attack Simulation (BAS) scenarios Act as a point of contact between threat intelligence, Red/Blue, and SOC … teams to align threat modelling and adversary simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans More ❯

risks across our platform and products. Your primary mission is to ensure we build secure systems by providing expert security analysis, architectural guidance, and process leadership. You will lead threat modelling sessions, conduct in-depth security reviews of new features, manage our penetration testing programme, and triage complex findings. This role requires a deep understanding of technology and … and application platforms, against potential threats. What you'll get to do? Conduct comprehensive security architecture and design reviews, ensuring that security is embedded from the start Lead the threat modelling process (e.g., using STRIDE) for new products and features, identifying potential design flaws and defining security requirements Manage the end-to-end penetration testing lifecycle, from scoping … DevSecOps mindset that we have created across our technology teams Requirements What skills are essential: Significant experience in a security-focused role with a strong emphasis on risk analysis, threat detection, and architectural review Proven expertise in conducting threat modelling and security design reviews for complex, cloud-native applications (AWS/GCP, Kubernetes) Deep understanding of common More ❯

strategy across infrastructure, applications, and data. Lead hands-on development of security roadmaps, maturity models, and control frameworks tailored to Fuse's risk profile. Directly contribute to architecture reviews, threat modelling sessions, and key design decisions across product and platform teams. Build and mentor a high-performing security team, including hiring, coaching, and managing performance. Develop KPIs and … data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews of critical systems; design and deliver security awareness training programs for all employees to promote a culture of … proactive risk management. Build threat intelligence capabilities to stay ahead of emerging risks. Balance risk management with product and engineering velocity. Incident Response & Resilience Own response plans for high-severity threats and incidents. Build robust detection, containment, and remediation processes. Drive business continuity and disaster recovery strategy. Technology & Infrastructure Security Partner with engineering to embed security in the SDLC More ❯

Validate the effectiveness of security controls and recommend improvements. Deliver security architecture for cloud and hybrid environments. Scope and review IT Health Checks (ITHC) and produce remediation plans. Conduct threat modelling, risk assessments, and design proportional controls. Produce security architecture artefacts including standards and blueprints. Travel to client sites (approx. 40-60%) as required for classified system access. … HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain, attack trees), HLD/LLD reviews Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM. Working towards or holding CIISEC Full Membership or UK Cyber More ❯

software development lifecycle - from designing controls and integrating testing into CI/CD pipelines to supporting vulnerability management and remediation. Acting as the go-to expert for secure design, threat modelling, and compliance, you'll make sure teams have the knowledge, tools, and confidence to build securely from the start. Alongside this, you'll maintain clear documentation and … of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs A collaborative, proactive approach to solving problems More ❯

software development lifecycle - from designing controls and integrating testing into CI/CD pipelines to supporting vulnerability management and remediation. Acting as the go-to expert for secure design, threat modelling, and compliance, you'll make sure teams have the knowledge, tools, and confidence to build securely from the start. Alongside this, you'll maintain clear documentation and … of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs A collaborative, proactive approach to solving problems More ❯

drive awareness of security from the earliest stages of design through to deployment. You'll help integrate automated security tooling and checks into our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and … in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with engineers and promotes secure-by-default practices We might not be right for you if: You More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

security into agile development environments Hands-on with cloud platforms and CI/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able More ❯

security into agile development environments Hands-on with cloud platforms and CI/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able More ❯

with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers and More ❯

with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers and More ❯

and practices into DevOps workflows (SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement secure coding and deployment practices. Provide practical guidance on threat modelling, risk assessments, and vulnerability management. Advise on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes) with a hands-on delivery mindset. Develop, implement, and enforce More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯