1 to 25 of 102 Threat Modelling Jobs in the UK

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

position offering the opportunity to work with a diverse portfolio of clients, helping them strengthen their security posture and manage risk in an evolving threat landscape. You will play a key role in delivering security advisory services, conducting assessments, and supporting organisations in aligning with industry standards and best … practices. The role will also involve supporting clients with modern security challenges including threat modelling, secure-by-design practices, and emerging AI security considerations. Key Responsibilities Provide expert guidance on information security strategies, frameworks, and best practices Conduct security risk assessments, gap analyses, and audits Support clients ...

Lead technical security design across infrastructure, cloud and application environments Collaborate with SMEs across Identity, Security Testing and Privacy Conduct risk assessments and support threat modelling activities Provide clear justification of design decisions to both technical and non-technical stakeholders Ensure alignment to industry standards and government security … Understanding of network security, encryption, authentication and access control Experience with security tooling such as SIEM, IDS, firewalls and vulnerability assessment tools Knowledge of threat modelling and risk assessment TO BE CONSIDERED: Please either apply through this advert or emailing me directly via . For further information please ...

security requirements are effectively incorporated into system and service designs. The Security Design/Security Architect will be responsible for producing security designs, undertaking threat modelling activities, assessing security risks, supporting assurance processes and ensuring compliance with wider Government security standards. Key Responsibilities Develop and maintain security design … documentation for new and existing services. Produce Security Design Packs, Security Architecture Documents and Security Assurance artefacts. Conduct threat modelling workshops and document security controls. Review solution designs and ensure alignment with security policies and standards. Define security requirements for projects and programmes. Support security assurance, accreditation ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

expertise and a passion for security! Here’s what we need: • Governance, Risk & Compliance: Risk-based decisions, adherence to regulatory and internal security standards. • Threat Modelling and Risk Management: Identify threats and mitigations for complex cloud systems. • Cloud Security Expertise: broad knowledge across the following Security Domains … SIEM integration, event correlation. Responsibilities • Develop and enforce reference architectures, patterns, and blueprints for secure cloud adoption across Azure, GCP and hybrid environments. • Conduct threat modelling and security assessments for new cloud services, defining preventative and detective controls (via security guardrails) to maintain secure posture and detect drift. ...

risks are understood, controlled and aligned to organisational risk appetite, regulatory obligations and industry best practice. Key Responsibilities Core Responsibilities Lead security design reviews, threat modelling and risk assessments for applications, infrastructure, cloud services and third-party solutions. Define and recommend proportionate security controls, patterns and design guardrails … Experience and Skills Extensive experience in cyber security, security consulting, risk assessment or security architecture within regulated environments, ideally financial services. Strong knowledge of threat modelling methodologies, secure design principles, attack vectors and mitigating controls across network, application and cloud domains. Practical understanding of cloud security, secure application ...

current DV Clearance. What youll be doing: Lead the design and implementation of platform-wide security architectures and strategies. Drive secure SDLC practices including threat modelling, misuse cases, and risk analysis. Oversee security operations including vulnerability scanning, penetration testing, and assessments. Manage and optimise security tooling (Firewalls, VPNs … compliance teams to embed security-by-design. What youll bring : Strong background in network security, SIEM, IDAM, endpoint protection, and cloud security. Knowledge of threat intelligence, IOC analysis, and detection engineering. Experience in secure SDLC, code review, and threat modelling (incl. misuse cases). Understanding of encryption ...

platforms and customer-facing applications. Partner with engineering, infrastructure, and product teams to embed security-by-design principles throughout the software development lifecycle. Conduct threat modelling, security reviews, and risk assessments for new products and services. Design secure architectures across AWS, GCP, or Azure environments, including IAM, network … first organisations such as Monzo, Starling, Revolut, or similar. Strong expertise in cloud security (AWS preferred), application security, and modern architecture patterns. Experience with threat modelling, security governance, and risk management frameworks. Excellent stakeholder management skills with the ability to influence senior technical and business leaders. Relevant certifications ...

ensure security risks are understood, controlled and aligned to organisational risk appetite, regulatory obligations and industry best practice. Key Responsibilities Lead security design reviews, threat modelling and risk assessments for applications, infrastructure, cloud services and third-party solutions. Define and recommend proportionate security controls, patterns and design guardrails … Experience and Skills Extensive experience in cyber security, security consulting, risk assessment or security architecture within regulated environments, ideally financial services. Strong knowledge of threat modelling methodologies, secure design principles, attack vectors and mitigating controls across network, application and cloud domains. Practical understanding of cloud security, secure application ...

ensure security risks are understood, controlled and aligned to organisational risk appetite, regulatory obligations and industry best practice. Key Responsibilities Lead security design reviews, threat modelling and risk assessments for applications, infrastructure, cloud services and third-party solutions. Define and recommend proportionate security controls, patterns and design guardrails … Experience and Skills Extensive experience in cyber security, security consulting, risk assessment or security architecture within regulated environments, ideally financial services. Strong knowledge of threat modelling methodologies, secure design principles, attack vectors and mitigating controls across network, application and cloud domains. Practical understanding of cloud security, secure application ...

ensure security risks are understood, controlled and aligned to organisational risk appetite, regulatory obligations and industry best practice. Key Responsibilities Lead security design reviews, threat modelling and risk assessments for applications, infrastructure, cloud services and third-party solutions. Define and recommend proportionate security controls, patterns and design guardrails … Experience and Skills Extensive experience in cyber security, security consulting, risk assessment or security architecture within regulated environments, ideally financial services. Strong knowledge of threat modelling methodologies, secure design principles, attack vectors and mitigating controls across network, application and cloud domains. Practical understanding of cloud security, secure application ...

deployment/integration of security capabilities into engineering teams within the product domain. • You will drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., with the engineering teams. • Reducing friction is paramount and we are all about fast feedback within existing … console for a developer to check. • Support teams in a collaborative manner in matters of mobile application, web application, cloud and data security, with threat modelling, risk treatment and security advice across all security domains. If you can raise a PR to fix a security issue, do so. ...

strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish …/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience ...

security risks, issues, and mitigation plans throughout the delivery lifecycle. Ensure security requirements are captured, validated, and integrated into design and delivery documentation. Support threat modelling, risk assessments, and security reviews. Maintain and update assurance artefacts, including design documentation, risk registers, and compliance checklists. Facilitate security sign … governance processes. Strong communication and stakeholder engagement skills. Ability to interpret technical documentation and translate security requirements into actionable tasks. Desirable Skills Experience with threat modelling tools and techniques. Knowledge of cloud security (AWS, Azure, GCP). Understanding of regulatory and compliance frameworks. Background in cyber security ...

teams Contribute code and patches to security tooling and configurations Secure Development Define and enforce secure coding standards Conduct security-focused code reviews and threat modelling for new features Provide remediation guidance for application vulnerabilities Train and support developers on secure coding practices Vulnerability Management Triage, patch … Experience with CSPM tooling (Wiz, Prisma Cloud, or similar) Penetration testing or bug bounty experience Experience in regulated environments (healthcare, financial services) Familiarity with threat modelling frameworks (STRIDE, PASTA) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero ...

frameworks including ISO 27005 and NIST RMF Lead risk identification, assessment and treatment across applications, infrastructure and digital services Facilitate structured risk workshops and threat modelling sessions Assess solution architectures to identify security risks and control gaps Review and interpret IT Health Check outputs and define clear remediation … defence Proven ability to engage senior stakeholders and influence decisions Ability to translate technical findings into clear, actionable risk outcomes Confident leading risk workshops, threat modelling and control assessments Experience working within Agile delivery environments Strong analytical capability and sound judgement Any candidates must have an active ...

frameworks including ISO 27005 and NIST RMF Lead risk identification, assessment and treatment across applications, infrastructure and digital services Facilitate structured risk workshops and threat modelling sessions Assess solution architectures to identify security risks and control gaps Review and interpret IT Health Check outputs and define clear remediation … defence Proven ability to engage senior stakeholders and influence decisions Ability to translate technical findings into clear, actionable risk outcomes Confident leading risk workshops, threat modelling and control assessments Experience working within Agile delivery environments Strong analytical capability and sound judgement Any candidates must have an active ...

across enterprise-scale IT and cloud transformation programmes * Provide security advisory services to public sector and Defence clients * Support secure-by-design initiatives and threat modelling activities * Advise on regulatory and compliance frameworks including ISO 27001, NIST, GDPR, and PCI-DSS * Identify vulnerabilities and communicate security risks … risk management * Experience contributing to solution designs and security architectures * Knowledge of identity and access management, network security, and secure infrastructure concepts * Understanding of threat modelling and reference architecture development * Strong stakeholder engagement and communication skills * Ability to work within complex, fast-moving consulting environments Desirable Experience * Hands ...

into complex IT and digital initiatives Advise clients on cyber risk, governance and regulatory compliance frameworks including: ISO 27001 NIST GDPR PCI-DSS Conduct threat modelling and identify security vulnerabilities within solution designs Recommend pragmatic risk mitigation strategies to technical and non-technical stakeholders Support the implementation … IDAM Privileged Access Management (PAM) Single Sign-On (SSO) Network Security Encryption technologies Understanding of infrastructure, architecture methodologies and secure design principles Experience with threat modelling and reference architecture development Excellent stakeholder engagement and communication skills Ability to learn quickly and adapt within fast-paced environments Desirable Experience ...

What you'll do: Design secure solutions across applications, networks, and cloud environments, ensuring security standards and controls are built into delivery. Carry out threat modelling activities to identify security risks, vulnerabilities, and potential gaps within technical solutions. Support secure architectural decision-making by assessing risks, business impact … environments. Strong understanding of modern enterprise technologies, including Cloud, AI, APIs, microservices, and modern application architectures. Knowledge of current cyber threats and experience with threat modelling frameworks such as STRIDE and MITRE ATT&CK. Solid understanding of key security domains including IAM, network security, cryptography, endpoint security ...

highly regulated defence environment. Key responsibilities: • Deliver Secure by Design and cyber security activities across the engineering lifecycle • Conduct cyber security risk assessments and threat modelling activities • Support development of security artefacts including RMADS, SyOPs, risk registers and security management documentation • Participate in Security Working Groups and stakeholder … experience required: • Experience working within defence, aerospace, aviation or highly regulated environments • Strong understanding of Secure by Design principles • Experience with security risk assessments, threat modelling and security assurance • Experience supporting security activities across the engineering lifecycle • Knowledge of MOD and industry security standards/frameworks such ...