1 to 25 of 28 Threat Modelling Jobs in the South East

architecture strategy. Act as a trusted security advisor to senior leadership and engineering teams. Guide the design and integration of secure solutions across applications, infrastructure, and data platforms. Perform threat modelling, architecture reviews, and propose mitigation strategies. Ensure alignment with European regulatory standards (e.g., GDPR, PSD2, DORA, NIS2). Embed DevSecOps into SDLC and CI/CD pipelines More ❯

Serve as a trusted advisor to leadership and technical teams on security best practices. - Develop and enforce security standards and reference architectures for hybrid and cloud-native systems. - Lead threat modelling, architecture reviews, and risk assessments across cloud platforms. - Ensure compliance with regulatory frameworks (PSD2, ISO 27001, PCI DSS, NIST CSF, CSA CCM). - Integrate security into CI More ❯

frameworks (NIST, ISO 27001, TOGAF, SABSA). • Deep understanding of AI/ML concepts, algorithms, models, regulations and controls. • Extensive technical experience in AI/ML Security Architecture • Proven threat modelling, risk analysis, and architectural validations • In-depth knowledge of adversarial machine learning mitigation. • Comprehensive understanding of ethical AI and governance. • Proven AI security tool implementation and management. More ❯

will be at the forefront of designing, developing, and maintaining secure Azure cloud architectures that meet stringent business and compliance requirements. Your role will involve leading security reviews and threat modeling activities for cloud-based solutions, implementing robust Azure-native security controls such as Microsoft Defender for Cloud, Sentinel, Key Vault, Azure Policy, and RBAC. You will define and More ❯

data pipelines. * Participate in enterprise-wide architecture initiatives for AI/ML. Understand the workflow and pipeline architectures of ML and deep learning workloads. * Conduct security risk assessments and threat modelling for AI/ML and other business projects performed thorough design reviews and security assessments of architectures and designs, identifying vulnerabilities, threats, and risks, and providing recommendations … common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework. * Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses. * Familiarity with current and emerging regulations and standards, such as the EU AI More ❯

with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers and More ❯

with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers and More ❯

with scripting languages like PowerShell, YAML, JSON- Expertise in application security tools and DevSecOps processes- Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC)- Experience with threat modelling, risk assessments, and secure design reviews- Comfortable owning security strategy and tooling across complex, modern product landscapes- Strong communicator - able to engage confidently with both engineers and More ❯

with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers and More ❯

data pipelines to model deployment. Key Responsibilities Architect and implement security controls for AI/ML systems, data pipelines, and CI/CD processes. Conduct security risk assessments and threat modelling on AI/ML workflows. Drive secure coding practices and integrate security into MLOps/DevOps pipelines. Address challenges such as adversarial attacks, data poisoning, and prompt … Essential Experience & Skills Proven experience as a Security Architect with direct focus on AI/ML security. Strong knowledge of AI/ML technologies, frameworks (e.g. TensorFlow, PyTorch), and threat landscapes. Background in development or data science is highly advantageous. Expertise in secure development practices and cloud-native architectures. Hands-on experience with threat modelling, adversarial testing … . Excellent stakeholder communication and collaboration skills. Desirable Experience working on large-scale data or AI projects in regulated sectors. Exposure to the MITRE ATLAS framework or similar AI threat knowledge bases. Esther Urtecho Senior Delivery Consultant London | Bristol | Amsterdam More ❯

security into solution designs. Monitor compliance with internal policies, external regulations and industry good practice. (e.g., GDPR, ISO27001, CIS, ISF, NIST). Provide expert guidance on security best practices, threat modelling, and mitigation strategies. Support incident response and post-incident reviews from an architectural perspective. Skills and experience you need as Information Security Assurance Specialist: Strong understanding of More ❯

and scalable Work with the product owner to address user needs Develop secure and high-quality production code, perform code reviews and able to debug issues Participate in agile threat modelling and vulnerability management Ensure compliance with security and regulatory requirements for MOD and high Design assurance software Develop solutions for where data can bring value to our More ❯

occasional travel to London for key meetings.Key Responsibilities: Design and implement secure cloud architectures within Microsoft Azure Lead the integration and optimisation of SIEM solutions, particularly Microsoft Sentinel Conduct threat modelling, risk assessments, and security architecture reviews Collaborate with engineering, DevOps, and compliance teams to embed security best practices Define and enforce security standards across Azure IaaS, PaaS More ❯

ie cyber security asset management, attack surface management, etc) Pragmatic application of zero-trust philosophies Cloud based security (GCP, AWS and Azure) Pentest scoping and analysis experience Application security Threat modelling To apply for this position please submit your CV. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this More ❯

ie cyber security asset management, attack surface management, etc) Pragmatic application of zero-trust philosophies Cloud based security (GCP, AWS and Azure) Pentest scoping and analysis experience Application security Threat modelling To apply for this position please submit your CV. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this More ❯

alignment with organisational security requirements. Perform additional security-related tasks as directed by the Head of Information Security Essential Skills & Experience Proven experience in technical security risk assessments and threat modelling. Strong understanding of cybersecurity principles , including network, endpoint, and cloud security. Ability to assess and communicate technical vulnerabilities in business terms. Experience working with or within a SOC More ❯

Collaborate with development teams (Go and Node.js) to remediate security issues. Evaluate and Test TEE solutions (e.g., AWS Nitro Enclaves, Azure Confidential Computing and Google Confidential Computing.). Conduct threat modeling and risk assessments. Develop and maintain security testing tools and automation scripts. Stay current with emerging security threats, vulnerabilities, and mitigation techniques. Proven experience in penetration testing and More ❯

such as CISSP, CISM, AWS Security Specialty, or Certified Identity and Access Manager (CIAM). Agile (Scrum Master, SAFe) and cloud (AWS Cloud Practitioner) certifications. Experience in security assessments, threat modeling, or governance/risk/compliance (GRC) tooling. Benefits Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is More ❯

Business to identify and mitigate risks. Translate complex technical risks into business-friendly language for executive audiences. Improve and evolve security risk assessment methodologies for advanced AI systems. Develop threat models and propose compensatory controls. Present findings to internal governance groups and help shape AI risk frameworks. Required Skills & Experience 10+ years of professional experience, including demonstrable AI/ More ❯

other security product like Trivy Experience with cloud computing platforms such as Microsoft Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery More ❯

security product like Trivy preferred Experience with cloud computing platforms such as Microsoft Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery More ❯

security product like Trivy preferred Experience with cloud computing platforms such as Microsoft Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery More ❯

creation of RFCs (Request for Comments) and ADR (Architectural Decision Records) , having input into decision-making across frontend technologies. Security & Risk Management: Support Lead and Senior engineers in maintaining Threat Models for any domain changes, ensuring security and risk are at the forefront of development. Continuous Improvement: Engage in continuous learning and improvement within your Community of Practice . More ❯

Cycle during the design and development of digital services to ensure a holistic shift-left approach to secure by design. Key Requirements: Strong hands on DevSecOps experience - testing/threat modelling/developing (GitHub/python) Understanding of cyber-attack methodologies Consultancy soft skills - ability to communicate effectively & navigate government departments Benefits: 25 days holiday plus your birthday More ❯

SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and … strategies. Key Requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as Python, Java More ❯