13 of 13 Contract Threat Modelling Jobs in the North West

Responsibilities Design end-to-end API security architecture across cloud and on-premise environments. Define API security standards covering authentication, authorization, encryption, and threat protection. Lead architectural reviews, threat modelling, and risk assessments for API integrations. Select, architect, and optimize API gateways, WAFs, and security controls. Develop … patterns). Nice to Have Certifications: CISSP, CCSP, GIAC, SABSA. Experience with DevSecOps, container security, and microservices architecture. Knowledge of SIEM, API analytics, and threat intelligence. ...

Architecture & Design Define and review secure architectures across enterprise IT and OT environments. Act as technical authority for secure system design and implementation. Lead threat modelling, risk assessments, and security design reviews. Ensure compliance with defence security standards and secure-by-design principles. Security Assurance & Governance Deliver independent ...

solution patterns, integration approaches, and technical standards across the programme. Ensure security-by-design principles are embedded, including IAM, data protection, encryption standards, and threat modelling. Oversee integration architectures across APIs, data pipelines, cloud platforms, microservices, and third-party systems. Act as final approver for technical design decisions, architectural ...

months Pay Rate: £426 per day Inside IR35 Role Description: "The Application Security Specialist ensures secure software development, secure design, code review, and threat modelling across the application life cycle. Responsibilities Perform secure code reviews, SAST/DAST analysis, and threat modelling. Support DevSecOps integration including ...

security team of a major organisation. You will assess and strengthen the security of applications across development, deployment, and operations. Responsibilities: Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST ...

/IPS Proxy services SIEM/SOAR integrations Define and assure non-functional requirements (availability, scalability, performance, security, operability) Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned with governance standards (e.g. NIST, ISO 27001) 3. Engineering Quality, Automation & DevSecOps Make automation the default through security ...

looking for an Application Security Specialist to assess and strengthen the security of applications across development, deployment, and operations. Key Responsibilities Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST ...

looking for an Application Security Specialist to assess and strengthen the security of applications across development, deployment, and operations. Key Responsibilities Conduct security reviews, threat modelling, and vulnerability assessments. Support secure coding practices and provide guidance to development teams. Operate security scanning tools (SAST/DAST/IAST ...

spoke, firewalls, private endpoints, and micro-segmentation. Oversee policy implementation through Azure Policy, Defender for Cloud, RBAC, Conditional Access, and security baselines. Conduct threat modelling, risk assessments, and architectural reviews. Guide engineering teams on hardening patterns, remediation activities, and secure deployment practices. Ensure alignment with compliance standards ...

spoke, firewalls, private endpoints, and micro-segmentation. Oversee policy implementation through Azure Policy, Defender for Cloud, RBAC, Conditional Access, and security baselines. Conduct threat modelling, risk assessments, and architectural reviews. Guide engineering teams on hardening patterns, remediation activities, and secure deployment practices. Ensure alignment with compliance standards ...

management integration, micro-segmentation strategies, and continuous verification principles. Skilled in managing network security product backlog prioritized based on risk assessment, business value, and threat landscape, with deep collaboration with security operations, infrastructure, and compliance teams. Strong understanding of API-level integration between security platforms and orchestration systems. Previous … principles, Software[1]Defined Perimeter (SDP), identity-aware proxy architectures, 802.1X authentication, certificate-based authentication, policy-based access control, stateful/stateless firewall technologies, threat intelligence integration, and network segmentation strategies. Expertise in security policy modelling, documentation of end-to-end security workflow specifications (e.g., threat models ...

regulatory requirements. You will work closely with security operations, infrastructure, architecture, and compliance teams to prioritise delivery based on risk, business value, and evolving threat landscapes. Key Responsibilities Product Strategy & Vision Define and communicate a clear network security product vision aligned with Zero Trust architecture, governance frameworks, and regulatory … Access Control (NAC) Next-Generation Firewalls (NGFW) IDS/IPS platforms SIEM integrations Support deployments across physical, virtual, and cloud environments. Document security architectures, threat models, control frameworks, and policy workflows aligned to industry standards. Required Technical Expertise Strong understanding of network security fundamentals and Zero Trust architectures. Experience ...

projects and ensuring a secure environment for the organisation and its customers. Key Responsibilities: Apply Agile methodologies to deliver multiple security initiatives simultaneously. Perform threat modeling , identify vulnerabilities, and assess risks in technical solutions. Support safe architectural decisions and design secure solutions with clear controls. Define security testing requirements … knowledge of cybersecurity domains : endpoint, network, cryptography, IAM. Exposure to modern enterprise technologies , including Cloud and AI. Experience with RESTful APIs, containerized microservices, and threat modeling frameworks (e.g., STRIDE, MITRE ATT&CK). Dynamic, solution-oriented, and able to work under pressure. Desirable: Awareness of industry security standards ...