14 of 14 Permanent Threat Modelling Jobs in Scotland

and conduits methodology Provide assurance of technical controls across Security Levels SL1 to SL4, validating patterns such as segmentation, RBAC, and incident containment Lead cyber risk management activities including threat modelling and formal risk analysis (Bow-Tie, Attack Trees, Swiss Cheese, HAZOPs) Own the delivery of the Cybersecurity Requirements Specification (CRS) for all programme systems Oversee end-to More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. **HOW YOU WILL CONTRIBUTE TO THE TEAM** * **Threat Analysis - **Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership More ❯

they pertain to the cyber domain. Experience working with cyber and security requirements down to the system control level. Experience conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Experience working with product engineers, system architects, and developers to More ❯

controls following formal governance mechanisms for IS Security processes. Assist IS Security in achieving regulatory and statutory compliance. Conduct cyber risk assessments, including evaluations of third-party suppliers. Apply threat modeling principles to system and solution designs to identify risks and mitigations. Support and improve cyber incident management processes. Contribute to operational cybersecurity projects. What to bring Experience working … Cyber Security KPIs (preferred). Experience engaging third-party security specialists (preferred). Understanding of data security, governance, and controls (essential). Experience with cloud security solutions and modern threat modeling (preferred). Knowledge of security frameworks like NIST CSF, Mitre ATT&CK (essential). What You'll Get in Return: We offer a competitive salary and benefits, including More ❯

for processes and functions performed by the IS Security team. Supporting IS Security to achieve regulatory and statutory compliance requirements. Completing cyber risk assessments, including third-party suppliers. Applying threat modeling principles to complex system and solution designs to identify security risks and mitigation strategies. Supporting, monitoring, and recommending improvements to cyber incident management processes. Providing input and support … third-party security specialists for assurance. Understanding of data security and governance requirements and control identification. Experience delivering cloud-focused security solutions and understanding of modern cyber threats and threat modeling techniques. Good understanding of security frameworks such as NIST CSF, Mitre ATT&CK. Benefits At Sword, our core values and culture focus on caring for our people, investing More ❯

scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development and production release process, including CI/CD Experience with the application of threat modeling and other risk identification techniques Scripting (Perl, python, PowerShell, bash), RegEx and PCRE experience is desirable Purple Perks Medical, dental and vision coverage Generous PTO and observed holidays More ❯

Knowledge of standards like NIST SP 800-30, 37, 53. Experience managing risks and services in compliance with regulations. Experience with software, firmware, and hardware security. Conducting risk assessments, threat modelling, vulnerability analysis. Overseeing security verification, validation, and remedial actions. Collaborating with engineers and architects to develop secure solutions. Desirable: Understanding of engineering lifecycle. Knowledge of cryptographic technologies More ❯

background as a Cloud technologist with hands-on experience in data science platforms and AI/ML use cases. Demonstrated expertise in implementing security by design principles and conducting threat modelling and translating this into designs mitigations for delivered patterns. Ability to translate complex security requirements into practical and scalable architectural solutions. Some other highly valued skills may More ❯

Title: Security Design Specialist (Finance and Banking) Location: Edinburgh, UK Duration: 6 Months Overview: Work with Security architects and application development teams to ensure Threat models designs are secure. Job Description Facilitating Security Architecture run threat modelling workshops assisting the development teams in identifying and mitigating threats. Oversee security related issues across multiple product teams/squads. More ❯