1 to 25 of 60 Threat Modelling Jobs in the UK excluding London

it. The Role Security Architect is a design and advisory role, not a purely technical one. You will shape secure cloud solutions, lead threat modelling exercises, advise customers, and develop the engineers around you. Communication and client credibility matter here as much as technical depth. … embedding security throughout the software development lifecycle. Identify security issues in existing system designs and recommend mitigations that balance cost, risk, and usability. Lead threat modelling exercises and workshops with delivery teams and customers. Advise on security standards and regulatory requirements including NCSC, ISO, NIST, PCI, and GDPR. ...

Lead technical security design across infrastructure, cloud and application environments Collaborate with SMEs across Identity, Security Testing and Privacy Conduct risk assessments and support threat modelling activities Provide clear justification of design decisions to both technical and non-technical stakeholders Ensure alignment to industry standards and government security … Understanding of network security, encryption, authentication and access control Experience with security tooling such as SIEM, IDS, firewalls and vulnerability assessment tools Knowledge of threat modelling and risk assessment TO BE CONSIDERED: Please either apply through this advert or emailing me directly via . For further information please ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

current DV Clearance. What youll be doing: Lead the design and implementation of platform-wide security architectures and strategies. Drive secure SDLC practices including threat modelling, misuse cases, and risk analysis. Oversee security operations including vulnerability scanning, penetration testing, and assessments. Manage and optimise security tooling (Firewalls, VPNs … compliance teams to embed security-by-design. What youll bring : Strong background in network security, SIEM, IDAM, endpoint protection, and cloud security. Knowledge of threat intelligence, IOC analysis, and detection engineering. Experience in secure SDLC, code review, and threat modelling (incl. misuse cases). Understanding of encryption ...

cloud infrastructures. Contribute to blogs and research within the business community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish …/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience ...

across enterprise-scale IT and cloud transformation programmes * Provide security advisory services to public sector and Defence clients * Support secure-by-design initiatives and threat modelling activities * Advise on regulatory and compliance frameworks including ISO 27001, NIST, GDPR, and PCI-DSS * Identify vulnerabilities and communicate security risks … risk management * Experience contributing to solution designs and security architectures * Knowledge of identity and access management, network security, and secure infrastructure concepts * Understanding of threat modelling and reference architecture development * Strong stakeholder engagement and communication skills * Ability to work within complex, fast-moving consulting environments Desirable Experience * Hands ...

teams Contribute code and patches to security tooling and configurations Secure Development Define and enforce secure coding standards Conduct security-focused code reviews and threat modelling for new features Provide remediation guidance for application vulnerabilities Train and support developers on secure coding practices Vulnerability Management Triage, patch … Experience with CSPM tooling (Wiz, Prisma Cloud, or similar) Penetration testing or bug bounty experience Experience in regulated environments (healthcare, financial services) Familiarity with threat modelling frameworks (STRIDE, PASTA) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero ...

testing vendors, and champion a security-first culture across the business. What You'll Be Doing Leading application security across the full SDLC, including threat modelling, secure code review, and security architecture consultation Owning the enterprise secrets management programme, defining standards and implementing solutions across all environments Partnering … providing deep technical expertise during security investigations What We're Looking For 5+ years hands-on application security experience, including secure code review, threat modelling, and AppSec tooling Strong engineering foundations -- this role requires someone who can partner with Principal Engineers as a technical peer Experience with secrets ...

What you'll do: Design secure solutions across applications, networks, and cloud environments, ensuring security standards and controls are built into delivery. Carry out threat modelling activities to identify security risks, vulnerabilities, and potential gaps within technical solutions. Support secure architectural decision-making by assessing risks, business impact … environments. Strong understanding of modern enterprise technologies, including Cloud, AI, APIs, microservices, and modern application architectures. Knowledge of current cyber threats and experience with threat modelling frameworks such as STRIDE and MITRE ATT&CK. Solid understanding of key security domains including IAM, network security, cryptography, endpoint security ...

highly regulated defence environment. Key responsibilities: • Deliver Secure by Design and cyber security activities across the engineering lifecycle • Conduct cyber security risk assessments and threat modelling activities • Support development of security artefacts including RMADS, SyOPs, risk registers and security management documentation • Participate in Security Working Groups and stakeholder … experience required: • Experience working within defence, aerospace, aviation or highly regulated environments • Strong understanding of Secure by Design principles • Experience with security risk assessments, threat modelling and security assurance • Experience supporting security activities across the engineering lifecycle • Knowledge of MOD and industry security standards/frameworks such ...

security delivery across the engineering lifecycle Translate customer requirements into actionable security management plans and deliverables Conduct cyber and information security risk assessments and threat analysis Manage and escalate technical and delivery risks Support Security Working Groups and customer security workstreams Work closely with engineers, architects and developers … Experience with Def Stan 05-138/05-139 and aviation security standards including RTCA DO-326A/B Proven experience in threat modelling, vulnerability analysis and security risk assessment Ability to work independently and communicate effectively with customers and stakeholders Qualifications Degree in Cyber Security, Systems Engineering ...

competitive salary (Inside IR35) and benefits. Visa sponsorship is not available. You will be responsible for Conducting security assessments of AI solutions, including threat modelling Developing governance frameworks, security standards, and best practice for AI adoption Designing controls for identity, access management, auditability, and human oversight Supporting implementation … injection, jailbreaks, data leakage, poisoning, model extraction/inversion) Strong background in security architecture, IAM, Zero Trust, audit controls, and secure integration Experience in threat modelling and security reviews across complex environments Practical, delivery-focused mindset with ability to enable innovation securely Must have right to work ...

real scope to shape how security architecture is delivered across the business. The role You will conduct security design reviews end to end, perform threat modelling, author security standards and patterns, and provide architecture consultancy to project teams across the business. You will build deep knowledge … Solid IAM background covering federation, SSO, MFA, and privileged access Experience in a regulated environment, either financial services or consultancy with FS clients Proven threat modelling and security design review experience, with the ability to write clear security standards Strong differentiators: Awareness of AI and LLM security risks ...

ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. You will need: Whilst the business is looking for the below, a big part of what they're also looking … Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Ability to define standards, partner cross-functionally (IT, GRC, Engineering), and drive risk reduction through threat modelling, compliance (NIST, ISO, GDPR), and ongoing optimisation of identity systems. Experience working with cloud identity (Azure, AWS, or GCP). What ...

looking for a Cyber Threat & Vulnerability Analyst to join our Cyber Security team, helping protect the systems that deliver essential water services to millions of customers every day. You'll play a key role in identifying, assessing, and reducing cyber risk across a large and complex technology estate, making … closely with technical teams and business stakeholders to keep our services safe, resilient, and running smoothly. What you'll be doing as a Cyber Threat & Vulnerability Analyst: As a Cyber Threat & Vulnerability Analyst, you'll be responsible for supporting and improving how we identify, assess, and manage cyber ...

into the full product lifecycle, from concept through to release Conduct hands-on security assessments across web, mobile, and backend applications Lead and support threat modelling activities for new features and systems Collaborate closely with engineering teams to design secure architectures Integrate and optimise security tooling such … similar Solid knowledge of web or mobile security, with willingness to broaden across both Good understanding of networking fundamentals and operating systems Experience conducting threat modelling and explaining security trade-offs to stakeholders Ability to script and automate tasks using languages such as Python, JavaScript, or Go Knowledge ...

enterprise-scale infrastructure. Security is a major investment area for the business, with a strong focus on cloud security, cyber resilience, automation, and intelligent threat detection.This is an opportunity to join a collaborative team where security is seen as a business enabler — not a blocker.The RoleThis is a hands … integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling Lead technical investigations and incident response activities Improve threat visibility and reduce false positives through detection engineering Conduct vulnerability management and remediation initiatives Partner with engineering, infrastructure, and DevOps teams to embed security ...

assurance across complex systems or major programmes. Ability to produce clear architecture documentation and security artefacts. Strong understanding of secure design principles, risk management, threat modelling and security controls. Knowledge of UK Government/Defence security standards, guidance and assurance processes. Experience working with senior stakeholders across security … technical and non-technical audiences. Desirable experience Army programme experience or strong MOD stakeholder exposure. Experience with Sparx Enterprise Architect, ArchiMate, NAFv4 or similar modelling approaches. Knowledge of Joint Service Publications, NCSC guidance, ISO27001, NIST, CIS or related security frameworks. Experience across IAM, PKI, secure integration, cloud security, data ...

architectural governance artefacts. Ensure designs align with NCSC guidance , industry best practices (e.g., CIS Benchmarks), and organisational policy. Security Assurance Conduct security assessments and threat modelling against containerised and virtualised workloads. Validate platform configurations against security baselines, compliance frameworks, and risk appetite. Provide expert guidance during project delivery ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

controls into engineering workflows. Collaborate with software development teams to improve secure coding practices. Develop and maintain monitoring, logging, and incident response automation. Support threat modelling and secure architecture reviews. Drive DevSecOps best practices across engineering teams. Contribute to platform engineering and cloud-native application delivery. Required Experience ...

Cyber Security and cloud such as CISSP, CISA, CISM Significant knowledge of cyber security practices including risk management principles, architectural requirements, security engineering, threat intelligence, vulnerability management, and incident response. Experience leading cyber risk reviews. Able to deliver clear gap analysis against cyber security policy, standards and technology risk … Microsoft Azure. Excellent stakeholder management skills Previous experience as part of a security operations or incident response organization would be beneficial. Good knowledge of threat modelling techniques with some experience in developing threat models. Please note: You must have full working rights ...