1 to 25 of 37 Threat Modelling Jobs in the South East

transformation consultancy is seeking a Senior SOC Solutions Engineer to elevate its security operations capability. This is a hands-on engineering role focused on SIEM development, playbook automation, and threat modelling-delivering proactive defence across cloud and on-prem environments. You'll be instrumental in designing and implementing advanced detection and response strategies, working closely with cross-functional … improvement. Key Responsibilities SIEM Engineering & Management Deploy, configure, and maintain IBM QRadar SIEM platform Onboard and normalize diverse log sources across hybrid environments Develop and tune analytical rules for threat detection and behavioural analysis Playbook Development & Automation Design incident response playbooks for scenarios including phishing, lateral movement, and data exfiltration Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps … XSOAR) Continuously refine automation based on threat intelligence and incident feedback Threat Detection & Response Monitor and investigate security alerts and anomalies Lead incident response activities and collaborate with threat intelligence teams Enrich detection logic with contextual threat data Threat Modelling & Use Case Development Conduct threat modelling using MITRE ATT&CK, STRIDE, or More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

and drive continuous improvement across detection, response, and automation. This pivotal role requires deep expertise in IBM QRadar, with a strong focus on playbook development, analytical rule creation, and threat modelling. The Senior SOC Engineer will play a key role in building and optimising detection and response strategies, ensuring robust protection against evolving threats. Key Responsibilities SIEM Engineering & Management … Deploy, configure, and maintain the QRadar SIEM platform. Onboard and normalise log sources across on-premises and cloud environments. Develop and optimise analytical rules for threat detection, anomaly detection, and behavioural analysis. Playbook Development & Automation Design and implement incident response playbooks for scenarios such as phishing, lateral movement, and data exfiltration. Integrate playbooks with SOAR platforms (e.g., Microsoft Logic … Apps, XSOAR) to streamline triage and automate response. Refine playbooks based on threat intelligence and incident insights. Threat Detection & Response Monitor and analyse security alerts and events to identify potential threats. Conduct investigations and coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat More ❯

cloud security, particularly Azure services and tools.* Familiarity with security frameworks such as ISO 27001, NIST, or CIS.* Knowledge of security technologies (firewalls, remote access, ZTNA).* Exposure to threat modelling and cyber threat intelligence is advantageous.Core Skills* Excellent communication and stakeholder engagement abilities.* Analytical mindset with strong problem-solving skills.* Ability to balance security priorities with … strictest confidence and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security, Azure Security, Cloud Security, ISO 27001, NIST, CIS, ZTNA, Threat Modelling, CISSP, CISM, CEH, Risk Management, Security Consultant, Information Security More ❯

Validate the effectiveness of security controls and recommend improvements. Deliver security architecture for cloud and hybrid environments. Scope and review IT Health Checks (ITHC) and produce remediation plans. Conduct threat modelling, risk assessments, and design proportional controls. Produce security architecture artefacts including standards and blueprints. Travel to client sites (approx. 40-60%) as required for classified system access. … HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain, attack trees), HLD/LLD reviews Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM. Working towards or holding CIISEC Full Membership or UK Cyber More ❯

advisor to leadership, engineering, and business stakeholders. Develop security architecture standards, patterns, and guidelines for enterprise solutions, with specific coverage for AI/ML workloads. Conduct security architecture reviews, threat modelling, and risk assessments for AI/ML systems and pipelines . Ensure solutions comply with European financial services regulations (GDPR, PSD2, DORA, NIS2) as well as emerging More ❯

cyber resilience across the organisation What you'll do: Design, implement, and enhance secure end-to-end IT solutions aligned with business objectives and risk appetite. Identify vulnerabilities, perform threat modelling, conduct risk assessments, and evaluate security controls. Ensure solutions comply with 'Secure by Design' principles, corporate policies, and industry frameworks. Assess vulnerabilities, lead risk mitigation, and ensure More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and drive remediation. - Communicate technical findings clearly to both technical and executive audiences. - Influence security architecture and product design through early More ❯

security engineer, you will: Secure CI/CD pipelines and infrastructure-as-code (IaC) deployments across Azure. Lead container, API, and web application security initiatives, including code reviews. Support threat modelling, vulnerability management, and penetration testing activities. Drive logging integration with SIEM tools, enabling SOC monitoring and incident response. Coach engineering teams on cloud security principles and manage More ❯

ML security strategies, standards, and guidelines . Design and own enterprise security architecture for AI/ML systems, CI/CD, and data pipelines. Conduct security risk assessments and threat modelling for AI/ML workloads. Support testing of AI/ML models, including trustworthiness, fairness, bias, and adversarial attack detection. Collaborate with data scientists, engineers, and stakeholders More ❯

for designing, implementing, and reviewing OT security controls across complex systems, supporting both engineering and assurance activities. Key Responsibilities Apply Secure by Design principles throughout the engineering lifecycle. Conduct threat modelling, risk assessments, and security design reviews for OT environments. Work closely with engineering and project teams to embed security into delivery. Produce and review security documentation in More ❯

for designing, implementing, and reviewing OT security controls across complex systems, supporting both engineering and assurance activities. Key Responsibilities Apply Secure by Design principles throughout the engineering lifecycle. Conduct threat modelling, risk assessments, and security design reviews for OT environments. Work closely with engineering and project teams to embed security into delivery. Produce and review security documentation in More ❯

for designing, implementing, and reviewing OT security controls across complex systems, supporting both engineering and assurance activities. Key Responsibilities Apply Secure by Design principles throughout the engineering lifecycle. Conduct threat modelling, risk assessments, and security design reviews for OT environments. Work closely with engineering and project teams to embed security into delivery. Produce and review security documentation in More ❯

Security expertise across the following areas: AWS security controls, policies and automation, CLI tools, role based and attribute-based access controls, cryptographic protocols and secure key lifecycle management, advanced threat modelling, SOC operations, securing microservices and APIs, DevSecOps best practices, vulnerability scanning, tools, approaches, vulnerability patching and vendor management for security Strong experience in penetration testing and hands More ❯

Security expertise across the following areas: AWS security controls, policies and automation, CLI tools, role based and attribute-based access controls, cryptographic protocols and secure key lifecycle management, advanced threat modelling, SOC operations, securing microservices and APIs, DevSecOps best practices, vulnerability scanning, tools, approaches, vulnerability patching and vendor management for security Strong experience in penetration testing and hands More ❯

part of the team, youll: Oversee the implementation and enforcement of security policies, standards and tools including endpoint protection, SIEM, SOC and vulnerability management systems. Conduct risk assessments and threat modelling, maintaining the IT risk register and supporting the deployment of security controls, aligned with regulatory and business requirements. Lead incident response efforts including containment, investigation, recovery and More ❯

Utilizing real-time dashboards to facilitate tracking and reporting to the Technology Leadership Team and the wider organization. Become fully embedded into our engineering teams and practices to: Lead threat modeling, vulnerability prioritization, and hold risk assessment exercises. Monitor zero-day threats and vulnerabilities, ensuring they are properly prioritized and resolved by responsible teams. Guide architectural security reviews to More ❯