26 to 50 of 120 Threat Modelling Jobs in the UK

into complex IT and digital initiatives Advise clients on cyber risk, governance and regulatory compliance frameworks including: ISO 27001 NIST GDPR PCI-DSS Conduct threat modelling and identify security vulnerabilities within solution designs Recommend pragmatic risk mitigation strategies to technical and non-technical stakeholders Support the implementation … IDAM Privileged Access Management (PAM) Single Sign-On (SSO) Network Security Encryption technologies Understanding of infrastructure, architecture methodologies and secure design principles Experience with threat modelling and reference architecture development Excellent stakeholder engagement and communication skills Ability to learn quickly and adapt within fast-paced environments Desirable Experience ...

including ISO 27001, NIST, GDPR, and PCI-DSS Communicate security risks, secure design principles, and mitigation strategies to technical and non-technical stakeholders Conduct threat modelling and support development of secure reference architectures Identify vulnerabilities within systems and articulate associated risks Research and solve complex security challenges through … Experience applying security technologies including PAM, SSO, IDAM/IAM, network security, and encryption Understanding of IT infrastructure, architecture, and solution design Experience with threat modelling and secure-by-design approaches Hands-on experience in Network and/or Cloud Security SABSA, CISSP, or similar certification Current ...

security delivery across the engineering lifecycle Translate customer requirements into actionable security management plans and deliverables Conduct cyber and information security risk assessments and threat analysis Manage and escalate technical and delivery risks Support Security Working Groups and customer security workstreams Work closely with engineers, architects and developers … Experience with Def Stan 05-138/05-139 and aviation security standards including RTCA DO-326A/B Proven experience in threat modelling, vulnerability analysis and security risk assessment Ability to work independently and communicate effectively with customers and stakeholders Qualifications Degree in Cyber Security, Systems Engineering ...

delivery without owning build or operations. Key Responsibilities Attend regular project and design meetings to understand requirements and delivery milestones. Perform initial and iterative threat modelling for new features, integrations, and architectural changes. Advise on secure architecture design, including IAM, network segmentation, encryption, and data protection. Recommend … being consistently applied. Essential Experience Proven experience as a Security Architect or senior cyber security consultant in digital delivery environments. Strong Secure by Design, threat modelling, and risk-based security expertise. Experience advising product teams in agile, cloud-based delivery contexts. Confident engaging with architects, developers, and delivery ...

part of a bigger team, working with a group of a Senior Security Architects and Digital Engineering stakeholders to produce security architecture artifacts, threat modelling, design assurance, and reusable patterns that strengthen the programme’s security posture. Key Responsibilities: You will lead and deliver core security architecture outputs … including: Digital Engineering Security Artifacts and Engagement Report Security Requirements Specification Security Principles Framework Infrastructure Mapping Document & Security Architecture Design Pack Threat Modelling Report Reusable Security Pattern Library Knowledge Transfer Pack (training materials, handover content, recorded walkthroughs) We are looking for someone with: Extensive Security Architecture/Security ...

embed security into lifecycle governance Define and implement a modern DevSecOps tooling strategy (CI/CD, SAST/DAST, SCM, automation) Drive secure coding, threat modelling, and supply chain security practices (SBOM, provenance, signing) Develop KPIs, metrics, and maturity models to track and continuously improve SDLC performance Build … NIST SSDF, OWASP SAMM/ASVS, ISO 27034) Strong understanding of modern engineering practices (Agile, CI/CD, cloud, automation) Expertise in application security, threat modelling, and secure coding standards Experience implementing tooling ecosystems (e.g. SAST, DAST, SCA, pipeline automation) A track record of influencing senior stakeholders ...

guardrails into CI/CD pipelines in partnership with engineering and platform teams. Defining and maintaining secure development standards, secure coding guidelines, and threat-modelling practices. Providing practical, risk-based security guidance to engineering, product, and architecture teams. Working with our Vulnerability Lead to drive identification, triage … into CI/CD pipelines (eg, GitHub, AWS DevOps). Strong understanding of Agile, DevOps, and cloud-native architectures. Practical experience with secure coding, threat modelling, and vulnerability management. Strong problem-solving skills and the ability to prioritise risk in line with business needs. ...

equivalent experience Experience applying cyber security principles across the systems or product engineering lifecycle Knowledge of cyber risk management and vulnerability management Experience with threat modelling frameworks such as MITRE ATT and CK, DEF3ND, or EMB3D Awareness of industrial control systems or operational technology environments Working knowledge … subject to required skills, your application to our client in conjunction with this vacancy only. Key Skills Product Cyber Security Specialist, Cyber Risk Management, Threat Modelling, NIST CSF, Industrial Control Systems, Secure by Design, Defence ...

software, infrastructure, and platform engineering teams to improve security across systems and workflows Contribute across a broad range of security initiatives, including detection, hardening, threat analysis, infrastructure protection, and secure engineering practices Investigate vulnerabilities, suspicious activity, and emerging threats, helping drive remediation and operational improvements Build scalable solutions that … improve visibility, detection quality, and security operations efficiency Support security architecture and threat modelling discussions, helping teams make pragmatic, risk-aware decisions Evaluate new attack techniques, tooling, and security research, translating relevant findings into actionable engineering improvements Help strengthen security awareness and engineering best practices across the wider ...

OEMs, ground handling, avionics suppliers Safety‐critical OT networks and mission‐critical control systems Technical Delivery Perform and/or lead: OT penetration testing Threat modelling and risk assessments Security architecture review for aviation technologies Compliance assessments and gap analyses (Part‐IS, 62443, NIS2 where applicable) Oversee technical … networks, architectures, and protocols Security risk assessment in safety‐critical environments Hands‐on cyber security experience, such as: Penetration testing (OT preferred) Threat modelling Incident response Architecture review Comfortable providing client‐facing advisory services. Experience working in or with regulated environments. Ability to simplify complex cyber concepts ...

quickly. Own the code review culture and provide constructive, educational feedback that raises the bar for everyone. Embed secure coding practices across the team: threat modelling, security testing, and dependency management. Build observability into your systems from the start, covering instrumentation, logging, monitoring, and alerting, so that your … cloud infrastructure. Practical knowledge of cloud platforms (Azure/AWS) and containers (Docker/Kubernetes). Strong security fundamentals across OWASP, secure coding, threat modelling, and security testing. Proven ability to design scalable, maintainable architectures and evolve complex legacy systems. AI-Native Engineering Practice Demonstrable experience using ...

business acquisition-focused role responsible for building pipeline, generating revenue, and winning new customers for cybersecurity services including VAPT, Red Teaming, Product Security, Threat Modelling, and Vulnerability Management. The ideal candidate will have experience selling cybersecurity services or technology solutions and be comfortable engaging with enterprise … tenders, and customer due diligence requests Promote and sell services including: VAPT (Web, Mobile, API, Cloud, Infrastructure) Red Teaming/Adversary Simulation Vulnerability Management Threat Modelling Product Security/Secure SDLC Advisory Develop repeat business and cross-sell opportunities within customer accounts Maintain accurate CRM updates, pipeline forecasts ...

translate complex security risks into clear architectural decisions. A key aspect of the role is the ability to challenge existing designs, conduct architecture assurance, threat modelling, and risk analysis, and provide clear, practical security guidance that can be implemented by engineering teams. The position involves working in highly … methodical approach to problem solving, and the ability to consistently challenge assumptions by asking the right questions (“why” driven mindset). Strong experience in threat modelling, risk assessment, and security architecture assurance is expected, along with the ability to communicate effectively with both technical teams and senior stakeholders. ...

Threat & Adversarial AI Expert 6 Months Contract + Extension London Based 2 days in the office £500 to £600 a day Inside IR35 A pioneering financial institution is seeking an experienced Threat & Adversarial AI Expert to join their cybersecurity team. You will act as the primary architect … safety for the firm's generative AI ecosystem, ensuring agentic capabilities remain resilient against an evolving global threat landscape. As a Threat AI Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE ...

Threat & Adversarial AI Expert 6 Months Contract + Extension London Based 2 days in the office £500 to £600 a day Inside IR35 A pioneering financial institution is seeking an experienced Threat & Adversarial AI Expert to join their cybersecurity team. You will act as the primary architect … safety for the firm's generative AI ecosystem, ensuring agentic capabilities remain resilient against an evolving global threat landscape. As a Threat AI Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE ...

Description Threat & Adversarial AI Expert 6 Months Contract + Extension London Based 2 days in the office £500 to £600 a day Inside IR35 A pioneering financial institution is seeking an experienced Threat & Adversarial AI Expert to join their cybersecurity team. You will act as the primary architect … safety for the firm's generative AI ecosystem, ensuring agentic capabilities remain resilient against an evolving global threat landscape. As a Threat AI Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE ...

IR35 Active SC Clearance Required Core Responsibilities Design and maintain secure architecture frameworks for enterprise systems across cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define and enforce security standards, reference architectures, and policy controls aligned ...

THROUGH UMBRELLA Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry … ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated experience ...

Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience in some … monitoring and detecting cyber security threats and incidents in real-time. Collaborate with teams to conduct incident investigations and develop response plans. Lead proactive threat hunting initiatives. Manage vulnerability assessments and penetration testing programs. Develop and maintain threat intelligence capabilities. Essential experience includes: Extensive experience in managing cyber ...

world national security impact, while enjoying hybrid working and strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration ...

assurance across complex systems or major programmes. Ability to produce clear architecture documentation and security artefacts. Strong understanding of secure design principles, risk management, threat modelling and security controls. Knowledge of UK Government/Defence security standards, guidance and assurance processes. Experience working with senior stakeholders across security … technical and non-technical audiences. Desirable experience Army programme experience or strong MOD stakeholder exposure. Experience with Sparx Enterprise Architect, ArchiMate, NAFv4 or similar modelling approaches. Knowledge of Joint Service Publications, NCSC guidance, ISO27001, NIST, CIS or related security frameworks. Experience across IAM, PKI, secure integration, cloud security, data ...

architectural governance artefacts. Ensure designs align with NCSC guidance , industry best practices (e.g., CIS Benchmarks), and organisational policy. Security Assurance Conduct security assessments and threat modelling against containerised and virtualised workloads. Validate platform configurations against security baselines, compliance frameworks, and risk appetite. Provide expert guidance during project delivery ...

architecture patterns, reference models, and solution blueprints. Lead security design for Base Metals OEMS platforms, ensuring alignment with performance, resilience, and regulatory requirements. Perform threat modelling, security risk assessments, and architecture reviews. Integrate security into DevOps pipelines, promoting DevSecOps best practices. Collaborate with engineering, infrastructure, and business teams ...

Familiarity with AI-assisted security tools, machine learning concepts for detection, or data-driven security analytics. Understanding of how AI can be applied to threat detection, anomaly detection, investigation support, and security operations automation. Awareness of emerging AI-driven attack techniques, including adversarial AI and automated exploitation methods. Familiarity … engineering and security teams to integrate AI-enabled security capabilities into operational processes. Support incident investigations using advanced analytics, AI-assisted tooling, and structured threat analysis techniques. Conduct threat modelling and security architecture reviews with a focus on emerging AI-enabled risks and system complexity. Identify vulnerabilities ...

person clients call when they need to understand how to modernise their security architecture, navigate a compliance challenge, or respond to an evolving threat landscape. You will own relationships with a portfolio of blue-chip enterprise clients , guiding them on their journey toward Zero Trust, SASE, and SSE adoption … clarity. Serve as a trusted thought partner as clients navigate regulatory compliance requirements, security frameworks (e.g. NIST, ISO 27001, NIS2, DORA), and evolving threat environments. Identify and shape new opportunities within existing accounts, recognising client challenges and translating them into well-formed propositions. Technical Leadership Provide authoritative guidance ...