1 to 25 of 118 Threat Modelling Jobs in the UK excluding London

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and … Threat Modelling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation … strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models More ❯

Job title Senior Cyber Threat Intelligence Analyst Ref 40789 Division Digital Transformation Location Reading - Clearwater Court - RG1 8DB Contract type Permanent Full/Part-time Full-time Hours 36 Salary Offering up to £65,000 per annum depending on experience Job grade B Closing date 15/05/… As a Senior Cyber Threat Intelligence Analyst , you will play a key role in protecting Thames Water's digital infrastructure by researching, analysing, and communicating the latest cyber threats facing the organisation. You'll evaluate global risks, provide actionable intelligence to stakeholders, and support the development of a robust … threat-informed defence strategy. You'll also work collaboratively across teams to enhance our threat intelligence capabilities, inform vulnerability management, and strengthen incident response readiness. Your role will involve maintaining threat actor profiles, managing intelligence feeds, supporting compliance, and shaping threat intelligence processes to align with More ❯

engineering teams and proactively identify, assess, and remediate security risks across our product portfolio. This role will focus on secure development practices, vulnerability management, threat modelling, and driving a shift-left security culture. The ideal candidate is a pragmatic problem solver with strong technical expertise in application security … will you contribute? Secure SDLC Integration: Embed security within the software development lifecycle, ensuring security is considered at every phase-from design to deployment. Threat Modeling & Security Design Reviews: Conduct structured threat modelling and security assessments for new features, architectures, and services. Vulnerability Management & Remediation: Work closely … tenant cloud environments. Knowledge of machine learning security (AI/ML model risks, LLM security best practices). Familiarity with attack surface management and threat intelligence. What do we offer? We value our people and offer a competitive salary along with company bonus. Strong maternity and paternity scheme. A More ❯

and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking Job information: Functional title – Senior Threat Hunter Department – IT Security Corporate level – Vice President Report to – Executive Director Location - London, onsite 2 days per week Job purpose: CLS is seeking … a highly motivated, and skilled Senior Threat Hunter to join a global threat management team. The role will be located in London. The position will report to the Head of Cyber Threat Intelligence and will proactively identify, investigate, and mitigate advanced cyber threats across our organization’s … network and systems. Leveraging a deep understanding of the latest attack techniques, threat actor tactics, and security tools, you will help safeguard our infrastructure and ensure the resilience of our networks. The ideal candidate will be aware of industry trends and frameworks and how they could impact our business. More ❯

ensure the integration of security controls during the product development lifecycle. Develop and implement risk management strategies using relevant risk assessment frameworks & perform security threat modelling and risk assessments using various threat modelling tools Communicate risk findings and recommendations to stakeholders, including senior management and product More ❯

ensure the integration of security controls during the product development lifecycle. Develop and implement risk management strategies using relevant risk assessment frameworks & perform security threat modelling and risk assessments using various threat modelling tools Communicate risk findings and recommendations to stakeholders, including senior management and product More ❯

by-design principles, ensuring security is embedded throughout the product lifecycle. Key Responsibilities Define and integrate security requirements into the product development lifecycle. Perform threat modelling, risk assessments, and implement appropriate mitigation strategies. Advise on solution architecture to minimise security risks and ensure compliance with security standards. Collaborate … MOD-specific guidelines (e.g., JSP, Def Stan 05-138/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to More ❯

manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance requirements for secure communications, supply chain security, platform integration, and physical … engineering context. Ability to interpret and apply security requirements across the engineering lifecycle, ensuring traceability and alignment with delivery controls. Capable of contributing to threat modelling, risk assessments, and technical reviews with clear, structured input. Confident working independently in complex, multi-stakeholder environments while managing priorities and deadlines More ❯

manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance requirements for secure communications, supply chain security, platform integration, and physical … engineering context. Ability to interpret and apply security requirements across the engineering lifecycle, ensuring traceability and alignment with delivery controls. Capable of contributing to threat modelling, risk assessments, and technical reviews with clear, structured input. Confident working independently in complex, multi-stakeholder environments while managing priorities and deadlines More ❯

About the Role Are you a Security Architect who specialises in Microsoft Azure with experience of Secure By Design & threat modelling? If so, come and join EDF as a Security Architect! The Opportunity As a Security Architect you'll take responsibility for supporting the design and delivery of … security input into projects and technical change, ensuring that security is embedded from the outset, and you'll develop artefacts such a security designs, threat models and risk assessments to support solution delivery. The Security Architect will produce clear and concise documentation, maintaining alignment to internal governance processes and … pragmatic mindset to problem-solving, balancing ideal security outcomes with business priorities. We're looking for someone with hands-on experience in risk assessment, threat modelling, security control selection, and integrating Secure by Design principles into technical delivery. You'll also have experience working within Agile and DevSecOps More ❯

by the IS Security team Support IS Security to achieve regulatory and statutory compliance requirements Complete cyber risk assessments, including third party suppliers Apply threat modelling principles to complex system and solution designs to identify security risks and appropriate mitigations Support, monitor and recommend improvements to cyber incident … and governance requirements and identifying suitable controls. (essential) Experience of delivering cloud focused security solutions with a solid understanding of modern cyber threats and threat modelling techniques (preferred) Good understanding of security frameworks (NIST CSF, Mitre ATT&CK) (essential) What You’ll Get in Return: We are committed More ❯

by the IS Security team Support IS Security to achieve regulatory and statutory compliance requirements Complete cyber risk assessments, including third party suppliers Apply threat modelling principles to complex system and solution designs to identify security risks and appropriate mitigations Support, monitor and recommend improvements to cyber incident … and governance requirements and identifying suitable controls. (essential) Experience of delivering cloud focused security solutions with a solid understanding of modern cyber threats and threat modelling techniques (preferred) Good understanding of security frameworks (NIST CSF, Mitre ATT&CK) (essential) What You’ll Get in Return: We are committed More ❯

sensor technology. Protecting these systems from security threats is vital to ensuring the safety of both vehicles and passengers. Key Responsibilities: Security SME for threat modelling of cloud-powered vehicle connectivity platforms Ensuring the security of mobile integrations, over-the-air updates, and digital services Collaborating with developers … embed security thinking into every stage of development Requirements: Strong expertise in cloud security, particularly with AWS, authentication, PKI, and related areas Experience in threat modelling, particularly identifying and addressing security risks in cloud-based products Excellent communication skills to collaborate effectively with developers and security teams A More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at the More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

draw upon Enterprise Security Architecture or Security Solutions Architecture to: Identify business objectives, user needs, risk appetite and cyber security obligations Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/… of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than … practice within Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security More ❯

and technical operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design and … Architecture: Proven track record in designing and implementing security architectures in complex environments. Risk Management: Ability to identify and mitigate security risks; knowledge of threat modelling and frameworks such as MITRE ATT&CK, CIS, and OWASP. Analytical Skills: Strong problem-solving abilities to translate business requirements into technical … security in cloud environments. Security tooling: experience in any of the following; (Wiz, CrowdStrike, Proofpoint, BitSight, Akamai, CATO) Experience with security engineering, incident response, threat hunting, or digital forensics. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, CISM, CEH, Microsoft Security Certifications, AWS Security Specialty. Knowledge of ITIL. What More ❯

and associated processes. Help drive a robust security posture for a large, complex organisation, trading globally within a constantly evolving IT and information security threat environment. Impact of Role Implement governance framework to enable enforcement and management of IT and cyber policies across all JD entities. Help drive good … understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and risk management methodologies. Experience with controls development and management tools, and familiarity with security controls, threat modelling, and vulnerability management. Experience of third-party risk management. Knowledge of regulatory requirements and compliance frameworks (e.g., GDPR, ITGC, PCI-DSS, etc More ❯

and vulnerability management to protect critical systems. Design, implement, and maintain security architectures and frameworks aligned with government standards. Lead and support risk assessments, threat modelling, and incident response initiatives. Work closely with stakeholders to ensure compliance with NCSC and other relevant security policies. Develop and deliver security … technical expertise in areas such as network security, endpoint security, cloud security, and secure system architecture. Experience in penetration testing, vulnerability management, and cyber threat intelligence. Solid knowledge of security technologies such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR). Strong understanding of risk More ❯

and services, with a focus on ensuring the security of gas operations Define and document security architecture blueprints for new systems and applications, including threat modelling and risk assessments Establish security standards, best practices, and design patterns to support cloud, physical and operational technologies Collaborate with development teams … into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with More ❯

and services, with a focus on ensuring the security of gas operations Define and document security architecture blueprints for new systems and applications, including threat modelling and risk assessments Establish security standards, best practices, and design patterns to support cloud, physical and operational technologies Collaborate with development teams … into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with More ❯

security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous … Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can More ❯

Expertise in IT infrastructure architecture (eg networks, servers, storage, virtualisation), application architecture (eg integration, APIs, data), and cyber security architecture (eg identity & access management, threat modelling, security controls). Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. Proven experience leading More ❯

are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or More ❯