17 of 17 Contract Threat Modelling Jobs in the UK excluding London

architectures aligned to business and technical requirements. Collaborate with multidisciplinary teams to ensure security considerations are embedded across the entire delivery lifecycle. Conduct security threat modelling, risk assessments, and security architecture reviews for critical systems and services. Develop and maintain security reference architectures, standards, principles, and best practices. … Security Architect within Central Government, Defence, or highly regulated environments. Strong understanding of enterprise security architecture principles, methodologies, and frameworks. Hands-on experience performing threat modelling, security risk assessments, and secure solution assurance. Experience designing secure cloud and hybrid architectures using Microsoft Azure and/or AWS. Strong ...

standardise assessments across platforms. Conduct comprehensive platform security reviews (build systems, CI/CD pipelines, runtime infrastructure, developer tooling) against defined framework criteria. Perform threat modelling and gap analysis, identifying vulnerabilities and systemic risks impacting source code, artifacts, and workloads. Engineering Platform Security Enablement Establish standardised secure architecture … security controls. Strong knowledge and understanding of service mesh, cryptography, network security, application security, vulnerability management, and risk management. Demonstrable ability to conduct threat modelling, platform security assessments, and gap analysis. Experience building and implementing maturity models, frameworks, or roadmaps in complex enterprise environments. Strong stakeholder management skills ...

strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish …/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience ...

highly regulated defence environment. Key responsibilities: • Deliver Secure by Design and cyber security activities across the engineering lifecycle • Conduct cyber security risk assessments and threat modelling activities • Support development of security artefacts including RMADS, SyOPs, risk registers and security management documentation • Participate in Security Working Groups and stakeholder … experience required: • Experience working within defence, aerospace, aviation or highly regulated environments • Strong understanding of Secure by Design principles • Experience with security risk assessments, threat modelling and security assurance • Experience supporting security activities across the engineering lifecycle • Knowledge of MOD and industry security standards/frameworks such ...

Threat & Adversarial AI Expert 6 Months Contract + Extension London Based 2 days in the office £500 to £600 a day Inside IR35 A pioneering financial institution is seeking an experienced Threat & Adversarial AI Expert to join their cybersecurity team. You will act as the primary architect … safety for the firm's generative AI ecosystem, ensuring agentic capabilities remain resilient against an evolving global threat landscape. As a Threat AI Expert, you will lead the organisation's Generative AI security strategy. Key responsibilities include: Advanced Threat Modelling: Leading structured sessions using STRIDE ...

IR35 Active SC Clearance Required Core Responsibilities Design and maintain secure architecture frameworks for enterprise systems across cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define and enforce security standards, reference architectures, and policy controls aligned ...

THROUGH UMBRELLA Role Description: "Core Responsibilities: Develop and maintain secure architecture frameworks for enterprise-grade systems, including cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and security gap analyses across infrastructure and application layers Define security standards, reference architectures, and policy controls based on industry … ensure secure software development lifecycles (SSDLC) Lead strategic initiatives in incident response planning, detection and mitigation strategies, and digital forensics Monitor advancements in threat intelligence and regulatory requirements, advising stakeholders on appropriate countermeasures Produce and maintain architectural documentation, ensuring traceability of security controls and compliance obligations Experience: Demonstrated experience ...

architectural governance artefacts. Ensure designs align with NCSC guidance , industry best practices (e.g., CIS Benchmarks), and organisational policy. Security Assurance Conduct security assessments and threat modelling against containerised and virtualised workloads. Validate platform configurations against security baselines, compliance frameworks, and risk appetite. Provide expert guidance during project delivery ...

change control procedures Experience designing or reviewing secure software supply chain and CI/CD security . Ability to interpret CVEs, CVSS scores, and threat intelligence feeds. Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists. Excellent written … technical security reports for assurance cycles Support compliance audit evidence packs (GovAssure/CAF, CE+, ISO 27001) Develop or update security standard documents (e.g. threat modelling, vulnerability mgmt) Support cyber input for IT, research or OT programmes Work with IT teams to co-author and test secure configuration ...

Embed Secure by Design principles across system and solution delivery Conduct security design reviews and provide risk-based recommendations Support development of: Security architectures Threat models and risk assessments Security design documentation Ensure alignment with MOD and UK Government security standards Work with architects and delivery teams to integrate … Experience Proven experience implementing Secure by Design within MOD, Defence, or Government environments Strong background in security architecture and secure system design Experience conducting threat modelling and security risk assessments Knowledge of: NCSC Secure by Design guidance ISO 27001 or equivalent frameworks Secure SDLC methodologies Experience working within ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false positives through tuning … understanding of log formats (JSON, syslog, XML, CEF, etc.) and ingestion technologies (Syslog, API, Event Hubs, Kafka, Agents). Practical knowledge of detection engineering, threat modelling, and attacker behaviour analysis. Experience building and tuning correlation rules, searches, and dashboards. Familiarity with SOAR platforms and automation workflows. Security Knowledge ...

security patterns. Inputting into High-Level Designs (HLDs) and Low-Level Designs (LLDs) with explicit security controls. Conducting threat modelling (STRIDE, attack trees, kill chain analysis). Identifying and documenting security requirements for systems, networks, and cloud services. Ensuring designs meet classification requirements Security Controls & Patterns Advising ...

IR35 Active SC Clearance Required Core Responsibilities Design and maintain secure architecture frameworks for enterprise systems across cloud, on-premises, and hybrid environments Conduct threat modelling, risk assessments, and se click apply for full job details ...

assessment, remediation) Implement risk-based security solutions aligned to enterprise standards Work closely with infrastructure, application and OT teams to embed security controls Support threat modelling, secure design, and Zero Trust frameworks Key Skills & Experience: Strong experience as a Security Architect/Cybersecurity Architect Proven expertise in vulnerability ...

monitoring. Experience leading data security roadmaps from current to target state, identifying required capabilities, technology changes, dependencies, risks, and timelines. Expertise performing data-focused threat modelling (e.g. STRIDE, MITRE ATT&CK, DREAD) to identify risks and recommend architectural mitigations. Excellent advisory skills with the ability to provide architectural ...

early-stage scoping and risk assessment activities for new and evolving services. Interpret security policies, standards, and accreditation requirements to define appropriate controls. Conduct threat modelling and risk assessments to identify and mitigate vulnerabilities. Review solution architecture and detailed designs to ensure alignment with security requirements. Maintain … assessment within enterprise-scale digital environments. Proven track record of contributing to the secure delivery of new digital services. Good understanding of current cyber threat landscape, security standards, and best practice. Experience working within agile delivery teams alongside internal stakeholders and third-party suppliers. Ability to take ownership ...

guidance to digital transformation projects. Activities will cover cyber security and risk throughout service lifecycle. Key Responsibilities Be aware of the current cyber threat landscape and industry best practices and standards. Support initial scoping and risk assessment of a change project. Interpret security best practice and accreditation requirements … determine security requirements Adapt existing cyber security standards and controls to fit specific change projects Carry out threat modelling and risk assessments Review high- and low-level designs drafted by solution architects. Maintain a security design assessment for new services Carry out basic hands-on security assessments (e.g. ...