14 of 14 Threat Modelling Jobs in the North of England

strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish …/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience ...

productivity. Mentor senior engineers and influence technical leaders across the organisation. Secure-by-Design & Compliance Embed secure-by-design principles into architectural decisions. Ensure threat modelling is performed for new features and major changes. Champion secure coding standards and integration of security testing into the delivery pipeline. Collaborate … delivery of product capabilities. Strong background in cloud-native architectures (microservices, event-driven, distributed systems). Deep understanding of secure-by-design principles, threat modelling, cryptography basics, and modern security practices. Experience with API design, integration patterns, and domain-driven design (DDD) and Event Driven Design. Ability ...

Responsibilities Design end-to-end API security architecture across cloud and on-premise environments. Define API security standards covering authentication, authorization, encryption, and threat protection. Lead architectural reviews, threat modelling, and risk assessments for API integrations. Select, architect, and optimize API gateways, WAFs, and security controls. Develop … patterns). Nice to Have Certifications: CISSP, CCSP, GIAC, SABSA. Experience with DevSecOps, container security, and microservices architecture. Knowledge of SIEM, API analytics, and threat intelligence. ...

identity management (e.g., Entra ID), and secure application development. Deliver clear cybersecurity advice to technical and non-technical stakeholders on Azure security best practices, threat protection, and compliance. Champion 'Secure by Design' across IT infrastructure, emphasizing Azure Defender, Sentinel, and application security controls. What were looking for Expertise … application security (e.g., OWASP, DevSecOps), and network segmentation. Strong knowledge of Azure-specific security tools (e.g., Azure Security Center, Key Vault, Policy, Private Link), threat modelling, secure SDLC, and assurance processes. Experience delivering "secure by design" in regulated sectors (e.g., finance, healthcare, critical infrastructure), including Azure compliance certifications ...

with the highest security standards. Design and create secure Enterprise-Grade Architectures Across Cloud, Hybrid, and On-Prem Environments Conduct comprehensive risk assessments and threat modelling to proactively identify vulnerabilities and develop effective mitigation strategies Develop and maintain security policies and frameworks that adhere to industry standards such ...

evolve secure, enterprise-grade architectures across cloud, hybrid, and on-prem environments. Embed security into every stage of our SDLC Conduct risk assessments and threat modelling, proactively identifying vulnerabilities and mitigation strategies Develop and maintain security policies and frameworks aligned with NIST, ISO 27001, and CIS Controls Lead ...

Security+ You will be able to work from home 3 times a week. Key Responsibilities Implement security practices through the SDLC including secure coding, threat modelling and vulnerability/penetration testing. Develop, maintain, and enforce security policies and procedures for all teams in the IT Department (ISO27001, NIST ...

Kafka, MQ), asynchronous processing Cloud & Infrastructure: Cloud-native design, containerisation (Docker, Kubernetes), CI/CD pipelines Data: Distributed data systems, RDBMS/NoSQL, data modelling, data consistency patterns Security: Secure-by-design principles, IAM, encryption, threat modelling, regulatory compliance Resilience: High availability, fault tolerance, disaster recovery, observability ...

/3, and NCSC guidelines. Set and embed security standards and patterns, aligned with best practices, to strengthen NHS England's cyber resilience. Lead threat modelling, security assessments, and risk mitigation efforts, delivering actionable advice to address identified vulnerabilities. Collaborate with stakeholders and teams to address challenges … during project lifecycles. Scope and review security testing reports, vulnerability assessments, and compliance audits to ensure robust application and endpoint security. Provide architecture modelling expertise to design and implement resilient, secure systems and services across NHS England. Support systems and services throughout their lifecycle, ensuring secure practices are maintained ...

ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the Group-wide cyber security risk register, including conducting risk assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. ...

Architecture & Design Define and review secure architectures across enterprise IT and OT environments. Act as technical authority for secure system design and implementation. Lead threat modelling, risk assessments, and security design reviews. Ensure compliance with defence security standards and secure-by-design principles. Security Assurance & Governance Deliver independent ...

security (OAuth2, OIDC, JWT, etc.) Understanding of AI/ML concepts or a strong interest in building expertise in this area Experience in threat modelling, vulnerability assessment, or security testing Familiarity with secure development practices (e.g., DevSecOps, OWASP) Background in identity, access control or secrets/key management ...

integrity and security best practices. Translate business and risk requirements into secure architectural solutions spanning IT and OT environments. Develop architecture artefacts such as threat models, design patterns, and solution blueprints aligned with strategic frameworks. Support programmes through architecture governance processes and risk assessments. Conduct architecture reviews and security ...

enforce security standards and best practices for all back-office systems Guide the team on secure web application development (OWASP Top 10, threat modelling) Plan, prioritise, and manage team workload to meet business objectives and delivery timelines Mentor and support team members, promoting best practices, conducting code reviews ...