Security Architect

Hiring: Security Consultant- Threat Modelling

Client : Global IT services, consulting, and business solutions company

Location: London / Norwich UK (Hybrid)

Experience: 7–12 Years

About the Role

We are looking for an experienced Security Consultant- Threat Modelling to join our client's growing cybersecurity team. This role is ideal for someone passionate about building secure architectures, identifying risks early in the design phase, and driving security best practices across enterprise environments.

You will play a key role in defining and scaling threat modelling capabilities, working closely with architects, developers, and business stakeholders.

Key Responsibilities

  • Design and implement an enterprise-wide Threat Modelling framework
  • Define reference architectures for microservices, APIs, cloud, and event-driven systems
  • Establish and scale threat modelling processes and governance
  • Onboard applications and teams into the threat modelling lifecycle
  • Conduct end-to-end threat modelling exercises (manual + automated approaches)
  • Identify threat vectors and create actionable threat models
  • Present findings and explain risks to developers and stakeholders
  • Provide remediation guidance and coordinate mitigation efforts
  • Integrate threat-informed scenarios (ATT&CK-based) into design practices
  • Align with broader security strategies such as Zero Trust, IAM, and monitoring
  • Define automation strategies (CI/CD integration, repositories, knowledge base/RAG, quality controls)

Required Skills & Experience

  • 7–12 years in Security Testing / Application Security
  • 2–5 years of hands-on Threat Modelling & Security Risk Assessment
  • Strong experience with methodologies: STRIDE, DREAD, PASTA
  • Deep understanding of OWASP Top 10 and common vulnerabilities
  • Experience in enterprise security architecture
  • Ability to translate technical risks into business impact
  • Strong stakeholder communication & presentation skills
  • Proven ability to handle client-facing security engagement

Good to Have

  • Cloud security expertise (AWS / Azure / GCP)
  • Experience integrating security into DevSecOps pipelines
  • Familiarity with MITRE ATT&CK framework

Key Deliverables

  • Enterprise Threat Modelling Framework & multi-quarter roadmap
  • Reference architectures and reusable threat patterns
  • Control validation & assurance framework (KPIs / KRIs)
  • Executive-level briefings and decision support documentation

What our client is looking For

  • A proactive security leader who can drive strategy and execution
  • Someone who can simplify complex security concepts for diverse audiences
  • A problem solver with a customer-first mindset

📩 Interested?

Apply now or reach out directly to discuss this opportunity!

Apply Now
Apply Now

Job Details

Company
KBC Technologies Group
Location
London Area, United Kingdom
Hybrid / Remote Options
Posted