24 of 24 Threat Modelling Jobs in the South East

architectures aligned to business and technical requirements. Collaborate with multidisciplinary teams to ensure security considerations are embedded across the entire delivery lifecycle. Conduct security threat modelling, risk assessments, and security architecture reviews for critical systems and services. Develop and maintain security reference architectures, standards, principles, and best practices. … Security Architect within Central Government, Defence, or highly regulated environments. Strong understanding of enterprise security architecture principles, methodologies, and frameworks. Hands-on experience performing threat modelling, security risk assessments, and secure solution assurance. Experience designing secure cloud and hybrid architectures using Microsoft Azure and/or AWS. Strong ...

cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling – Kill Chain – Attack tree analysis. Certifications: AWS/Azure Security Professional, CCSP, CISSP, CISM, CIISEC, UK Cyber Security Council registration (Chartered ...

embed security into lifecycle governance Define and implement a modern DevSecOps tooling strategy (CI/CD, SAST/DAST, SCM, automation) Drive secure coding, threat modelling, and supply chain security practices (SBOM, provenance, signing) Develop KPIs, metrics, and maturity models to track and continuously improve SDLC performance Build … NIST SSDF, OWASP SAMM/ASVS, ISO 27034) Strong understanding of modern engineering practices (Agile, CI/CD, cloud, automation) Expertise in application security, threat modelling, and secure coding standards Experience implementing tooling ecosystems (e.g. SAST, DAST, SCA, pipeline automation) A track record of influencing senior stakeholders ...

Threat & Adversarial AI Expert 6 Months Contract + Extension London Based 2 days in the office £500 to £600 a day Inside IR35 A pioneering financial institution is seeking an experienced Threat & Adversarial AI Expert to join their cybersecurity team. You will act as the primary architect … safety for the firm's generative AI ecosystem, ensuring agentic capabilities remain resilient against an evolving global threat landscape. As a Threat AI Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE ...

IR35 Active SC Clearance Required Core Responsibilities Design and maintain secure architecture frameworks for enterprise systems across cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define and enforce security standards, reference architectures, and policy controls aligned ...

THROUGH UMBRELLA Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry … ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated experience ...

Midlands. Practitioner CERT capabilities and several team management experience is required – meaning you will be technically capable and experienced within Incident Response & Detection, Threat Intelligence & Hunting, Vulnerability Management, Attack Surface Reduction, Cyber Analysis, etc. You will also have large team leadership and motivation experience in some … monitoring and detecting cyber security threats and incidents in real-time. Collaborate with teams to conduct incident investigations and develop response plans. Lead proactive threat hunting initiatives. Manage vulnerability assessments and penetration testing programs. Develop and maintain threat intelligence capabilities. Essential experience includes: Extensive experience in managing cyber ...

assurance across complex systems or major programmes. Ability to produce clear architecture documentation and security artefacts. Strong understanding of secure design principles, risk management, threat modelling and security controls. Knowledge of UK Government/Defence security standards, guidance and assurance processes. Experience working with senior stakeholders across security … technical and non-technical audiences. Desirable experience Army programme experience or strong MOD stakeholder exposure. Experience with Sparx Enterprise Architect, ArchiMate, NAFv4 or similar modelling approaches. Knowledge of Joint Service Publications, NCSC guidance, ISO27001, NIST, CIS or related security frameworks. Experience across IAM, PKI, secure integration, cloud security, data ...

Familiarity with AI-assisted security tools, machine learning concepts for detection, or data-driven security analytics. Understanding of how AI can be applied to threat detection, anomaly detection, investigation support, and security operations automation. Awareness of emerging AI-driven attack techniques, including adversarial AI and automated exploitation methods. Familiarity … engineering and security teams to integrate AI-enabled security capabilities into operational processes. Support incident investigations using advanced analytics, AI-assisted tooling, and structured threat analysis techniques. Conduct threat modelling and security architecture reviews with a focus on emerging AI-enabled risks and system complexity. Identify vulnerabilities ...

change control procedures Experience designing or reviewing secure software supply chain and CI/CD security . Ability to interpret CVEs, CVSS scores, and threat intelligence feeds. Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists. Excellent written … technical security reports for assurance cycles Support compliance audit evidence packs (GovAssure/CAF, CE+, ISO 27001) Develop or update security standard documents (e.g. threat modelling, vulnerability mgmt) Support cyber input for IT, research or OT programmes Work with IT teams to co-author and test secure configuration ...

Embed Secure by Design principles across system and solution delivery Conduct security design reviews and provide risk-based recommendations Support development of: Security architectures Threat models and risk assessments Security design documentation Ensure alignment with MOD and UK Government security standards Work with architects and delivery teams to integrate … Experience Proven experience implementing Secure by Design within MOD, Defence, or Government environments Strong background in security architecture and secure system design Experience conducting threat modelling and security risk assessments Knowledge of: NCSC Secure by Design guidance ISO 27001 or equivalent frameworks Secure SDLC methodologies Experience working within ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning … understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge ...

delivering an Information Security strategy in a way that balances risk reduction, business enablement and operational pragmatism Strong experience leading security risk assessments, threat modelling, incident management and remediation of security weaknesses in a structured, risk‐based way Significant experience managing external audits, customer assurance and recognised security ...

tooling outputs to identify trends, gaps and opportunities. Continuous Improvement & Architecture Assist with mapping and reviewing customer network and security architectures. Contribute to threat modelling and detection use case development. Support change management processes to ensure controlled, auditable service delivery. Develop high-quality documentation, reports and supporting materials. ...

integrations (OSS/BSS, core network-related systems). Review application and network architectures to identify security gaps, risks, and non-compliance. Conduct threat modeling, risk assessments, and security design reviews across on‐prem and cloud-hosted applications. Provide assessment outputs including risk ratings, mitigation recommendations, and security assurance ...

equivalent experience Experience applying cyber security principles across the systems or product engineering lifecycle Knowledge of cyber risk management and vulnerability management Experience with threat modelling frameworks such as MITRE ATT and CK, DEF3ND, or EMB3D Awareness of industrial control systems or operational technology environments Working knowledge ...

security patterns. Inputting into High-Level Designs (HLDs) and Low-Level Designs (LLDs) with explicit security controls. Conducting threat modelling (STRIDE, attack trees, kill chain analysis). Identifying and documenting security requirements for systems, networks, and cloud services. Ensuring designs meet classification requirements Security Controls & Patterns Advising ...

IR35 Active SC Clearance Required Core Responsibilities Design and maintain secure architecture frameworks for enterprise systems across cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and se click apply for full job details ...

assessment, remediation) Implement risk-based security solutions aligned to enterprise standards Work closely with infrastructure, application and OT teams to embed security controls Support threat modelling, secure design, and Zero Trust frameworks Key Skills & Experience: Strong experience as a Security Architect/Cybersecurity Architect Proven expertise in vulnerability ...

monitoring. Experience leading data security roadmaps from current to target state, identifying required capabilities, technology changes, dependencies, risks, and timelines. Expertise performing data-focused threat modelling (e.g. STRIDE, MITRE ATT&CK, DREAD) to identify risks and recommend architectural mitigations. Excellent advisory skills with the ability to provide architectural ...

reports with clear remediation guidance • Knowledge of OWASP and application security principles • Experience with automated, dynamic, and static security testing tools • Ability to perform threat modelling and attack surface analysis • Experience working with or managing third-party security providers • Relevant certifications such as OSCP, CREST, SANS, CRTO ...

managing vulnerability resolution on key environments. Design, implement, and maintain highly available and secure infrastructures. Build and implement monitoring and logging services. Carry out threat modelling and implement secure coding practices Ensure security standards are met using automated testing on build pipelines. Design and implement a DR/ ...

call for customer service improvements Assist with the onboarding and building an understanding of customer business risks Work with the onboarding consultants to build Threat Models and maintain them during live service Allocated Technical Account Manager to act as a first point of contact for operational matters and proactive ...

hands-on penetration testing experience across network, web, cloud, internal, red team, or purple team environments Excellent knowledge of: MITRE ATT&CK OWASP Threat modelling Attack surface analysis Experience with automated, dynamic, and static security testing tools Knowledge of regulatory frameworks including GDPR, PCI-DSS, and related compliance ...