17 of 17 Threat Modelling Jobs in the North of England

standardise assessments across platforms. Conduct comprehensive platform security reviews (build systems, CI/CD pipelines, runtime infrastructure, developer tooling) against defined framework criteria. Perform threat modelling and gap analysis, identifying vulnerabilities and systemic risks impacting source code, artifacts, and workloads. Engineering Platform Security Enablement Establish standardised secure architecture … security controls. Strong knowledge and understanding of service mesh, cryptography, network security, application security, vulnerability management, and risk management. Demonstrable ability to conduct threat modelling, platform security assessments, and gap analysis. Experience building and implementing maturity models, frameworks, or roadmaps in complex enterprise environments. Strong stakeholder management skills ...

strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish …/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience ...

productivity. Mentor senior engineers and influence technical leaders across the organisation. Secure-by-Design & Compliance Embed secure-by-design principles into architectural decisions. Ensure threat modelling is performed for new features and major changes. Champion secure coding standards and integration of security testing into the delivery pipeline. Collaborate … delivery of product capabilities. Strong background in cloud-native architectures (microservices, event-driven, distributed systems). Deep understanding of secure-by-design principles, threat modelling, cryptography basics, and modern security practices. Experience with API design, integration patterns, and domain-driven design (DDD) and Event Driven Design. Ability ...

evolve secure, enterprise-grade architectures across cloud, hybrid, and on-prem environments. Embed security into every stage of our SDLC Conduct risk assessments and threat modelling, proactively identifying vulnerabilities and mitigation strategies Develop and maintain security policies and frameworks aligned with NIST, ISO 27001, and CIS Controls Guide ...

identity management (e.g., Entra ID), and secure application development. Deliver clear cybersecurity advice to technical and non-technical stakeholders on Azure security best practices, threat protection, and compliance. Champion 'Secure by Design' across IT infrastructure, emphasizing Azure Defender, Sentinel, and application security controls. What were looking for Expertise … application security (e.g., OWASP, DevSecOps), and network segmentation. Strong knowledge of Azure-specific security tools (e.g., Azure Security Center, Key Vault, Policy, Private Link), threat modelling, secure SDLC, and assurance processes. Experience delivering "secure by design" in regulated sectors (e.g., finance, healthcare, critical infrastructure), including Azure compliance certifications ...

with the highest security standards. Design and create secure Enterprise-Grade Architectures Across Cloud, Hybrid, and On-Prem Environments Conduct comprehensive risk assessments and threat modelling to proactively identify vulnerabilities and develop effective mitigation strategies Develop and maintain security policies and frameworks that adhere to industry standards such ...

security solutions to support meeting industrial and security frameworks such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP. Proven experience in risk assessment, threat modelling and implementing security controls. Expertise in managing user identities and securing access to systems. Knowledge of encryption, hashing, and tokenization techniques ...

security solutions to support meeting industrial and security frameworks such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP. Proven experience in risk assessment, threat modelling and implementing security controls. Expertise in managing user identities and securing access to systems. Knowledge of encryption, hashing, and tokenization techniques ...

security solutions to support meeting industrial and security frameworks such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP. Proven experience in risk assessment, threat modelling and implementing security controls. Expertise in managing user identities and securing access to systems. Knowledge of encryption, hashing, and tokenization techniques ...

security solutions to support meeting industrial and security frameworks such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP. Proven experience in risk assessment, threat modelling and implementing security controls. Expertise in managing user identities and securing access to systems. Knowledge of encryption, hashing, and tokenization techniques ...

across complex environments. Proven capability to design security controls across: Cloud workload protection (VM/container/serverless security patterns) DevSecOps/secure SDLC (threat modelling, CI/CD security, supply chain awareness) Client-side protection (endpoint security and operational response integration) Working knowledge of relevant vendors solutions ...

ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the Group-wide cyber security risk register, including conducting risk assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. ...

ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the client-wide cyber security risk register, including conducting risk assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. ...

Quality Engineering & Secure Development: Create automated tests, including unit, integration, and functional tests. Apply secure-by-design principles in all coding activities, participating in threat modelling where appropriate. Contribute to code reviews and continuously improve code quality within the squad. Maintain documentation for services, features, and reusable components. ...

Embed security-by-design into OT architectures Define OT network segmentation, zoning, and access controls (Purdue Model/IEC 62443) Conduct risk assessments, threat modeling, and architecture assurance reviews Support compliance with safety and security regulations and standards WHAT DO YOU NEED TO BE SUCCESFUL Proven experience ...

overall cyber security strategy Monitor and manage cyber risks, emerging threats and potential vulnerabilities across the company Lead activities such as security testing, threat modelling and vulnerability reviews Build, maintain and regularly update incident response and disaster recovery plans Work closely with teams across the business to ensure ...

supply chain security Advising on secure application and software development Contributing to physical security testing activities Delivering security awareness sessions Completing risk assessments and threat modelling Writing and reviewing security policies and governance documentation Experience required: 2+ years experience in information or cyber security Previous consultancy experience with ...