1 to 25 of 45 Threat Modelling Jobs in the Thames Valley

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

data pipelines. Participate in enterprise-wide architecture initiatives for AI/ML. Understand the workflow and pipeline architectures of ML and deep learning workloads. Conduct security risk assessments and threat modelling for AI/ML and other business projects performed thorough design reviews and security assessments of architectures and designs, identifying vulnerabilities, threats, and risks, and providing recommendations … common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework. Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses. Familiarity with current and emerging regulations and standards, such as the EU AI More ❯

Conduct authorized assessment of infrastructure and applications to proactively identify security weaknesses. Verify weaknesses by leveraging attacker techniques to evaluate the difficulty and effectiveness of potential attack from various threat actors. Provide comprehensive and actionable recommendations to counter the threat posed by identified security weaknesses, given the applicable threat landscape. Bring an offensive mindset to the design … and to business management and leadership, indicating the impact to the business of verified weaknesses found. Research and develop testing tools, techniques and processes. Assist incident response and security threat surveillance functions to advise on current attacker tools, techniques and procedures. Contribute to the continuous improvement of security processes, tools and techniques to counter threats faced by SITA and … our customers. Contribute to the automation of security activities as part of the DevOps lifecycle. Provide guidance on secure product design: Threat Modelling, architecture reviews. Qualifications EXPERIENCE 5-7 years' experience in at least three of the following fields: Network penetration testing Web and mobile application assessments Cloud penetration testing (Azure, AWS,...) Mastery of Unix/Linux More ❯

data pipelines to model deployment. Key Responsibilities Architect and implement security controls for AI/ML systems, data pipelines, and CI/CD processes. Conduct security risk assessments and threat modelling on AI/ML workflows. Drive secure coding practices and integrate security into MLOps/DevOps pipelines. Address challenges such as adversarial attacks, data poisoning, and prompt … Essential Experience & Skills Proven experience as a Security Architect with direct focus on AI/ML security. Strong knowledge of AI/ML technologies, frameworks (e.g. TensorFlow, PyTorch), and threat landscapes. Background in development or data science is highly advantageous. Expertise in secure development practices and cloud-native architectures. Hands-on experience with threat modelling, adversarial testing … etc.). Excellent stakeholder communication and collaboration skills. Experience working on large-scale data or AI projects in regulated sectors. Exposure to the MITRE ATLAS framework or similar AI threat knowledge bases. Seniority level Seniority level Mid-Senior level Employment type Employment type Contract Job function Job function Information Technology Industries Staffing and Recruiting Referrals increase your chances of More ❯

data pipelines. * Participate in enterprise-wide architecture initiatives for AI/ML. Understand the workflow and pipeline architectures of ML and deep learning workloads. * Conduct security risk assessments and threat modelling for AI/ML and other business projects performed thorough design reviews and security assessments of architectures and designs, identifying vulnerabilities, threats, and risks, and providing recommendations … common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework. * Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses. * Familiarity with current and emerging regulations and standards, such as the EU AI More ❯

data pipelines. * Participate in enterprise-wide architecture initiatives for AI/ML. Understand the workflow and pipeline architectures of ML and deep learning workloads. * Conduct security risk assessments and threat modelling for AI/ML and other business projects performed thorough design reviews and security assessments of architectures and designs, identifying vulnerabilities, threats, and risks, and providing recommendations … common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework. * Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses. * Familiarity with current and emerging regulations and standards, such as the EU AI More ❯

is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and delivery tools (e.g. … Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants whose More ❯

have: Experience creating application security strategies, standards, and best practices. Experience working with security issues in software architecture, development, including static/dynamic analysis, dependency checks, OWASP Top10, and threat modeling. Experience in an Agile environment with modern CI/CD tools like GitHub, Jenkins, Bamboo. Ability to translate security policies into effective security controls. Knowledge of security standards More ❯

data pipelines to model deployment. Key Responsibilities Architect and implement security controls for AI/ML systems, data pipelines, and CI/CD processes. Conduct security risk assessments and threat modelling on AI/ML workflows. Drive secure coding practices and integrate security into MLOps/DevOps pipelines. Address challenges such as adversarial attacks, data poisoning, and prompt … Essential Experience & Skills Proven experience as a Security Architect with direct focus on AI/ML security. Strong knowledge of AI/ML technologies, frameworks (e.g. TensorFlow, PyTorch), and threat landscapes. Background in development or data science is highly advantageous. Expertise in secure development practices and cloud-native architectures. Hands-on experience with threat modelling, adversarial testing … . Excellent stakeholder communication and collaboration skills. Desirable Experience working on large-scale data or AI projects in regulated sectors. Exposure to the MITRE ATLAS framework or similar AI threat knowledge bases. Esther Urtecho Senior Delivery Consultant London | Bristol | Amsterdam More ❯

our flagship products cyber resilient? We are looking for a Security Engineer to join our Information Security team at our Oxford headquarters. You will be working across software engineering, modelling, and data science bringing your full self, including your security knowledge and expertise to the business. As a Security Engineer at Aurora Energy Research, you will enable our colleagues … reduction outcomes. Build secure products. Ensure security is considered throughout the product and software development life cycle. Provide security best practice, build security design patterns, complete security architecture reviews, threat models and risk assessments. Help solve engineering problems by implementing technical controls to mitigate risk. Ensure we are deploying solutions into a secure environment . Ensure we build solutions More ❯

servers, VM environments, client machines, and cloud services.o Proficiency in security-related software and tools, understanding of secure network architectures, experience with encryption and security protocols, and familiarity with threat modelling and risk assessments.o Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.o Strong analytical skills to identify security threats and implement effective solutions.o Ability More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design from a More ❯

Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design from a More ❯

Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design from a More ❯

stakeholders to embed security throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards across web, mobile, and cloud-native applications. Provide security guidance during product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/… for code analysis and runtime protection. Requirements: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies like STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding More ❯

including: How to test for/exploit them, real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE) Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited Career Level - IC3 Responsibilities What We’ll Give You A team of very More ❯

a fast-growing FinTech that is reshaping the payments landscape. You will collaborate with engineering teams to build security into products from day one, focusing on secure cloud architecture, threat modelling, and risk management. This is not a hands-off role. You will be the go-to advisor for product teams, helping them understand risk, make informed security … assessments and drive a secure-by-design culture Collaborate with engineering teams on cloud-native architecture (GCP, AWS, Azure) Analyse vulnerabilities, prioritise risks, and manage remediation through Jira Lead threat modelling and architecture reviews Shape security tooling and process improvements What you will bring 3 to 5 years in Cyber Security, Product Security, or Secure Software Development Strong … knowledge of GCP (primary), AWS, Azure Experience with threat modelling, AppSec, and security in CI/CD pipelines Ability to communicate security concepts clearly and balance risk with business priorities A collaborative, pragmatic approach Shape security at scale in a high-growth FinTech Work in a fast-paced, collaborative environment Salary £80,000 to £90,000 + benefits More ❯

and mentoring junior team members, will play a key role in fostering a proactive security culture. Preferred Skills, Qualifications and Experience Demonstrated mastery in securing Android platforms, including advanced threat modelling and the design of sophisticated anti-cheat mechanisms. Excellent command of low-level systems programming and operating system internals. Extensive experience in reverse engineering, ARM assembly knowledge … work efficiently with development, infrastructure, and information security teams, ensuring seamless integration of security features. Creative approach to security challenges with a relentless drive to stay ahead of emerging threat landscapes. Main Responsibilities Leading initiatives to identify, analyse, and reverse engineer sophisticated exploits, vulnerabilities, and cheat mechanisms, formulating and executing robust countermeasures. Defining, designing and implementing advanced, scalable anti … robust security features, setting strategic direction on secure development practices. Providing technical leadership and mentorship to junior developers and security engineers, fostering a culture of continuous learning and proactive threat mitigation. Assessing emerging threat vectors and hacker tactics, then updating and refining security strategies and policies to maintain the Company’s competitive edge. Guiding the creation and maintenance More ❯

and mentoring junior team members, will play a key role in fostering a proactive security culture. Preferred Skills, Qualifications and Experience Demonstrated mastery in securing Android platforms, including advanced threat modelling and the design of sophisticated anti-cheat mechanisms. Excellent command of low-level systems programming and operating system internals. Extensive experience in reverse engineering, ARM assembly knowledge … work efficiently with development, infrastructure, and information security teams, ensuring seamless integration of security features. Creative approach to security challenges with a relentless drive to stay ahead of emerging threat landscapes. Main Responsibilities Leading initiatives to identify, analyse, and reverse engineer sophisticated exploits, vulnerabilities, and cheat mechanisms, formulating and executing robust countermeasures. Defining, designing and implementing advanced, scalable anti … robust security features, setting strategic direction on secure development practices. Providing technical leadership and mentorship to junior developers and security engineers, fostering a culture of continuous learning and proactive threat mitigation. Assessing emerging threat vectors and hacker tactics, then updating and refining security strategies and policies to maintain the Company’s competitive edge. Guiding the creation and maintenance More ❯