1 to 25 of 38 Threat Modelling Jobs in London

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

Lead technical security design across infrastructure, cloud and application environments Collaborate with SMEs across Identity, Security Testing and Privacy Conduct risk assessments and support threat modelling activities Provide clear justification of design decisions to both technical and non-technical stakeholders Ensure alignment to industry standards and government security … Understanding of network security, encryption, authentication and access control Experience with security tooling such as SIEM, IDS, firewalls and vulnerability assessment tools Knowledge of threat modelling and risk assessment TO BE CONSIDERED: Please either apply through this advert or emailing me directly via . For further information please ...

platforms and customer-facing applications. Partner with engineering, infrastructure, and product teams to embed security-by-design principles throughout the software development lifecycle. Conduct threat modelling, security reviews, and risk assessments for new products and services. Design secure architectures across AWS, GCP, or Azure environments, including IAM, network … first organisations such as Monzo, Starling, Revolut, or similar. Strong expertise in cloud security (AWS preferred), application security, and modern architecture patterns. Experience with threat modelling, security governance, and risk management frameworks. Excellent stakeholder management skills with the ability to influence senior technical and business leaders. Relevant certifications ...

deployment/integration of security capabilities into engineering teams within the product domain. • You will drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., with the engineering teams. • Reducing friction is paramount and we are all about fast feedback within existing … console for a developer to check. • Support teams in a collaborative manner in matters of mobile application, web application, cloud and data security, with threat modelling, risk treatment and security advice across all security domains. If you can raise a PR to fix a security issue, do so. ...

teams Contribute code and patches to security tooling and configurations Secure Development Define and enforce secure coding standards Conduct security-focused code reviews and threat modelling for new features Provide remediation guidance for application vulnerabilities Train and support developers on secure coding practices Vulnerability Management Triage, patch … Experience with CSPM tooling (Wiz, Prisma Cloud, or similar) Penetration testing or bug bounty experience Experience in regulated environments (healthcare, financial services) Familiarity with threat modelling frameworks (STRIDE, PASTA) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero ...

frameworks including ISO 27005 and NIST RMF Lead risk identification, assessment and treatment across applications, infrastructure and digital services Facilitate structured risk workshops and threat modelling sessions Assess solution architectures to identify security risks and control gaps Review and interpret IT Health Check outputs and define clear remediation … defence Proven ability to engage senior stakeholders and influence decisions Ability to translate technical findings into clear, actionable risk outcomes Confident leading risk workshops, threat modelling and control assessments Experience working within Agile delivery environments Strong analytical capability and sound judgement Any candidates must have an active ...

into complex IT and digital initiatives Advise clients on cyber risk, governance and regulatory compliance frameworks including: ISO 27001 NIST GDPR PCI-DSS Conduct threat modelling and identify security vulnerabilities within solution designs Recommend pragmatic risk mitigation strategies to technical and non-technical stakeholders Support the implementation … IDAM Privileged Access Management (PAM) Single Sign-On (SSO) Network Security Encryption technologies Understanding of infrastructure, architecture methodologies and secure design principles Experience with threat modelling and reference architecture development Excellent stakeholder engagement and communication skills Ability to learn quickly and adapt within fast-paced environments Desirable Experience ...

What you'll do: Design secure solutions across applications, networks, and cloud environments, ensuring security standards and controls are built into delivery. Carry out threat modelling activities to identify security risks, vulnerabilities, and potential gaps within technical solutions. Support secure architectural decision-making by assessing risks, business impact … environments. Strong understanding of modern enterprise technologies, including Cloud, AI, APIs, microservices, and modern application architectures. Knowledge of current cyber threats and experience with threat modelling frameworks such as STRIDE and MITRE ATT&CK. Solid understanding of key security domains including IAM, network security, cryptography, endpoint security ...

equivalent experience Experience applying cyber security principles across the systems or product engineering lifecycle Knowledge of cyber risk management and vulnerability management Experience with threat modelling frameworks such as MITRE ATT and CK, DEF3ND, or EMB3D Awareness of industrial control systems or operational technology environments Working knowledge … subject to required skills, your application to our client in conjunction with this vacancy only. Key Skills Product Cyber Security Specialist, Cyber Risk Management, Threat Modelling, NIST CSF, Industrial Control Systems, Secure by Design, Defence ...

competitive salary (Inside IR35) and benefits. Visa sponsorship is not available. You will be responsible for Conducting security assessments of AI solutions, including threat modelling Developing governance frameworks, security standards, and best practice for AI adoption Designing controls for identity, access management, auditability, and human oversight Supporting implementation … injection, jailbreaks, data leakage, poisoning, model extraction/inversion) Strong background in security architecture, IAM, Zero Trust, audit controls, and secure integration Experience in threat modelling and security reviews across complex environments Practical, delivery-focused mindset with ability to enable innovation securely Must have right to work ...

have the opportunity to do as a Security Architect Define and own security architecture Design secure cloud and on-prem solutions Deliver threat modelling and define requirements Align with frameworks (NIST, ISO, CIS) Provide risk-based security guidance Govern delivery of security controls Engage senior technical … technical stakeholders About the Candidate The right Security Architect should have: Strong background in security across cloud, network or apps Knowledge of threat modelling and secure design Familiarity with frameworks (NIST, ISO, CIS) Experience across delivery lifecycles Strong stakeholder communication skills What’s in it for you? Salary ...

into the full product lifecycle, from concept through to release Conduct hands-on security assessments across web, mobile, and backend applications Lead and support threat modelling activities for new features and systems Collaborate closely with engineering teams to design secure architectures Integrate and optimise security tooling such … similar Solid knowledge of web or mobile security, with willingness to broaden across both Good understanding of networking fundamentals and operating systems Experience conducting threat modelling and explaining security trade-offs to stakeholders Ability to script and automate tasks using languages such as Python, JavaScript, or Go Knowledge ...

Threat & Adversarial AI Expert 6 Months Contract + Extension London Based 2 days in the office £500 to £600 a day Inside IR35 A pioneering financial institution is seeking an experienced Threat & Adversarial AI Expert to join their cybersecurity team. You will act as the primary architect … safety for the firm's generative AI ecosystem, ensuring agentic capabilities remain resilient against an evolving global threat landscape. As a Threat AI Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE ...

Profile Summary Seeking security engineer to join our Proactive Security team, this role will focus on the development of security technology stack to ensure threat mitigation is in place through offensive and preventive measures. Duties and Responsibilities Threat Modelling & Risk Analysis: Develop and maintain threat models … tooling integration and orchestration. Develop and implementation of SOAR capabilities that aligns with existing technology stack. Experience with KMS systems and methodologies. Identity based threat detection and prevention. Privileged Access and Session Management SIEM Management: Design, implement, and maintain of workspaces, including data connectors, Logic App, Function App, analytics ...

Security team. This role focuses on security engineering, SIEM development, detection engineering, and security automation. The successful candidate will help enhance the bank's threat detection and response capabilities across on-premise and cloud environments. Key Responsibilities Develop and maintain threat detection use cases, threat hunting content … optimise SIEM capabilities, including log onboarding, analytics rules, dashboards, playbooks, and data connectors. Build and maintain SOAR workflows and security automation capabilities. Support threat modelling, security control reviews, and risk assessments for new technology initiatives. Integrate security tooling and develop automated remediation and configuration monitoring solutions. Improve detection ...

enterprise-scale infrastructure. Security is a major investment area for the business, with a strong focus on cloud security, cyber resilience, automation, and intelligent threat detection.This is an opportunity to join a collaborative team where security is seen as a business enabler — not a blocker.The RoleThis is a hands … integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling Lead technical investigations and incident response activities Improve threat visibility and reduce false positives through detection engineering Conduct vulnerability management and remediation initiatives Partner with engineering, infrastructure, and DevOps teams to embed security ...

policies, network segmentation, and secrets management Configure and tune SIEM (or similar) for cloud-focused detection Establish logging, monitoring, and alerting requirements based on threat modelling Investigate and respond to cloud security events Risk & Compliance Identify, articulate, and escalate security risks to senior leadership with mitigation plans Track ...

troubleshooting. Governance, Risk and Compliance Apply GRC principles across designs and deployments. Review and improve customer security policies and standards. Perform risk assessments, threat modelling, and compliance gap analysis. Advise on ISO 27001, NIST, PCI DSS, and GDPR. Threat and Vulnerability Management Interpret threat intelligence ...

CASB, FWaaS, segmentation, and secure web access • Integrate Zero Trust solutions with identity providers, SIEM/SOAR platforms, and endpoint security tooling • Conduct threat modelling, risk assessments, and security architecture reviews • Troubleshoot complex deployment and access issues across enterprise environments • Provide technical leadership and guidance across security ...

controls into engineering workflows. Collaborate with software development teams to improve secure coding practices. Develop and maintain monitoring, logging, and incident response automation. Support threat modelling and secure architecture reviews. Drive DevSecOps best practices across engineering teams. Contribute to platform engineering and cloud-native application delivery. Required Experience ...

similar platforms • Oversee integration of Zero Trust solutions with identity providers, SIEM/SOAR tooling, endpoint security, and cloud environments • Conduct architecture reviews, threat modelling exercises, gap assessments, and security strategy workshops • Lead proof-of-concept exercises, vendor evaluations, and technical validation sessions • Provide senior technical leadership ...

that will fundamentally change how their Application Security is Delivered within the SDLC. Early Phases of the Programme have already defined the Target Architecture, Threat Model & Prompt Engineering Strategy . The Next Stage is to Transform this Foundation into a Production - Grade Capability Used Daily by Engineering Teams , enabling … Agent Behaviours Policy Frameworks & Guardrails Tool Schemas & Execution Constraints Implement Protections Against: Prompt Injection Jailbreak Attempts Unsafe Tool Execution Ensure Alignment with Defined AASA Threat Model & Governance Standards Evaluation, Metrics & Assurance: Build & Maintain a Full Evaluation Framework , including: Golden Datasets & Regression Test Suites Precision/Recall Measurement for Vulnerability ...

Code, Policy as Code and Architecture as Code. Proven ability in strategic planning and cloud transformation initiatives. Desirable: Diagrams as code, ie C4 Modelling and Structurizr, Mermaid, Plantuml, Desirable: Threat Modelling and Secure by design principles. Desirable: Understanding of ZTNA. This opportunity offers the chance to influence ...

GitHub Actions, GitLab CI, Jenkins), integrating security gates • Cloud & infra: on‐prem, cloud (AWS/Azure/GCP), hybrid architectures, SaaS evaluation • Security architecture: threat modelling, policy design, compliance (e.g. banking controls) • Programming ecosystem knowledge: Python/R packaging (pip, conda, CRAN), dependency management • Delivery: solution design, build ...