15 of 15 Contract Threat Modelling Jobs in England

World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone … from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: £45ph - £85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern ...

level systems. Define and validate hardening baselines , access control models, logging/monitoring and incident response approaches for HPC platforms. Support risk assessment , threat modelling and vulnerability remediation for HPC services. Platform Engineering & Operations Oversee build, configuration and tuning of HPC operating systems , schedulers and Middleware (eg Slurm … DEFCONs, or HMG Security Policy Framework . Cryptography , data-at-rest/data-in-transit protection in HPC environments. Background in: Scientific computing, modelling & simulation, or data-intensive analytics in Defence/national security. Working closely with researchers, scientists or mission teams to translate requirements into robust technical solutions. ...

/CD and DevSecOps pipelines Secure containerised and Kubernetes-based environments Implement Infrastructure as Code and Policy as Code (Terraform, CloudFormation) Conduct cloud threat modelling, risk assessments and design reviews Ensure compliance with CIS, NIST, GDPR, PCI-DSS and ISO standards Collaborate with engineering, DevOps and security stakeholders ...

maintain security and cloud architecture patterns, principles, and standards Provide security and cloud input into solution designs, technical reviews, and delivery governance Support threat modelling, risk assessments, and security design reviews Advise on secure use of cloud-native services, data platforms, and AI-enabled services Ensure architectures align ...

multi-cloud security standards and reference blueprints (Azure Policy/Initiatives, AWS Control Tower, SCPs) Own security architecture patterns and contribute to HLDs, LLDs, threat models and risk assessments Set assurance and evidence requirements for internal teams and third-party suppliers Establish policy-as-code standards , including exception handling ...

outcomes. About You We're looking for someone with a blend of technical expertise and delivery mindset: Hands-on application security experience: secure coding, threat modelling, SAST/DAST tooling. Strong knowledge of SDLC and CI/CD integration, with experience securing software throughout its lifecycle. Pragmatic, delivery ...

senior stakeholders, and leadership Experience aligning solutions to: Enterprise reference architectures Security principles, standards, and patterns 3. Governance, Risk & Regulatory Alignment Strong experience in: Threat modelling Security assessments feeding into design Ability to map: Policy control implementation evidence Experience designing solutions aligned to regulatory frameworks (explicitly mentions DORA … across: Security Infrastructure Platforms Application teams Acts as a security SME and consultant , not just a designer 5. Tooling & Documentation (Mandatory but Supporting) Architecture modelling tools: BizzDesign, Archi, UML (at least one) Delivery tooling: Jira (task & project management) Confluence (formal documentation) Excellent written documentation skills (this is strongly emphasised ...

through to commissioning and in-service support. ?? Role Overview You will act as the cyber security assurance lead, providing technical leadership across: ?? Security architecture ?? Threat & risk assessment ?? Standards & compliance ?? Security testing & validation ?? Assurance documentation You'll work closely with product, delivery, and customer security teams to ensure security … support) ?? Engage with customer security teams to align on strategy, assurance, and risk appetite ?? Define security requirements and design secure architectures (zones & conduits) ?? Perform threat modelling and risk assessments; define appropriate controls ?? Define and oversee security testing, including FAT, SAT, and penetration testing ?? Assess third-party components against ...

Design and own end-to-end security architectures aligned with MOD and defence standards Provide security assurance across system designs, solutions, and integrations Conduct threat modelling, risk assessments, and security design reviews Ensure compliance with relevant frameworks including JSP 440, JSP 604, NIST, ISO 27001, and MOD security ...

sensitivity of the work. Key Responsibilities Provide information security and assurance advice across defence systems and programmes Support security risk assessments, threat modelling, and mitigation planning Ensure compliance with MOD security policies and frameworks including JSP 440, JSP 604, ISO 27001, NIST Contribute to accreditation and assurance activities ...

connectors, and Copilot Studio bots Establish reference architectures and reusable patterns for role-based security, data design, integration, eventing, and observability Lead architecture reviews, threat modeling, and solution design approvals; produce HLD/LLD, sequence diagrams, deployment topologies, and data models Integration & Data Architect secure integrations with Azure services ...

security testing including SAST, DAST, and penetration testing. Understanding of authentication and authorization frameworks (OAuth, JWT, SAML) and familiarity with secure coding practices and threat modelling Experience in test automation tools, frameworks, and practices. The successful candidate will have experience working in a fast-paced and multi-vendor ...

Secure by Design discovery and assessment activities across digital services Identify security risks, constraints, and dependencies, and translate these into clear, prioritised recommendations. Facilitate threat modelling and risk workshops with multidisciplinary teams. Define pragmatic security control expectations aligned to service risk and context. Produce concise written outputs that ...

microservices (e.g., Kubernetes, Docker) Build and integrate security solutions for DevSecOps pipelines and collaborate with cross-functional teams to deploy them globally Perform threat modeling for cloud-based workloads and develop corresponding countermeasures Review and assess new third-party cloud and on-premises solutions to identify potential security risks … GitHub Hands-on experience with Infrastructure as Code (IaC) and Policy as Code (PaC) technologies, including Terraform and CloudFormation Demonstrated skills in cloud threat modeling and architectural assessment using tools like IriusRisk Strong knowledge of compliance benchmarks (e.g., CIS, GDPR, PCI-DSS, ISO standards) and industry cloud security standards ...

modules), and network segmentation for hybrid environments. DevSecOps: Integrating SAST/DAST tools into CI/CD pipelines and automating compliance checks. Security Documentation Threat Modeling: Using frameworks to identify risks in legacy-to-modern transitions. Security Control Sets: Defining controls for data encryption, access management, and audit logging … functional teams (developers, ops, risk owners) to align security with business objectives. Risk Appetite Management: Balancing security requirements with project timelines and budgetary constraints. Threat assessments and risk registers. Security Controls Statement of Applicability . Pre- and post-ITHC compliance reports. UK Government Experience: - Preferred to have 3 years ...