1 to 25 of 34 Threat Modelling Jobs in the South East

awareness: Contribute to the development and delivery of security awareness training for internal staff. Stay current: Keep abreast of the latest security threats, vulnerabilities, exploits, and industry best practices. Threat modelling: Participate in threat modelling exercises to identify potential attack vectors and design flaws. Ad-hoc security testing: Perform ad-hoc security assessments and provide expert More ❯

awareness: Contribute to the development and delivery of security awareness training for internal staff. Stay current : Keep abreast of the latest security threats, vulnerabilities, exploits, and industry best practices. Threat modelling: Participate in threat modelling exercises to identify potential attack vectors and design flaws. Ad-hoc security testing : Perform ad-hoc security assessments and provide expert More ❯

our continual information security strategy, joining us on our journey and developing yourself along the way. Why Join Us? Work with a talented team of security professionals in a threat-driven environment. Ability to help shape the future of our cyber defence capabilities across a wide and diverse range of businesses. Competitive compensation and benefits package. Flexible work environment … with opportunities for remote work and professional development. Key responsibilities: Reporting to the Director of Information Security & Information Technology, you will be responsible for: - Build and own Seniors threat intelligence strategy. Develop and own the threat management program with regular assessments, threat modelling, risk prioritisation and remediation activities. The individual will serve as a subject matter … expert incyber threat management, advising our various businesses on adversary activities, situational awareness and defensive actions. Designing tactical and strategic responses to emerging security threats Define, implement and manage our cyber threat capability working with our local IT teams, MSSP partners, vendors and other key stakeholders. Provide our IT teams with guidance on adversary intentions, objectives and potential More ❯

development lifecycle and CI/CD processes and working with the IT Infrastructure team on the security elements of migrating on-premise Windows estate to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling More ❯

development lifecycle and CI/CD processes and working with the IT Infrastructure team on the security elements of migrating on-premise Windows estate to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling More ❯

controls, and ensuring adherence to security policies. Drive the selection and integration of security technologies and services within cloud ecosystems (AWS, Azure, GCP preferred). Risk & Compliance Management: Lead threat modeling, risk assessments, and security posture management across cloud environments. Ensure architectural designs meet stringent regulatory compliance requirements relevant to the financial industry in Europe (e.g., data residency, privacy More ❯

security into everything we dofrom infrastructure to application design. Key Responsibilities Design and implement security controls across cloud platforms (AWS, Azure, or GCP) Develop and maintain security tooling for threat detection, vulnerability management, and incident response Lead threat modelling and risk assessments for critical systems and services Collaborate with engineering teams to integrate security best practices into More ❯

architecture strategy. Act as a trusted security advisor to senior leadership and engineering teams. Guide the design and integration of secure solutions across applications, infrastructure, and data platforms. Perform threat modelling, architecture reviews, and propose mitigation strategies. Ensure alignment with European regulatory standards (e.g., GDPR, PSD2, DORA, NIS2). Embed DevSecOps into SDLC and CI/CD pipelines More ❯

an ad-hoc basis until the move has been completed Maintain Nessus vulnerability management, update systems, run scans and provide reports Cover email security using Mimecast Enterprise Real world threat modelling and incident response (mainly L3/L4 when required) Make suggestions and influence various areas of the business/group from a security perspective Automate tasks and … ideal) Microsoft Defender for EDR/XDR/MDR Nessus for vulnerability management Mimecast for email security SCCM/Intune for patch management L3/L4 Incident Response experience Threat Intelligence/modelling experience Automating tasks using PowerShell, Python etc What’s in it for you? In return you’ll be joining a well established organisation at an More ❯

effectiveness. Deliver security architecture for cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What You'll Bring Prior and proven experience More ❯

Significant experience in Financial Services or Insurance, including PCI-compliant environments. Expert knowledge of network and cloud security using Azure, Hands-on experience with application security, data protection, and threat modelling. Confident communicator, able to influence across technical and business functions. Track record in risk assessment, vulnerability management and secure architecture delivery. Knowledge of DevSecOps, SIEM, IAM, DLP, and More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and drive remediation. - Communicate technical findings clearly to both technical and executive audiences. - Influence security architecture and product design through early More ❯

best practices, and support enterprise-wide Azure security initiatives. Key Responsibilities Design and implement secure architectures within Microsoft Azure, ensuring alignment with business and compliance requirements. Conduct Azure-specific threat modelling, risk assessments, and security reviews across infrastructure and applications. Collaborate with cloud engineering, DevOps, and compliance teams to embed security into the Azure development lifecycle. Define and More ❯

DevSecOps integration into CI/CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity Champion secure design, threat modelling and coding best practices across engineering teams Partner with sales and business development for pre-sales, client proposals, and solution design Drive financial oversight of the function More ❯

/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre-sales, delivery and review phases Managing financials, resource planning, and service maturity across the Secure SDLC portfolio Acting as escalation More ❯

security into solution designs. Monitor compliance with internal policies, external regulations and industry good practice. (e.g., GDPR, ISO27001, CIS, ISF, NIST). Provide expert guidance on security best practices, threat modelling, and mitigation strategies. Support incident response and post-incident reviews from an architectural perspective. Skills and experience you need asInformation Security & Assurance Specialist: Strong understanding of all More ❯

RAG pipelines, agentic workflows and document intelligence systems Embed cybersecurity and data privacy controls across all AI workflows (e.g., encryption, anonymisation, access logging) Collaborate with the CISO function on threat modeling, security reviews, and AI-specific control design. Integrate with enterprise IAM systems, enforcing RBAC, least privilege Conduct vulnerability scans, pen-test remediation, and support internal and regulatory audits More ❯

cybersecurity and data privacy controls across all AI workflows, including encryption, anonymisation, and access logging. Collaborate with CISO: Work closely with the Chief Information Security Officer (CISO) function on threat modelling, security reviews, and AI-specific control design. Enterprise Integration: Integrate with enterprise Identity and Access Management (IAM) systems, enforcing Role-Based Access Control (RBAC) and least privilege More ❯

of experience in cloud or information security. Proven experience securing Google Cloud Platform (GCP) environments. Strong understanding of cloud security principles and native controls. Experience with incident response and threat modelling. Relevant certifications such as: Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) Key Attributes Strong verbal and written communication skills. More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts, incidents … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … equivalent function. Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP More ❯

practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management).* Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices.* Advise on threat modeling, risk assessments, and vulnerability management.* Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).* Develop and enforce security policies, standards, and best More ❯

Collaborate with development teams (Go and Node.js) to remediate security issues. Evaluate and Test TEE solutions (e.g., AWS Nitro Enclaves, Azure Confidential Computing and Google Confidential Computing.). Conduct threat modeling and risk assessments. Develop and maintain security testing tools and automation scripts. Stay current with emerging security threats, vulnerabilities, and mitigation techniques. Proven experience in penetration testing and More ❯

such as CISSP, CISM, AWS Security Specialty, or Certified Identity and Access Manager (CIAM). Agile (Scrum Master, SAFe) and cloud (AWS Cloud Practitioner) certifications. Experience in security assessments, threat modeling, or governance/risk/compliance (GRC) tooling. Benefits Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is More ❯

in identifying and mitigating security risks# Ability to make actionable recommendations for security improvements Experience with GDPR and data protection, together with knowledge of IS standards Security assessment frameworks (threat modelling, controls assessment, risk assessment) Relevant qualifications; CISSP, CISM or similar would be beneficial. Based in Central London, 4 days per week onsite initially dropping to 3 once More ❯

services and best practices. Solid understanding of cloud security principles, including shared responsibility model, cloud native security controls, and infrastructure as code security. Experience with security incident response and threat modelling. Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) This is very much a hands-on role requiring GCP and Azure More ❯