12 of 12 Threat Modelling Jobs in the South West

resilient to evolving cyber and information threats. Key Responsibilities Identify, interpret, and integrate security requirements throughout the product and system development lifecycle . Lead threat modelling and risk assessments , applying recognised frameworks such as ISO/IEC 27001, NIST 800-30/53, and ISO 31000. … configure industry-standard threat-modelling tools (e.g., STRIDE-based tools, attack-tree tooling). Provide expert advice on secure architectures, ensuring risks are understood, prioritised, and mitigated. Ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-138/05-139 , and ISN 23/ ...

. Youll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. We dont expect you to know everything … just to be curious, practical, and willing to dive in. What Youll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/ ...

world national security impact, while enjoying hybrid working and strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ITHC scoping and remediation Certifications ...

delivering high-quality cyber risk assessments and assurance in complex digital environments, preferably in government or critical infrastructure. Strong knowledge of cyber risk management, threat modelling, security architecture, and IT Health Checks, including experience with SaaS and cloud security. Skilled at applying cyber security standards, regulatory frameworks ...

portfolio of assignments, advising on risk, architecture, and secure delivery for nationally critical systems. Key responsibilities include • Engaging directly with client teams to understand threat landscape, risk appetite, and delivery constraints • Defining and documenting proportionate security architectures aligned to business outcomes • Leading threat modelling and security design ...

implementing security controls across CI/CD pipelines and cloud infrastructure Driving improvements in secure development maturity, tooling, and automation Supporting teams with threat modelling, secure architecture patterns, and cloud security best practices Working closely with central security, platform, and engineering teams to balance risk, delivery, and usability ...

across the programme to ensure that the new technology is secure by design Support the teams to interpret security requirements of the project Conduct threat modelling and pen testing to identify threats and establish controls Support wider teams with security advice and guidance in both a verbal ...

Elicit and document business and functional requirements with embedded security and privacy considerations. Produce security-aware artefacts, including Business Requirements Documents (BRDs), Functional Specifications, Threat Modelling inputs, Risk Assessment reports, and Security Requirements Traceability Matrix (SRTM). Support the identification and documentation of service assets, data flows ...

Role: Lead each project and programme with Secure by Design Identify security risks, constraints, and dependencies, and translate these into clear, prioritised recommendations. Facilitate threat modelling and risk workshops with multidisciplinary teams. Define pragmatic security control expectations aligned to service risk and context. Produce concise written outputs that ...

security architecture posture (Entra ID/OIDC, encryption, key management, network zoning, data protection). Produce a high-level design (HLD) with C4 diagrams, threat model (e.g., STRIDE), privacy/data handling assessment, and decision logs (ADRs). Build the architecture runway for Phase 2, with principles, patterns, guardrails … estimated remediation effort. Deliverables (by end of the audit) HLD with current vs target C4 diagrams. Threat model and NFR catalogue with measurable acceptance criteria. Architectural risk/assumptions/issues log and ADRs. Option analysis with cost/benefit and effort estimates. Phased roadmap, integration inventory, and high ...