24 of 24 Permanent Threat Modelling Jobs in the South East

awareness: Contribute to the development and delivery of security awareness training for internal staff. Stay current: Keep abreast of the latest security threats, vulnerabilities, exploits, and industry best practices. Threat modelling: Participate in threat modelling exercises to identify potential attack vectors and design flaws. Ad-hoc security testing: Perform ad-hoc security assessments and provide expert More ❯

awareness: Contribute to the development and delivery of security awareness training for internal staff. Stay current : Keep abreast of the latest security threats, vulnerabilities, exploits, and industry best practices. Threat modelling: Participate in threat modelling exercises to identify potential attack vectors and design flaws. Ad-hoc security testing : Perform ad-hoc security assessments and provide expert More ❯

our continual information security strategy, joining us on our journey and developing yourself along the way. Why Join Us? Work with a talented team of security professionals in a threat-driven environment. Ability to help shape the future of our cyber defence capabilities across a wide and diverse range of businesses. Competitive compensation and benefits package. Flexible work environment … with opportunities for remote work and professional development. Key responsibilities: Reporting to the Director of Information Security & Information Technology, you will be responsible for: - Build and own Seniors threat intelligence strategy. Develop and own the threat management program with regular assessments, threat modelling, risk prioritisation and remediation activities. The individual will serve as a subject matter … expert incyber threat management, advising our various businesses on adversary activities, situational awareness and defensive actions. Designing tactical and strategic responses to emerging security threats Define, implement and manage our cyber threat capability working with our local IT teams, MSSP partners, vendors and other key stakeholders. Provide our IT teams with guidance on adversary intentions, objectives and potential More ❯

development lifecycle and CI/CD processes and working with the IT Infrastructure team on the security elements of migrating on-premise Windows estate to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling More ❯

development lifecycle and CI/CD processes and working with the IT Infrastructure team on the security elements of migrating on-premise Windows estate to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling More ❯

security into everything we dofrom infrastructure to application design. Key Responsibilities Design and implement security controls across cloud platforms (AWS, Azure, or GCP) Develop and maintain security tooling for threat detection, vulnerability management, and incident response Lead threat modelling and risk assessments for critical systems and services Collaborate with engineering teams to integrate security best practices into More ❯

effectiveness. Deliver security architecture for cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What You'll Bring Prior and proven experience More ❯

Significant experience in Financial Services or Insurance, including PCI-compliant environments. Expert knowledge of network and cloud security using Azure, Hands-on experience with application security, data protection, and threat modelling. Confident communicator, able to influence across technical and business functions. Track record in risk assessment, vulnerability management and secure architecture delivery. Knowledge of DevSecOps, SIEM, IAM, DLP, and More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and drive remediation. - Communicate technical findings clearly to both technical and executive audiences. - Influence security architecture and product design through early More ❯

DevSecOps integration into CI/CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity Champion secure design, threat modelling and coding best practices across engineering teams Partner with sales and business development for pre-sales, client proposals, and solution design Drive financial oversight of the function More ❯

/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre-sales, delivery and review phases Managing financials, resource planning, and service maturity across the Secure SDLC portfolio Acting as escalation More ❯

security into solution designs. Monitor compliance with internal policies, external regulations and industry good practice. (e.g., GDPR, ISO27001, CIS, ISF, NIST). Provide expert guidance on security best practices, threat modelling, and mitigation strategies. Support incident response and post-incident reviews from an architectural perspective. Skills and experience you need asInformation Security & Assurance Specialist: Strong understanding of all More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts, incidents … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … equivalent function. Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP More ❯

Collaborate with development teams (Go and Node.js) to remediate security issues. Evaluate and Test TEE solutions (e.g., AWS Nitro Enclaves, Azure Confidential Computing and Google Confidential Computing.). Conduct threat modeling and risk assessments. Develop and maintain security testing tools and automation scripts. Stay current with emerging security threats, vulnerabilities, and mitigation techniques. Proven experience in penetration testing and More ❯

such as CISSP, CISM, AWS Security Specialty, or Certified Identity and Access Manager (CIAM). Agile (Scrum Master, SAFe) and cloud (AWS Cloud Practitioner) certifications. Experience in security assessments, threat modeling, or governance/risk/compliance (GRC) tooling. Benefits Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is More ❯

in identifying and mitigating security risks# Ability to make actionable recommendations for security improvements Experience with GDPR and data protection, together with knowledge of IS standards Security assessment frameworks (threat modelling, controls assessment, risk assessment) Relevant qualifications; CISSP, CISM or similar would be beneficial. Based in Central London, 4 days per week onsite initially dropping to 3 once More ❯

Experience performing secure application configurations of other large ERP type Software packages. Knowledge of configuration and integration security (API, etc.) for SaaS solutions Understanding Secure Architecture Design (Zero Trust, Threat Modeling) Understanding of Application Security (OWASP Top 10) Experience in programming languages and technologies used in web development Proficiency with AGILE techniques, preferably tools: Atlassian/Jira Proficiency in More ❯

Utilizing real-time dashboards to facilitate tracking and reporting to the Technology Leadership Team and the wider organization. Become fully embedded into our engineering teams and practices to: Lead threat modeling, vulnerability prioritization, and hold risk assessment exercises. Monitor zero-day threats and vulnerabilities, ensuring they are properly prioritized and resolved by responsible teams. Guide architectural security reviews to More ❯

As a Senior Security Penetration Tester , you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate. This role requires an understanding of TVM concepts, technologies, and … cybersecurity vulnerabilities and provide appropriate mitigation actions. Liaise and coordinate with technology and business stakeholders in relation to cybersecurity patching and vulnerability management issues/actions. Maintain a cyber threat assessment methodology, align to evolving industry standards and integrate into BAU and project-based business processes. Support with proactive threat hunting for new and emerging cyber threats. Develop … and maintain dashboards with cybersecurity threat and vulnerability metrics. Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001. Base location - Hybrid - Clearwater Court Reading. Working pattern - 36 hours Monday to Friday. What you should bring to the role Strong knowledge of manual penetration testing techniques and confident with operating systems and More ❯

Conducting assurance reviews and risk assessments Embedding security into solution designs Supporting incident response and post-incident analysis Ensuring compliance with GDPR, ISO27001, NIST, and other frameworks Advising on threat modelling and mitigation strategies What We're Looking For: Strong understanding of security principles and frameworks Experience designing and implementing security controls Excellent stakeholder engagement and communication skills More ❯

years of experience in cloud security, particularly with AWS, and at least 2+ years in software development. Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, API gateways, and API Security (authentication and authorization). Proficiency in programming languages such as Python More ❯

improvements Participate in on-call rotation for high-priority issues and assist during major incidents Create and maintain documentation including SOPs and security protocols Support IT security team with threat modelling, remediation, and policy compliance Essential: Strong background in network engineering and troubleshooting across complex environments Operational knowledge of LAN/WAN infrastructure, routing protocols (OSPF, BGP, EIGRP More ❯

our flagship products cyber resilient? We are looking for a Security Engineer to join our Information Security team at our Oxford headquarters. You will be working across software engineering, modelling, and data science bringing your full self, including your security knowledge and expertise to the business. As a Security Engineer at Aurora Energy Research, you will enable our colleagues … reduction outcomes. Build secure products. Ensure security is considered throughout the product and software development life cycle. Provide security best practice, build security design patterns, complete security architecture reviews, threat models and risk assessments. Help solve engineering problems by implementing technical controls to mitigate risk. Ensure we are deploying solutions into a secure environment . Ensure we build solutions More ❯

SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and … strategies. Key Requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as Python, Java More ❯