16 of 16 Contract Threat Modelling Jobs in London

an ad-hoc basis until the move has been completed Maintain Nessus vulnerability management, update systems, run scans and provide reports Cover email security using Mimecast Enterprise Real world threat modelling and incident response (mainly L3/L4 when required) Make suggestions and influence various areas of the business/group from a security perspective Automate tasks and … ideal) Microsoft Defender for EDR/XDR/MDR Nessus for vulnerability management Mimecast for email security SCCM/Intune for patch management L3/L4 Incident Response experience Threat Intelligence/modelling experience Automating tasks using PowerShell, Python etc What’s in it for you? In return you’ll be joining a well established organisation at an More ❯

of Azure and Microsoft 365 cloud security controls and best practices. Deep understanding of cloud security architecture , the shared responsibility model, and infrastructure-as-code security principles. Experience with threat modelling, incident response, and forensic analysis in cloud environments. Familiarity with container security, Kubernetes, and hybrid or multi-cloud deployments is advantageous. Preferred certifications: Google Professional Cloud Security More ❯

and services. Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS). Knowledge of security technologies such as firewalls and web proxies; experience with ZTNA, CTI, and threat modelling is beneficial. Excellent communication and interpersonal skills. Ability to work effectively in a team-oriented environment. Strong problem-solving and analytical skills. Capacity to manage multiple projects More ❯

best practices, and support enterprise-wide Azure security initiatives. Key Responsibilities Design and implement secure architectures within Microsoft Azure, ensuring alignment with business and compliance requirements. Conduct Azure-specific threat modelling, risk assessments, and security reviews across infrastructure and applications. Collaborate with cloud engineering, DevOps, and compliance teams to embed security into the Azure development lifecycle. Define and More ❯

RAG pipelines, agentic workflows and document intelligence systems Embed cybersecurity and data privacy controls across all AI workflows (e.g., encryption, anonymisation, access logging) Collaborate with the CISO function on threat modeling, security reviews, and AI-specific control design. Integrate with enterprise IAM systems, enforcing RBAC, least privilege Conduct vulnerability scans, pen-test remediation, and support internal and regulatory audits More ❯

RAG pipelines, agentic workflows and document intelligence systems Embed cybersecurity and data privacy controls across all AI workflows (e.g., encryption, anonymisation, access logging) Collaborate with the CISO function on threat modeling, security reviews, and AI-specific control design. Integrate with enterprise IAM systems, enforcing RBAC, least privilege Conduct vulnerability scans, pen-test remediation, and support internal and regulatory audits More ❯

and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills Expertise in detection engineering, threat hunting, or a related Cyber Security field. Proficiency in Sentinel, KQL, XDR and Splunk is required. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and/or cloud-native security services (e.g. AWS GuardDuty … GCP Chronicle). Ability to create and iterate on detection content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

cybersecurity and data privacy controls across all AI workflows, including encryption, anonymisation, and access logging. Collaborate with CISO: Work closely with the Chief Information Security Officer (CISO) function on threat modelling, security reviews, and AI-specific control design. Enterprise Integration: Integrate with enterprise Identity and Access Management (IAM) systems, enforcing Role-Based Access Control (RBAC) and least privilege More ❯

cybersecurity and data privacy controls across all AI workflows, including encryption, anonymisation, and access logging. Collaborate with CISO: Work closely with the Chief Information Security Officer (CISO) function on threat modelling, security reviews, and AI-specific control design. Enterprise Integration: Integrate with enterprise Identity and Access Management (IAM) systems, enforcing Role-Based Access Control (RBAC) and least privilege More ❯

of experience in cloud or information security. Proven experience securing Google Cloud Platform (GCP) environments. Strong understanding of cloud security principles and native controls. Experience with incident response and threat modelling. Relevant certifications such as: Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) Key Attributes Strong verbal and written communication skills. More ❯

of experience in cloud or information security. Proven experience securing Google Cloud Platform (GCP) environments. Strong understanding of cloud security principles and native controls. Experience with incident response and threat modelling. Relevant certifications such as: Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) Key Attributes Strong verbal and written communication skills. More ❯

practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management).* Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices.* Advise on threat modeling, risk assessments, and vulnerability management.* Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).* Develop and enforce security policies, standards, and best More ❯

services and best practices. Solid understanding of cloud security principles, including shared responsibility model, cloud native security controls, and infrastructure as code security. Experience with security incident response and threat modelling. Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) This is very much a hands-on role requiring GCP and Azure More ❯

services and best practices. Solid understanding of cloud security principles, including shared responsibility model, cloud native security controls, and infrastructure as code security. Experience with security incident response and threat modelling. Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) This is very much a hands-on role requiring GCP and Azure More ❯

Business to identify and mitigate risks. Translate complex technical risks into business-friendly language for executive audiences. Improve and evolve security risk assessment methodologies for advanced AI systems. Develop threat models and propose compensatory controls. Present findings to internal governance groups and help shape AI risk frameworks. Required Skills & Experience 10+ years of professional experience, including demonstrable AI/ More ❯

and the measurement of controls. Experience of IT Security documentation (policies, standards, processes, procedures and patterns). Experience of IT Health Check and Vulnerability Assessments Experience of risk and threat modelling. Qualifications: accreditation/assurances CISM/XCCP/ISO 27001 To apply, please submit your most recent CV for review. More ❯