18 of 18 Threat Modelling Jobs in the North of England

Overview Senior Threat Modeler - Job Title: Senior Threat Modeler Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role What you'll be doing: Maintains an in-depth understanding of the external and internal security environment and how the organisation reacts to … security threats Contributes to, plans and delivers activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape The assessment, validation and reporting of information on current and potential cyber threats to maintain an organisation's situational awareness Identifying security gaps and building attack simulations to support Purple Team engagements … attack patterns to prioritise future remediation efforts Is a subject matter expert (SME) on emerging threats and will work on complex issues as a fully contributory member of the Threat Modelling Team, with limited guidance from the Line Manager Produces reports detailing key threats and risks to the organisation at a strategic level for business units to digest More ❯

including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge of industry standards and frameworks (ISO27001, NIST CSF, PCI DSS, CIS Controls). Minimum of 5 years More ❯

including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge of industry standards and frameworks (ISO27001, NIST CSF, PCI DSS, CIS Controls). Minimum of 5 years More ❯

including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge of industry standards and frameworks (ISO27001, NIST CSF, PCI DSS, CIS Controls). Minimum of 5 years More ❯

including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge of industry standards and frameworks (ISO27001, NIST CSF, PCI DSS, CIS Controls). Minimum of 5 years More ❯

strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from data poisoning, model theft, or adversarial More ❯

and OpenShift environments Manage secure configurations, access controls, and CI/CD workflows in GitLab Integrate and protect telemetry tools such as Cribl, Elastic, Splunk, Fluentd, and Syslog Perform threat modelling, vulnerability assessments, and risk analysis for the pipeline Partner with DevOps to embed security into infrastructure-as-code and deployment processes Monitor and respond to security events More ❯

for the United Kingdom, currently residing in the UK. The position is located in Manchester. Responsibilities Evaluate and strengthen our overall security posture by performing continuous audits, risk assessments, threat modelling, and architecture reviews to ensure effective controls and adherence to regulatory standards. Consistently monitor and assess cloud environments for vulnerabilities and misconfigurations utilising tools like AWS Inspector … sensitive information with discretion, professionalism, and sound judgment. Relevant certifications such as AWS Certified Security - Speciality, CISSP, CCSP, or Terraform Associate (or equivalent experience). Preferred Qualifications Exposure to threat intelligence and security analytics , particularly within cloud environments. Bachelor's degree in Computer Science, Information Technology, or Information Security , or equivalent practical experience. Familiarity with key security frameworks and More ❯

Burp Suite, Kali Linux, and custom NCC Group platforms. Expect to learn manual testing techniques alongside automated approaches You’ll observe live client engagements, gaining exposure to different industries, threat models, and testing methodologies Midway through the programme, you’ll deliver a graduation project; this could be a research piece, a custom tool, or a deep-dive into a More ❯

Burp Suite, Kali Linux, and custom NCC Group platforms. Expect to learn manual testing techniques alongside automated approaches You’ll observe live client engagements, gaining exposure to different industries, threat models, and testing methodologies Midway through the programme, you’ll deliver a graduation project; this could be a research piece, a custom tool, or a deep-dive into a More ❯

Burp Suite, Kali Linux, and custom NCC Group platforms. Expect to learn manual testing techniques alongside automated approaches You’ll observe live client engagements, gaining exposure to different industries, threat models, and testing methodologies Midway through the programme, you’ll deliver a graduation project; this could be a research piece, a custom tool, or a deep-dive into a More ❯

trusted advisor to development teams, architects, and stakeholders across our clients organisation. Design and review security architectures for applications, ensuring the implementation of effective security controls and countermeasures. Conduct threat modelling exercises to identify potential security risks and vulnerabilities early in the development lifecycle. Conduct in-depth security assessments, code reviews, and penetration testing of applications to identify More ❯

Job Description: Mandatory Skills: Mobile Security Experience: 5-8 Years LOCATION : Leeds/Halifax/Manchester/Bristol/Edinburgh, UK Experience of Mobile platform security, threat modelling and mitigation techniques Capable of conducting regular reviews of our mobile application security posture using your hands-on experience. Develop and maintain pen-testing security tools, scripts, policies and procedures More ❯

CI/CD SAST/DAST/SCA Quality Gates Penetration Testing Infrastructure as Code (IaC) Terraform/Ansible/CloudFormation Cloud Security Container Security Secrets Management Monitoring & Logging Threat Modeling Secure Coding Practices Auto Remediation More ❯

CI/CD SAST/DAST/SCA Quality Gates Penetration Testing Infrastructure as Code (IaC) Terraform/Ansible/CloudFormation Cloud Security Container Security Secrets Management Monitoring & Logging Threat Modeling Secure Coding Practices Auto Remediation More ❯

cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM/PAM implementations and M365/Azure/Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external … audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track key security KPIs and metrics. Produce security performance and risk reports for executive and board audiences. Maintain security risk registers and More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track risk More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track risk More ❯