1 to 25 of 75 Permanent Threat Modelling Jobs in England

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

engineering teams to embed automated security testing and guardrails into development workflows. Define, implement, and maintain secure development standards, including secure coding guidelines, threat modelling practices, and minimum-security requirements for applications and APIs. Partner with engineering, platform, and product teams to embed secure-by-design principles into … development team, providing hands-on technical leadership across design, development, and operation. Perform deep-dive security activities for the team, including threat modelling, code-level reviews, and vulnerability triage/remediation support. Oversee and coordinate third-party application security reviews, ensuring consistent assessment standards and effective risk management ...

engineering teams to embed automated security testing and guardrails into development workflows. Define, implement, and maintain secure development standards, including secure coding guidelines, threat modelling practices, and minimum-security requirements for applications and APIs. Partner with engineering, platform, and product teams to embed secure-by-design principles into … development team, providing hands-on technical leadership across design, development, and operation. Perform deep-dive security activities for the team, including threat modelling, code-level reviews, and vulnerability triage/remediation support. Oversee and coordinate third-party application security reviews, ensuring consistent assessment standards and effective risk management ...

risks and benefits of competing Security design options. Comfortable working on multiple challenging projects simultaneously. Mandatory skills Experience require with security consultancy delivery (e.g. threat modelling, secure design, driving decisions) Experience with cloud-native platforms and modern architectures Developing a more security-led perspective, rather than primarily infrastructure … practical application Gaining further exposure to security standards and regulatory frameworks (e.g. PCI DSS, data protection) Strengthening end-to-end security design capability (e.g. threat modelling, control coverage) Providing clearer examples of individual contribution and ownership in security decisions Any experience of these would be really useful Awareness ...

primary security resource for development teams, providing technical advice on vulnerability fixes and secure coding practices (e.g., adherence to the OWASP Top 10). Threat Modelling: Conduct formal threat modelling exercises for new features and application architectures to proactively identify and mitigate design flaws. B. Systems ...

primary security resource for development teams, providing technical advice on vulnerability fixes and secure coding practices (e.g., adherence to the OWASP Top 10). Threat Modelling: Conduct formal threat modelling exercises for new features and application architectures to proactively identify and mitigate design flaws. B. Systems ...

architectures aligned to business and technical requirements. Collaborate with multidisciplinary teams to ensure security considerations are embedded across the entire delivery lifecycle. Conduct security threat modelling, risk assessments, and security architecture reviews for critical systems and services. Develop and maintain security reference architectures, standards, principles, and best practices. … Security Architect within Central Government, Defence, or highly regulated environments. Strong understanding of enterprise security architecture principles, methodologies, and frameworks. Hands-on experience performing threat modelling, security risk assessments, and secure solution assurance. Experience designing secure cloud and hybrid architectures using Microsoft Azure and/or AWS. Strong ...

cloud infrastructures. Contribute to blogs and research within the business community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

capabilities (eg SAST, DAST, SCA, container and cloud security tooling) Define and implement secure engineering standards, including secure coding, infrastructure-as-code security, and threat modelling practices Partner with Vulnerability Management and broader security teams to ensure effective identification, prioritisation, and remediation of risks in line with agreed … DevSecOps environments Experience embedding security into CI/CD pipelines (eg using AWS, Azure, or GitHub-based workflows) Strong knowledge of secure development practices, threat modelling, and vulnerability management Solid understanding of modern software engineering practices and cloud-native architectures Why Join? Be part of a long-term ...

capabilities (eg SAST, DAST, SCA, container and cloud security tooling) Define and implement secure engineering standards, including secure coding, infrastructure-as-code security, and threat modelling practices Partner with Vulnerability Management and broader security teams to ensure effective identification, prioritisation, and remediation of risks in line with agreed … DevSecOps environments Experience embedding security into CI/CD pipelines (eg using AWS, Azure, or GitHub-based workflows) Strong knowledge of secure development practices, threat modelling, and vulnerability management Solid understanding of modern software engineering practices and cloud-native architectures Why Join? Be part of a long-term ...

deployment/integration of security capabilities into engineering teams within the product domain. • You will drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., with the engineering teams. • Reducing friction is paramount and we are all about fast feedback within existing … console for a developer to check. • Support teams in a collaborative manner in matters of mobile application, web application, cloud and data security, with threat modelling, risk treatment and security advice across all security domains. If you can raise a PR to fix a security issue, do so. ...

cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling – Kill Chain – Attack tree analysis. Certifications: AWS/Azure Security Professional, CCSP, CISSP, CISM, CIISEC, UK Cyber Security Council registration (Chartered ...

into complex IT and digital initiatives Advise clients on cyber risk, governance and regulatory compliance frameworks including: ISO 27001 NIST GDPR PCI-DSS Conduct threat modelling and identify security vulnerabilities within solution designs Recommend pragmatic risk mitigation strategies to technical and non-technical stakeholders Support the implementation … IDAM Privileged Access Management (PAM) Single Sign-On (SSO) Network Security Encryption technologies Understanding of infrastructure, architecture methodologies and secure design principles Experience with threat modelling and reference architecture development Excellent stakeholder engagement and communication skills Ability to learn quickly and adapt within fast-paced environments Desirable Experience ...

part of a bigger team, working with a group of a Senior Security Architects and Digital Engineering stakeholders to produce security architecture artifacts, threat modelling, design assurance, and reusable patterns that strengthen the programme’s security posture. Key Responsibilities: You will lead and deliver core security architecture outputs … including: Digital Engineering Security Artifacts and Engagement Report Security Requirements Specification Security Principles Framework Infrastructure Mapping Document & Security Architecture Design Pack Threat Modelling Report Reusable Security Pattern Library Knowledge Transfer Pack (training materials, handover content, recorded walkthroughs) We are looking for someone with: Extensive Security Architecture/Security ...

embed security into lifecycle governance Define and implement a modern DevSecOps tooling strategy (CI/CD, SAST/DAST, SCM, automation) Drive secure coding, threat modelling, and supply chain security practices (SBOM, provenance, signing) Develop KPIs, metrics, and maturity models to track and continuously improve SDLC performance Build … NIST SSDF, OWASP SAMM/ASVS, ISO 27034) Strong understanding of modern engineering practices (Agile, CI/CD, cloud, automation) Expertise in application security, threat modelling, and secure coding standards Experience implementing tooling ecosystems (e.g. SAST, DAST, SCA, pipeline automation) A track record of influencing senior stakeholders ...

guardrails into CI/CD pipelines in partnership with engineering and platform teams. Defining and maintaining secure development standards, secure coding guidelines, and threat-modelling practices. Providing practical, risk-based security guidance to engineering, product, and architecture teams. Working with our Vulnerability Lead to drive identification, triage … into CI/CD pipelines (eg, GitHub, AWS DevOps). Strong understanding of Agile, DevOps, and cloud-native architectures. Practical experience with secure coding, threat modelling, and vulnerability management. Strong problem-solving skills and the ability to prioritise risk in line with business needs. ...

ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. You will need: Strong practical experience in designing and running Identity and Access Management (IAM) solutions within large-scale, complex environments. … Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Ability to define standards, partner cross-functionally (IT, GRC, Engineering), and drive risk reduction through threat modelling, compliance (NIST, ISO, GDPR), and ongoing optimisation of identity systems. Experience working with cloud identity (Azure, AWS, or GCP). What ...

equivalent experience Experience applying cyber security principles across the systems or product engineering lifecycle Knowledge of cyber risk management and vulnerability management Experience with threat modelling frameworks such as MITRE ATT and CK, DEF3ND, or EMB3D Awareness of industrial control systems or operational technology environments Working knowledge … subject to required skills, your application to our client in conjunction with this vacancy only. Key Skills Product Cyber Security Specialist, Cyber Risk Management, Threat Modelling, NIST CSF, Industrial Control Systems, Secure by Design, Defence ...

software, infrastructure, and platform engineering teams to improve security across systems and workflows Contribute across a broad range of security initiatives, including detection, hardening, threat analysis, infrastructure protection, and secure engineering practices Investigate vulnerabilities, suspicious activity, and emerging threats, helping drive remediation and operational improvements Build scalable solutions that … improve visibility, detection quality, and security operations efficiency Support security architecture and threat modelling discussions, helping teams make pragmatic, risk-aware decisions Evaluate new attack techniques, tooling, and security research, translating relevant findings into actionable engineering improvements Help strengthen security awareness and engineering best practices across the wider ...

OEMs, ground handling, avionics suppliers Safety‐critical OT networks and mission‐critical control systems Technical Delivery Perform and/or lead: OT penetration testing Threat modelling and risk assessments Security architecture review for aviation technologies Compliance assessments and gap analyses (Part‐IS, 62443, NIS2 where applicable) Oversee technical … networks, architectures, and protocols Security risk assessment in safety‐critical environments Hands‐on cyber security experience, such as: Penetration testing (OT preferred) Threat modelling Incident response Architecture review Comfortable providing client‐facing advisory services. Experience working in or with regulated environments. Ability to simplify complex cyber concepts ...

quickly. Own the code review culture and provide constructive, educational feedback that raises the bar for everyone. Embed secure coding practices across the team: threat modelling, security testing, and dependency management. Build observability into your systems from the start, covering instrumentation, logging, monitoring, and alerting, so that your … cloud infrastructure. Practical knowledge of cloud platforms (Azure/AWS) and containers (Docker/Kubernetes). Strong security fundamentals across OWASP, secure coding, threat modelling, and security testing. Proven ability to design scalable, maintainable architectures and evolve complex legacy systems. AI-Native Engineering Practice Demonstrable experience using ...

business acquisition-focused role responsible for building pipeline, generating revenue, and winning new customers for cybersecurity services including VAPT, Red Teaming, Product Security, Threat Modelling, and Vulnerability Management. The ideal candidate will have experience selling cybersecurity services or technology solutions and be comfortable engaging with enterprise … tenders, and customer due diligence requests Promote and sell services including: VAPT (Web, Mobile, API, Cloud, Infrastructure) Red Teaming/Adversary Simulation Vulnerability Management Threat Modelling Product Security/Secure SDLC Advisory Develop repeat business and cross-sell opportunities within customer accounts Maintain accurate CRM updates, pipeline forecasts ...

translate complex security risks into clear architectural decisions. A key aspect of the role is the ability to challenge existing designs, conduct architecture assurance, threat modelling, and risk analysis, and provide clear, practical security guidance that can be implemented by engineering teams. The position involves working in highly … methodical approach to problem solving, and the ability to consistently challenge assumptions by asking the right questions (“why” driven mindset). Strong experience in threat modelling, risk assessment, and security architecture assurance is expected, along with the ability to communicate effectively with both technical teams and senior stakeholders. ...