9 of 9 Permanent Threat Modelling Jobs in the North of England

productivity. Mentor senior engineers and influence technical leaders across the organisation. Secure-by-Design & Compliance Embed secure-by-design principles into architectural decisions. Ensure threat modelling is performed for new features and major changes. Champion secure coding standards and integration of security testing into the delivery pipeline. Collaborate … delivery of product capabilities. Strong background in cloud-native architectures (microservices, event-driven, distributed systems). Deep understanding of secure-by-design principles, threat modelling, cryptography basics, and modern security practices. Experience with API design, integration patterns, and domain-driven design (DDD) and Event Driven Design. Ability ...

identity management (e.g., Entra ID), and secure application development. Deliver clear cybersecurity advice to technical and non-technical stakeholders on Azure security best practices, threat protection, and compliance. Champion 'Secure by Design' across IT infrastructure, emphasizing Azure Defender, Sentinel, and application security controls. What were looking for Expertise … application security (e.g., OWASP, DevSecOps), and network segmentation. Strong knowledge of Azure-specific security tools (e.g., Azure Security Center, Key Vault, Policy, Private Link), threat modelling, secure SDLC, and assurance processes. Experience delivering "secure by design" in regulated sectors (e.g., finance, healthcare, critical infrastructure), including Azure compliance certifications ...

with the highest security standards. Design and create secure Enterprise-Grade Architectures Across Cloud, Hybrid, and On-Prem Environments Conduct comprehensive risk assessments and threat modelling to proactively identify vulnerabilities and develop effective mitigation strategies Develop and maintain security policies and frameworks that adhere to industry standards such ...

evolve secure, enterprise-grade architectures across cloud, hybrid, and on-prem environments. Embed security into every stage of our SDLC Conduct risk assessments and threat modelling, proactively identifying vulnerabilities and mitigation strategies Develop and maintain security policies and frameworks aligned with NIST, ISO 27001, and CIS Controls Lead ...

Security+ You will be able to work from home 3 times a week. Key Responsibilities Implement security practices through the SDLC including secure coding, threat modelling and vulnerability/penetration testing. Develop, maintain, and enforce security policies and procedures for all teams in the IT Department (ISO27001, NIST ...

/3, and NCSC guidelines. Set and embed security standards and patterns, aligned with best practices, to strengthen NHS England's cyber resilience. Lead threat modelling, security assessments, and risk mitigation efforts, delivering actionable advice to address identified vulnerabilities. Collaborate with stakeholders and teams to address challenges … during project lifecycles. Scope and review security testing reports, vulnerability assessments, and compliance audits to ensure robust application and endpoint security. Provide architecture modelling expertise to design and implement resilient, secure systems and services across NHS England. Support systems and services throughout their lifecycle, ensuring secure practices are maintained ...

ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the Group-wide cyber security risk register, including conducting risk assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. ...

security (OAuth2, OIDC, JWT, etc.) Understanding of AI/ML concepts or a strong interest in building expertise in this area Experience in threat modelling, vulnerability assessment, or security testing Familiarity with secure development practices (e.g., DevSecOps, OWASP) Background in identity, access control or secrets/key management ...

enforce security standards and best practices for all back-office systems Guide the team on secure web application development (OWASP Top 10, threat modelling) Plan, prioritise, and manage team workload to meet business objectives and delivery timelines Mentor and support team members, promoting best practices, conducting code reviews ...