1 to 25 of 43 Threat Modelling Jobs in the South East

dissect designs, model attack paths, and show engineering teams what “good” really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. They don’t expect you to know everything — just … curious, practical, and willing to dive in. What You’ll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates ...

lead in the build-out of their cloud-native Infrastructure capability. Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. … most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy ...

Responsibilities: Strategic (30%) Define technical security architecture and standards across multi-cloud SaaS platforms Embed security into product development lifecycle and roadmap planning Conduct threat modelling and risk assessments for new features and system changes Evaluate and recommend security technologies and tools Operational (40%) Manage security environments across ...

Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent ...

Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent ...

Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent ...

Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent ...

Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent ...

Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent ...

What You'll Do Core Responsibilities: Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments Execute social engineering assessments and physical security testing Produce detailed scoping documents and executive-level … growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning: Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise ...

What You'll Do Core Responsibilities: Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments Execute social engineering assessments and physical security testing Produce detailed scoping documents and executive-level … growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning: Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise ...

What You'll Do Core Responsibilities: Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments Execute social engineering assessments and physical security testing Produce detailed scoping documents and executive-level … growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning: Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

Security legislation Security frameworks: ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, and NCSC policies and guidance Secure by Design within the SDLC Threat modelling techniques HLD/LLD review and assurance Technical Knowledge Cloud security Network and infrastructure security AI security and governance ITHC scoping ...

Review ITHC outcomes, providing clear guidance and actionable remediation plans. Identify and assess security risks in proposed architectures, recommending mitigations and alternative solutions. Perform threat modelling, risk assessment, and security analysis for systems, applications, and infrastructure. Design proportionate security controls aligned to risk appetite, leveraging native cloud capabilities. ...

whether in the office or on the front line, plays a key part in this mission. Here’s how you will contribute... Perform a threat modelling exercise of all projects and provide mitigating cyber security requirements to help ensure the secure delivery of compliant systems, applications and business ...

AntiVirus/AntiMalware for End User devices Antivirus/Malware/Ransomware etc for Product/Platform DDos Protection Access Management/Review (IAM) Threat modelling Setup Bug Bounty program Application Security/Testing Brand monitoring (domans etc) Whitelist client access Encryption in Transit (confirm 100%) Social Engineering ...

SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat modelling, risk assessments, and vulnerability management. Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Develop ...

would not have the knowledge and skills to execute Working knowledge of compliance standards. With working knowledge of secure development practices and standards. Basic Threat Modelling and dynamic security testing experience. Experience with scripting (e.g. python, bash, etc) essential. Experience with Azure/AWS security configuration. Experience ...

SLAs, regulatory standards (NCSC, ISO27001) and vendor ecosystems.? Mentor junior architects, contribute to service catalogue evolution and conduct design reviews for risk/threat modelling.? Drive innovation in AIOps, edge computing and sustainability-focused infra for defence-adjacent clients.? Person specification Essential: Active SC clearance with 7+ years ...

31st of May 2026 Responsibilities: Lead the design and delivery of secure architectures across enterprise, cloud, and on-prem environments. Perform threat modelling, risk assessments, and security reviews for new and existing solutions. Define and maintain security architecture standards, patterns, and technical controls. Provide expert cyber security guidance ...

connectors, and Copilot Studio bots Establish reference architectures and reusable patterns for role-based security, data design, integration, eventing, and observability Lead architecture reviews, threat modeling, and solution design approvals; produce HLD/LLD, sequence diagrams, deployment topologies, and data models Integration & Data Architect secure integrations with Azure services ...

security testing including SAST, DAST, and penetration testing. Understanding of authentication and authorization frameworks (OAuth, JWT, SAML) and familiarity with secure coding practices and threat modelling Experience in test automation tools, frameworks, and practices. The successful candidate will have experience working in a fast-paced and multi-vendor ...

experience with agents: LangChain, AutoGPT, CrewAI, or custom agent frameworks • Regulated industry background: Financial services, healthcare, or other domains with compliance requirements • Security/threat modelling expertise: Understanding of adversarial AI, prompt injection, or system security • Real-time systems experience: Trading systems, fraud detection, or other low-latency ...

high-availability systems. Partner with product, SRE, and network engineering to deliver roadmap features from concept to GA with security-by-design. Contribute to threat modeling, architecture reviews, and compliance/audit readiness for Tier 0 services. ...