1 to 25 of 52 Threat Modelling Jobs in London

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

engineering teams to embed automated security testing and guardrails into development workflows. Define, implement, and maintain secure development standards, including secure coding guidelines, threat modelling practices, and minimum-security requirements for applications and APIs. Partner with engineering, platform, and product teams to embed secure-by-design principles into … development team, providing hands-on technical leadership across design, development, and operation. Perform deep-dive security activities for the team, including threat modelling, code-level reviews, and vulnerability triage/remediation support. Oversee and coordinate third-party application security reviews, ensuring consistent assessment standards and effective risk management ...

security of supply through facilities in Europe, the UK, and the United States. Your Role: You will be responsible for revising, developing, and maturing Threat Intelligence processes, tooling, and policies to strengthen existing services and ensure they remain effective against a constantly evolving external threat landscape. This includes … with internal and external stakeholders, building strong, trusted relationships across the business and with peer organisations within the civil nuclear sector to enable effective Threat Intelligence information sharing. You will coordinate with technical and non-technical teams to ensure relevant threat intelligence informs risk modelling and assessment ...

Title: Cyber Threat Management Lead Location: London (2 days onsite per week) Duration: 6 months Rate: £670 via Umbrella Role Summary: We are Seeking a Cyber SME to improve cyber defence through threat intelligence, threat hunting, and detection engineering. Key Responsibilities: Apply cyber threat intelligence … strengthen network defence Conduct threat hunting and detection engineering Perform threat modelling and threat-led risk reduction Support purple team and offensive security testing to improve detections and controls Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation ...

deployment/integration of security capabilities into engineering teams within the product domain. You will drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., with the engineering teams. Reducing friction is paramount and we are all about fast feedback within existing … console for a developer to check. Support teams in a collaborative manner in matters of mobile application, web application, cloud and data security, with threat modelling, risk treatment and security advice across all security domains. If you can raise a PR to fix a security issue, do so. ...

development, engineering, and product teams, ensuring AppSec requirements are integrated early and effectively into design and delivery workflows. Perform and lead application security assessments, threat modelling sessions, design reviews, and secure code review consultations. Partner with Security Product Owners and engineering teams to ensure AppSec tooling, processes … centralised Centre of Excellence or security governance function. Strong capability in developing and governing AppSec policies, standards, and secure SDLC frameworks. Expert knowledge across threat modelling, secure design, application risk assessment, and secure code review techniques. Hands-on understanding of DevSecOps practices, CI/CD pipeline security ...

Integrate security controls into CI/CD pipelines and modern development workflows, enabling secure and automated deployment of cloud and AI workloads. Participate in threat modelling, risk assessment, and security design reviews for AI applications, APIs, and cloud services. Support evaluation and onboarding of emerging AI security tools … securing GenAI, Agentic AI, vector databases, model APIs, or data pipelines used by LLMs. Knowledge of responsible AI principles, model governance, or AI-specific threat modelling (e.g., adversarial ML, data poisoning, prompt injection). Background working in regulated industries such as Financial Services or Insurance. Strong stakeholder communication ...

delivery without owning build or operations. Key Responsibilities Attend regular project and design meetings to understand requirements and delivery milestones. Perform initial and iterative threat modelling for new features, integrations, and architectural changes. Advise on secure architecture design, including IAM, network segmentation, encryption, and data protection. Recommend … being consistently applied. Essential Experience Proven experience as a Security Architect or senior cyber security consultant in digital delivery environments. Strong Secure by Design, threat modelling, and risk-based security expertise. Experience advising product teams in agile, cloud-based delivery contexts. Confident engaging with architects, developers, and delivery ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

embed security into lifecycle governance Define and implement a modern DevSecOps tooling strategy (CI/CD, SAST/DAST, SCM, automation) Drive secure coding, threat modelling, and supply chain security practices (SBOM, provenance, signing) Develop KPIs, metrics, and maturity models to track and continuously improve SDLC performance Build … NIST SSDF, OWASP SAMM/ASVS, ISO 27034) Strong understanding of modern engineering practices (Agile, CI/CD, cloud, automation) Expertise in application security, threat modelling, and secure coding standards Experience implementing tooling ecosystems (e.g. SAST, DAST, SCA, pipeline automation) A track record of influencing senior stakeholders ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...