13 of 13 Permanent Threat Modelling Jobs in the North of England

awareness: Contribute to the development and delivery of security awareness training for internal staff. Stay current : Keep abreast of the latest security threats, vulnerabilities, exploits, and industry best practices. Threat modelling: Participate in threat modelling exercises to identify potential attack vectors and design flaws. Ad-hoc security testing : Perform ad-hoc security assessments and provide expert More ❯

awareness: Contribute to the development and delivery of security awareness training for internal staff. Stay current : Keep abreast of the latest security threats, vulnerabilities, exploits, and industry best practices. Threat modelling: Participate in threat modelling exercises to identify potential attack vectors and design flaws. Ad-hoc security testing : Perform ad-hoc security assessments and provide expert More ❯

expertise to help security and engineering teams across the enterprise embed security into the product development lifecycles. This role is the key advisor on AppSec standards, secure development practices, threat modelling, and security tooling (e.g. SAST, DAST, SCA, IaC scanning, container security, etc.), ensuring consistency and maturity in how applications are built and maintained. By aligning teams with … e.g. vulnerability MTTR, scan coverage, risk acceptance trends) and report findings to leadership and the Global Cyber Council. Coordinate secure architecture reviews for critical application initiatives and provide consultative threat modelling support to large cross brand projects. Continuous Improvement & Innovation: Know the latest on emerging application security technologies, industry best practices, and threat trends. Evaluate new tools More ❯

Our Needs Fluent in English - both written and spoken Demonstrable experience as a Security Architect or similar role Strong knowledge of security standards, protocols, and best practices Experience with threat modelling, risk assessment, and incident response Familiarity with security tools (e.g., Snyk, OWASP ZAP) Excellent communication and collaboration skills Self-learner and ability to execute tasks without supervision … Ability to maintain the highest level of professionalism Activities Assess and design secure system architectures Define and enforce security policies and best practices Conduct threat modelling and risk assessments Collaborate with development teams to ensure secure coding practices Review and recommend security tools and technologies Respond to security incidents and perform root cause analysis Acquired Experiences and Demonstrable More ❯

part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You … CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies . Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express More ❯

solutions, integrating security measures throughout the lifecycle, from data ingestion to model deployment. Required Skills/Experience The ideal candidate will have the following: Strong understanding of cybersecurity principles, threat modeling, vulnerability assessment, and penetration testing. Familiarity with cloud platforms (AWS, Azure, GCP) and their security features. Knowledge of data privacy regulations (GDPR, CCPA) and industry standards. Ability to More ❯

continuous improvement in secure software engineering practices. In this role you will be responsible for: Advising clients on complex cybersecurity issues and building robust solutions collaboratively Performing risk and threat analyses, as well as penetration tests to uncover vulnerabilities Supporting internal and client teams with best practices for secure system and process development Facilitating workshops and security training sessions … Germany with occasional travel to client site Essential: Professional experience in a similar role such as Security Engineer, Penetration Tester, DevSecOps etc. Knowledge of the following areas: Penetration Testing, Threat Modelling, Application Security, Security by Design etc. Solid understanding of software development and system architecture basics Strong communication and interpersonal skills Self-driven, solution-oriented approach to identifying More ❯

of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of … OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks -from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber security frameworks applicable to OT environments. Understanding of the NCSC Cyber More ❯

your teammates to take ownership of security across the business from hardening and monitoring to governance and incident response Designing and evolving secure architectures using defence in depth and threat modelling principles across cloud, networks and endpoints Driving vulnerability management and scaling tooling such as CSPM, SIEM, IAM and endpoint protection to manage risk effectively Contributing to compliance More ❯

Key Responsibilities: Lead the design, implementation, and upkeep of the OT Cybersecurity Management System and policies to OG86 and IEC(phone number removed)-1 compliance. Conduct risk assessments and threat modeling for OT environments in accordance with IEC(phone number removed)-2. Manage NIS compliance for OT Networks and produce the NIS annual report. Collaborate withOT Engineers to More ❯

of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of … OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks —from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber security frameworks applicable to OT environments. Understanding of the NCSC Cyber More ❯

around performance, security, and scalability. Drive best practices in real-time logging, monitoring, and alerting. Actively promote the use of The Very Group's observability platform. Create and maintain threat models for Performance Unit products. Continuously enhance CI processes to improve deployment efficiency. Identify and mitigate risks, obstacles, and issues impacting technical delivery. Adhere to and help shape policies … services A working knowledge of the Elastic Observability platform (Elastic certification is a plus) Extensive experience building secure, scalable, and highly available software applications Strong understanding and application of threat modelling A background in hands-on software engineering with current, relevant experience A passion for code quality, testing, and engineering best practices Proven ability to influence and negotiate More ❯

alerting systems for the respective platform to facilitate effective incident management. Tool Development: Build tools aligned with the relevant framework and strategy to support the platform. Security and Compliance: Threat modelling and risk assessments. Continuous Improvement: Leverage test automation to minimize system downtime and improve uptime metrics by proactively monitoring and resolving issues. CI/CD: Write and More ❯