1 to 25 of 36 Contract Threat Modelling Jobs in England

product teams to ensure security is integrated into design and development activities. Provide architectural guidance across agile sprints and feature releases. Security Risk & Threat Analysis Conduct threat modelling independently across application and platform designs. Perform risk assessments to identify vulnerabilities and architectural weaknesses. Design appropriate security controls … Practice, supporting the maturity of the clients security architecture capability. Help identify capability gaps and support the development of consistent approaches across teams, including: Threat modelling frameworks Secure development lifecycle practices Security architecture standards Provide ad-hoc security architecture support across other programmes where needed. Essential Skills & Experience ...

appetite, and regulatory requirements. Solution Delivery : Provide architectural guidance during project lifecycle (HLD/LLD), review designs, and ensure solutions meet security requirements. Risk & Threat Management : Conduct threat modelling, assess vulnerabilities, and ensure appropriate mitigating controls are designed and implemented. Governance & Standards : Define and maintain security policies …/LLD, patterns, data flows). Hands on understanding of cloud environments (Azure/AWS/GCP), networks, applications, and data protection. Familiarity with threat modelling, risk assessment, and regulatory compliance. Excellent communication skills, able to explain complex security topics to technical and non-technical audiences. Technical standards ...

/Hybrid/Remote The ideal candidate will have an active Security clearance and a strong background in Cyber Security Assurance within a high-threat government environment. Skills and experience. Experience in producing GovAssure and Secure-By-Design assessments, including Risk Assessment Papers, Risk Treatment Plans, Risk Business Cases … Management Plans. Knowledge and experience with security architecture and Security Information and Event Management (SIEM) tools, such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable knowledge of cybersecurity frameworks and standards, including ...

secure architecture patterns across cloud, infrastructure, applications, and data platforms. Provide architectural security guidance throughout the project lifecycle , including HLD and LLD reviews. Conduct threat modelling, vulnerability assessments, and risk analysis , ensuring appropriate mitigation strategies. Define and maintain security standards, policies, and guardrails aligned to regulatory obligations such … high-quality architecture documentation (HLD, LLD, security patterns, data flows). Hands-on understanding of cloud environments (Azure, AWS, or GCP) . Knowledge of threat modelling, risk assessment, and regulatory compliance frameworks . Strong communication skills with the ability to explain complex security concepts to both technical ...

teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. Rationale/deliverables: Contribute … enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team Key Responsibilities Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps , especially around ...

delivery without owning build or operations. Key Responsibilities Attend regular project and design meetings to understand requirements and delivery milestones. Perform initial and iterative threat modelling for new features, integrations, and architectural changes. Advise on secure architecture design, including IAM, network segmentation, encryption, and data protection. Recommend … being consistently applied. Essential Experience Proven experience as a Security Architect or senior cyber security consultant in digital delivery environments. Strong Secure by Design, threat modelling, and risk-based security expertise. Experience advising product teams in agile, cloud-based delivery contexts. Confident engaging with architects, developers, and delivery ...

associated guidelines. Ensuring alignment of security risk assessments to UK Defence policies and standards, such as GovS 007: Security and DEFSTAN norms. Performing threat modelling and assessment utilising STRIDE-LM and MITRE ATT&CK frameworks, integrating results into risk assessment reports. Conducting Business Resilience and Single Point … NIST guidelines like 800-30 and 800-53. Solid understanding and experience with UK Defence security frameworks and relevant policies. Experience in conducting threat modelling and assessments using frameworks such as MITRE ATT&CK and STRIDE-LM. Experience in reconciling information security risk against critical asset ...

help embed secure development practices across their software and related hardware products. Youll work closely with engineers and leadership to drive secure SDLC, lead threat modelling, assess vulnerabilities, and support alignment with the EU Cyber Resilience Act. Key experience: Product Security/Application Security/Secure SDL Familiarity … with threat modelling and vulnerability assessments Good understanding of software principles Secure coding principles/OWASP Ability to engage with software teams and speak their language Hands-on, engineering-facing role with real influence across product development. ...

define and implement the reference architectures, toolchains and technical baselines that enable end-to-end traceability across the Digital Thread - from security objectives and threat modelling through to verification, validation and assurance evidence. This role replaces document-centric practices with authoritative, model-based security engineering across the full … product lifecycle. Key Responsibilities Deliver and continuously improve Product Security digital toolchains, including: Threat & risk modelling (STRIDE, STPA-Sec, TARA, attack trees) Security requirements & controls modelling SBOM & vulnerability management Cryptography & key management governance Configuration/change control Verification & validation orchestration Security/assurance case evidence Define Product ...

define and implement the reference architectures, toolchains and technical baselines that enable end-to-end traceability across the Digital Thread - from security objectives and threat modelling through to verification, validation and assurance evidence. This role replaces document-centric practices with authoritative, model-based security engineering across the full … product lifecycle. Key Responsibilities Deliver and continuously improve Product Security digital toolchains, including: Threat & risk modelling (STRIDE, STPA-Sec, TARA, attack trees) Security requirements & controls modelling SBOM & vulnerability management Cryptography & key management governance Configuration/change control Verification & validation orchestration Security/assurance case evidence Define Product ...

Responsibilities Design end-to-end API security architecture across cloud and on-premise environments. Define API security standards covering authentication, authorization, encryption, and threat protection. Lead architectural reviews, threat modelling, and risk assessments for API integrations. Select, architect, and optimize API gateways, WAFs, and security controls. Develop … patterns). Nice to Have Certifications: CISSP, CCSP, GIAC, SABSA. Experience with DevSecOps, container security, and microservices architecture. Knowledge of SIEM, API analytics, and threat intelligence. ...

privileged access Experience with network security, encryption, key management, and secure connectivity Knowledge of application security principles, including secure APIs, data protection, and threat modelling Experience designing for security resilience. Desirable Skills: Hands-on experience with cloud security services and tooling (e.g. AWS Security Hub, Azure Defender, Sentinel ...

World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone … from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern ...

industries Ability to produce high-quality architectural documentation Confidence engaging with senior stakeholders and regulatory bodies Familiarity with NIST, SANS, ITU frameworks Experience in threat modelling, risk assessment, and audit engagement Technical areas you'll influence: Application security & secure SDLC Network/app segmentation & micro-segmentation Zone-based … architectures and secure legacy migration WAAP, NGFW, NIDS/NIPS, DDoS protection API gateways, reverse proxies, AuthN/AuthZ Architecture modelling tools (BizzDesign, Archi, UML) Working across hybrid legacy and modern networking landscapes Preferred qualifications: Degrees in Cybersecurity, Computer Science, Software Engineering, or related fields Architecture certifications such ...

Architecture & Design Define and review secure architectures across enterprise IT and OT environments. Act as technical authority for secure system design and implementation. Lead threat modelling, risk assessments, and security design reviews. Ensure compliance with defence security standards and secure-by-design principles. Security Assurance & Governance Deliver independent ...

solution patterns, integration approaches, and technical standards across the programme. Ensure security-by-design principles are embedded, including IAM, data protection, encryption standards, and threat modelling. Oversee integration architectures across APIs, data pipelines, cloud platforms, microservices, and third-party systems. Act as final approver for technical design decisions, architectural ...

months Pay Rate: £426 per day Inside IR35 Role Description: "The Application Security Specialist ensures secure software development, secure design, code review, and threat modelling across the application life cycle. Responsibilities Perform secure code reviews, SAST/DAST analysis, and threat modelling. Support DevSecOps integration including ...

security practices across CI/CD and operational environments. Experience required: Hands on experience working with SIEM technologies and security monitoring Awareness of modern threat models (eg. MITRE ATT&CK) Understanding of CI/CD pipelines and security controls within DevOps environments Building and maintaining SOC detections ...

security team of a major organisation. You will assess and strengthen the security of applications across development, deployment, and operations. Responsibilities: Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST ...

/IPS Proxy services SIEM/SOAR integrations Define and assure non-functional requirements (availability, scalability, performance, security, operability) Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned with governance standards (e.g. NIST, ISO 27001) 3. Engineering Quality, Automation & DevSecOps Make automation the default through security ...

services + maintaining a strong security culture. Investigating security incidents and breaches, performing vulnerability scans for releases, vulnerability risk assessments + remediation planning. Conducting threat modelling to identify risks and inform secure design decisions. Providing assurance over patching operations, release notes + change management activities. Assessing external threat ...

What you'll do: • Applying Agile methodologies to support engineers and deliver on multiple challenging product initiatives simultaneously, driving engineering excellence. • Threat model by deconstructing technical solutions, identifying threats and vulnerabilities and assessing risks. • Use experience to analyse the risks and benefits of design options to support making safe … technologies including Cloud and AI • Exposure to contemporary architectures eg. RESTful APIs and containerised microservices. • Up-to date on emerging threats and experienced with threat modelling frameworks eg. STRIDE/MITRE ATT&CK. • Significant knowledge of cyber security domains and how they apply to Enterprise business environments eg. ...

role with no trackside/site access required. Key Responsibilities Cybersecurity Governance & Assurance Produce and maintain: Cyber Security Management Plans (CSMP) Risk assessments and threat models Assurance and compliance documentation Control framework mappings Align artefacts to client standards (TfL/Network Rail) and industry frameworks Support continual improvement … quality oversight to junior engineers/graduate staff Essential Experience Cybersecurity governance & assurance in enterprise or critical infrastructure environments Proven delivery of: Risk assessments Threat modelling Cyber security management documentation Control framework mapping Strong knowledge of ISO/IEC 27001 and IEC 62443 Solid understanding of network architecture ...

looking for an Application Security Specialist to assess and strengthen the security of applications across development, deployment, and operations. Key Responsibilities Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST ...

looking for an Application Security Specialist to assess and strengthen the security of applications across development, deployment, and operations. Key Responsibilities Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST ...