13 of 13 Contract Threat Modelling Jobs in England

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish …/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience ...

highly regulated defence environment. Key responsibilities: • Deliver Secure by Design and cyber security activities across the engineering lifecycle • Conduct cyber security risk assessments and threat modelling activities • Support development of security artefacts including RMADS, SyOPs, risk registers and security management documentation • Participate in Security Working Groups and stakeholder … experience required: • Experience working within defence, aerospace, aviation or highly regulated environments • Strong understanding of Secure by Design principles • Experience with security risk assessments, threat modelling and security assurance • Experience supporting security activities across the engineering lifecycle • Knowledge of MOD and industry security standards/frameworks such ...

competitive salary (Inside IR35) and benefits. Visa sponsorship is not available. You will be responsible for Conducting security assessments of AI solutions, including threat modelling Developing governance frameworks, security standards, and best practice for AI adoption Designing controls for identity, access management, auditability, and human oversight Supporting implementation … injection, jailbreaks, data leakage, poisoning, model extraction/inversion) Strong background in security architecture, IAM, Zero Trust, audit controls, and secure integration Experience in threat modelling and security reviews across complex environments Practical, delivery-focused mindset with ability to enable innovation securely Must have right to work ...

Threat & Adversarial AI Expert 6 Months Contract + Extension London Based 2 days in the office £500 to £600 a day Inside IR35 A pioneering financial institution is seeking an experienced Threat & Adversarial AI Expert to join their cybersecurity team. You will act as the primary architect … safety for the firm's generative AI ecosystem, ensuring agentic capabilities remain resilient against an evolving global threat landscape. As a Threat AI Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE ...

architectural governance artefacts. Ensure designs align with NCSC guidance , industry best practices (e.g., CIS Benchmarks), and organisational policy. Security Assurance Conduct security assessments and threat modelling against containerised and virtualised workloads. Validate platform configurations against security baselines, compliance frameworks, and risk appetite. Provide expert guidance during project delivery ...

developer platforms (IDPs), or technical enablement teams Experience in a highly regulated industry (e.g., Aerospace & Defence, Finance, Critical Infrastructure) Exposure to secure coding practices, threat modelling, and secure-by-design approaches Experience leading hybrid delivery teams (e.g., internal and external/partner teams) Familiarity with ITSM and incident ...

that will fundamentally change how their Application Security is Delivered within the SDLC. Early Phases of the Programme have already defined the Target Architecture, Threat Model & Prompt Engineering Strategy . The Next Stage is to Transform this Foundation into a Production - Grade Capability Used Daily by Engineering Teams , enabling … Agent Behaviours Policy Frameworks & Guardrails Tool Schemas & Execution Constraints Implement Protections Against: Prompt Injection Jailbreak Attempts Unsafe Tool Execution Ensure Alignment with Defined AASA Threat Model & Governance Standards Evaluation, Metrics & Assurance: Build & Maintain a Full Evaluation Framework , including: Golden Datasets & Regression Test Suites Precision/Recall Measurement for Vulnerability ...

GitHub Actions, GitLab CI, Jenkins), integrating security gates • Cloud & infra: on‐prem, cloud (AWS/Azure/GCP), hybrid architectures, SaaS evaluation • Security architecture: threat modelling, policy design, compliance (e.g. banking controls) • Programming ecosystem knowledge: Python/R packaging (pip, conda, CRAN), dependency management • Delivery: solution design, build ...

Experience working in enterprise cloud environments (Azure, AWS, GCP). Experience building cloud infrastructure and using cloud IaC tooling (Terraform, Cloudformation, BICEP) Experience in threat modelling, security reviews and testing. Proficiency in scripting languages: PowerShell, Bash, Python and behaviour-driven design Strong familiarity with security standards, security controls ...

operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority ...

Frameworks: Develop metrics and continuous testing for core AI risks, including hallucinations, memorisation, algorithmic bias, uncertainty, and model drift . Regulatory Compliance Evidence: Map threat models (OWASP LLM Top 10, Agentic threats) to automated test cases. Produce the technical testing evidence required by EU AI Act Article 15 , DORA ...

Frameworks: Develop metrics and continuous testing for core AI risks, including hallucinations, memorisation, algorithmic bias, uncertainty, and model drift . Regulatory Compliance Evidence: Map threat models (OWASP LLM Top 10, Agentic threats) to automated test cases. Produce the technical testing evidence required by EU AI Act Article 15 , DORA ...