1 to 25 of 33 Threat Modelling Jobs in London

carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We're looking for a Threat Defence and Cyber Security Operations - Threat Intelligence Lead. Based at our Paddington site, you'll build on the existing URENCO capabilities to further develop … Threat Intelligence function within the Threat Defence and Cyber Security Operations Team. We're looking for a motivated and experienced individual who wants to join a high performing team and be a part of and influence a transformational journey. This role reports to the Head of Threat ...

Development, Security and Operations (DevSecOps). Engage across multiple functions on a global level to build and deploy DevSecOps for Cloud environments. Perform Threat Modelling for Cloud-based Workloads and Develop Counter Measures. Perform design reviews of new 3rd party Cloud and/or On Prem solutions, products … create cloud security policy, engineer it, test it and deploy it. Experience Workload Coding Languages & Frameworks - JAVA REST services with Spring, Python, .NET, etc. Threat Modelling Skills with tools such as IriusRisk or similar; experienced at identifying security flaws in cloud solutions via architectural assessment and threat ...

Development, Security and Operations (DevSecOps). Engage across multiple functions on a global level to build and deploy DevSecOps for Cloud environments. Perform Threat Modelling for Cloud-based Workloads and Develop Counter Measures. Perform design reviews of new 3rd party Cloud and/or On Prem solutions, products … create cloud security policy, engineer it, test it and deploy it. Experience Workload Coding Languages & Frameworks - JAVA REST services with Spring, Python, .NET, etc. Threat Modelling Skills with tools such as IriusRisk or similar; experienced at identifying security flaws in cloud solutions via architectural assessment and threat ...

controls and recommend improvements. Deliver security architecture for cloud and hybrid environments. Scope and review IT Health Checks (ITHC) and produce remediation plans. Conduct threat modelling, risk assessments, and design proportional controls. Produce security architecture artefacts including standards and blueprints. Travel to client sites (approx. … guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain, attack trees), HLD/LLD reviews Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM. Working towards or holding CIISEC ...

SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging threats and recommend proactive mitigations. Provide mentoring, training, and security awareness support to internal teams. Essential Skills … risk-based security. Relevant certifications such as CISSP, CompTIA Security+, GIAC, or equivalent. Excellent documentation, communication, and stakeholder collaboration skills. Desirable Background in threat modelling or secure software design. Knowledge of ISO27001, Cyber Essentials Plus, or cloud security certifications. Experience in large-scale or regulated environments. What ...

. Youll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. We dont expect you to know everything … just to be curious, practical, and willing to dive in. What Youll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/ ...

dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. They don't expect you to know everything - just … curious, practical, and willing to dive in. What You'll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates ...

dissect designs, model attack paths, and show engineering teams what “good” really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. They don’t expect you to know everything — just … curious, practical, and willing to dive in. What You’ll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates ...

commitment is to provide clients with the assurance that they are valued by a company that is both attentive and impactful. Role Title: Threat Intelligence Analyst Reporting Line Manager: Head of Threat Intelligence Onsite Requirements (e.g. number of days per week onsite): 5 days Hybrid/Remote Working … Daily Rate or Budget Range: 500 IR35 Status (inside/Outside/To Be Determined) Inside Experience Requirements Technology & Vendor Skillsets Required: Familiarity with threat intelligence platforms (TIPs), SIEMs, and threat data enrichment tools. Experience using Breach and Attack Simulation (BAS) platforms to build and validate threat ...

client audit requests as they relate to AI use at the firm. Perform detailed security analysis of application architectures to provide assurance. Understand threat modelling and participate in major incidents responses with IAM and AI components. Review and approve the IAM components of solution designs. Collaborate with cloud ...

align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share … adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure ...

Responsibilities Design secure cloud architectures across AWS/Azure/GCP for enterprise-scale transformation projects Define and implement application security standards including threat modelling, secure SDLC, API security and DevSecOps practices Conduct security risk assessments, architecture reviews and produce high-level and low-level security designs Advise ...

role Define, champion, and embed secure software development lifecycle (SSDLC) practices and secure coding standards across engineering teams through collaboration, training, and tooling. Perform threat modelling exercises for cloud-native applications, microservices, and infrastructure components. Manage internal and external penetration testing engagements for Funding Circle applications, services … SAST, DAST, SCA, IAST, secrets management) and automated controls directly into CI/CD pipelines like GitLab CI, Jenkins, or GitHub Actions. Vulnerability Management & Threat Intelligence: Deep understanding of web application vulnerabilities (OWASP Top 10) and experience contributing to vulnerability management programs. Container & Orchestration Security: Solid knowledge of container ...

Lead installation, configuration, testing and handover of CyberArk secrets-management solutions into Run & Maintain teams. Provide architectural leadership on privileged access risk reduction through threat modelling, control selection and adherence to security policies . Act as a trusted advisor to senior stakeholders (CISO, security architects, platform owners, programme ...

write Terraform, review architecture designs, triage security alerts, build security into development workflows, coordinate penetration testing, and partner with engineering on threat modelling and secure development practices. You'll also respond to customer security questionnaires, document controls for auditors, establish incident response procedures, and work with our Head ...

AntiVirus/AntiMalware for End User devices Antivirus/Malware/Ransomware etc for Product/Platform DDos Protection Access Management/Review (IAM) Threat modelling Setup Bug Bounty program Application Security/Testing Brand monitoring (domans etc) Whitelist client access Encryption in Transit (confirm 100%) Social Engineering ...

SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat modelling, risk assessments, and vulnerability management. Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Develop ...

SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat modelling, risk assessments, and vulnerability management. Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Develop ...

SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat modelling, risk assessments, and vulnerability management. Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Develop ...

security risk assessments and assurance in large, fast moving, complex digital environments, ideally government or critical infrastructure in-depth understanding of cyber risk management, threat modelling, security architectural advice, and formal IT Health Checks, including experience with SaaS environments and cloud security principles experience interpreting and applying relevant ...

SLAs, regulatory standards (NCSC, ISO27001) and vendor ecosystems.? Mentor junior architects, contribute to service catalogue evolution and conduct design reviews for risk/threat modelling.? Drive innovation in AIOps, edge computing and sustainability-focused infra for defence-adjacent clients.? Person specification Essential: Active SC clearance with 7+ years ...

DevSecOps Engineer | Fully Remote | £60,000 - £70,000 Our client is a fast-growing cyber-defence and threat-intelligence company committed to protecting organisations from sophisticated cyber threats. They combine advanced security analytics, automation and human expertise to deliver real-time defence across modern cloud and on-prem environments. … they build. The Role: As a DevSecOps Engineer, you will sit at the intersection of development, operations and security. Youll work closely with engineering, threat research, and security operations teams to design, build, and maintain secure, scalable infrastructure and CI/CD pipelines. What Youll do: +Design, maintain ...

communicate complex technical security requirements clearly to the development teams, risk assessment, risk mitigation and security tools/automation. Responsibilities Key responsibilities: Conduct threat modeling, security architecture reviews, risk assessment and provide guidance on mitigating the identified issues. Create and maintain technical security standards and patterns ...

communicate complex technical security requirements clearly to the development teams, risk assessment, risk mitigation and security tools/automation. Responsibilities Key responsibilities: Conduct threat modeling, security architecture reviews, risk assessment and provide guidance on mitigating the identified issues. Create and maintain technical security standards and patterns ...

Hybrid| Remote The ideal candidate will hold an active DV clearance and have a solid background in Cyber Security Engineering working within a high-threat government environment, with the following skills and experience: Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, Sentinel … Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in Protective Monitoring & SOC operation Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. ...