1 to 25 of 28 Permanent Threat Modelling Jobs in the South East

Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to C More ❯

is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and delivery tools (e.g. … Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants whose More ❯

IR35: Inside Work structure: Remote Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

security into solution designs. Monitor compliance with internal policies, external regulations and industry good practice. (e.g., GDPR, ISO27001, CIS, ISF, NIST). Provide expert guidance on security best practices, threat modelling, and mitigation strategies. Support incident response and post-incident reviews from an architectural perspective. Skills and experience you need asInformation Security Assurance Specialist: Strong understanding of all More ❯

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud … Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and … associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience More ❯

and CI/CD concepts. Clearly articulate and communicate the value of a security control vs the friction it may introduce – a credible peer within engineering. An interest in threat modelling as a medium to demonstrate the impact of security and robust Security Architecture’s for protecting organisations. Skills & Experience 5+ years of relevant technical experience as a … stakeholders. A high-level understanding of security principles, control frameworks (NIST preferred), and security risks as they apply to cloud solutions. A good understanding of the latest security threats, threat actors, and the tactics and techniques adopted. More ❯

servers, VM environments, client machines, and cloud services.o Proficiency in security-related software and tools, understanding of secure network architectures, experience with encryption and security protocols, and familiarity with threat modelling and risk assessments.o Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.o Strong analytical skills to identify security threats and implement effective solutions.o Ability More ❯

of security incidents, ensuring swift and effective resolution. Design and deliver engaging training sessions to raise awareness and promote a security-first mindset across the organisation. Monitor the evolving threat landscape and develop proactive strategies to mitigate risks. Coordinate internal and external audits, ensuring readiness and compliance with relevant standards. Oversee the performance and strategic direction of the Security … and PCI DSS. What you'll need to succeed Willingness to work 7-hour days, 3 days a week Demonstrated expertise in conducting technical security risk assessments and developing threat models. Comprehensive knowledge of core cybersecurity domains, including network, endpoint, and cloud security. Skilled at translating technical vulnerabilities into business-relevant language for diverse audiences. Hands-on experience operating More ❯

must Support the business and IT stakeholders in completing risk assessments for their AI use case. Conduct in-depth technical assessments of AI solutions to identify security risks. Develop threat models for AI systems to anticipate and account for potential impacts due to misuse, abuse, or other adversarial attacks. Document all findings and develop mitigation strategies for identified risks More ❯

ie cyber security asset management, attack surface management, etc) Pragmatic application of zero-trust philosophies Cloud based security (GCP, AWS and Azure) Pentest scoping and analysis experience Application security Threat modelling To apply for this position please submit your CV. More ❯

and scalable Work with the product owner to address user needs Develop secure and high-quality production code, perform code reviews and able to debug issues Participate in agile threat modelling and vulnerability management Ensure compliance with security and regulatory requirements for MOD and high Design assurance software Develop solutions for where data can bring value to our More ❯

/CI/CD workflows and secure SDLC methodologies. Experience securing cloud-native environments, including containerized services (e.g., Kubernetes) and CI/CD orchestration tools. Knowledge of AI-specific threat vectors like adversarial attacks, data poisoning, and prompt injection, and familiarity with the MITRE ATLAS framework. Proficiency in threat modeling and security assessment techniques for AI/ML … CI/CD pipelines, and data workflows. Participate in organizational architecture discussions to support the secure development and operation of AI/ML workloads. Lead security risk assessments and threat modeling for AI/ML applications—identifying vulnerabilities and recommending mitigation strategies. Contribute to testing and validation of AI models and LLMs with a focus on trust, safety, fairness More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities Design, develop … and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and More ❯

setting with smart people and challenging problems? If yes, we want to hear from you! We are a Product Security SDL team consisting of a Security lead, SDL coach, threat model architects, a software pen tester and a hardware assessor. We work with development teams across Group Product to improve their security posture. What You'll Do Perform software More ❯

how technology choices impact Cyber Security. Ability to scope penetration tests and guide projects on the remediation of identified vulnerabilities. Knowledge of current vulnerabilities and trends in vulnerabilities/threat landscapes. Good interpersonal and communication and self-organisation skills. Strong technical skills, with the ability to adapt in unfamiliar environments. Ability to quickly assimilate knowledge from outside own area … and layer 3 security) and network protocols (e.g., TCP/IP, TLS, SSH, DNS). Converged Business services (e.g. VoIP services), SDWAN, SDN Experience of risk management frameworks, threat modelling, and security awareness initiatives. Understanding of security standards such as NIST. Join us to be part of a team that values innovation, collaboration, and continuous learning! How to More ❯

Salary: £35,000 - £55,000 (Based on Experience) Hybrid (3 days in the office and 2 days from home) Key Tasks: Security assessments: Create and perform security assessments and threat models Security standards: Develop, implement & maintain security standards and plans Vulnerability Management: Research weaknesses and find ways to counter them Security incident response: Respond to attack vectors and security More ❯

Salary: £35,000 - £55,000 (Based on Experience) Hybrid (3 days in the office and 2 days from home) Key Tasks: Security assessments:?Create and perform security assessments and threat models Security standards:?Develop,implement&maintainsecurity standards and plans VulnerabilityManagement:?Research weaknesses and find ways to counter them Security incident response:?Respond to attack vectors and security incidents, and More ❯

Salary: £35,000 - £55,000 (Based on Experience) Hybrid (3 days in the office and 2 days from home) Key Tasks: Security assessments:?Create and perform security assessments and threat models Security standards:?Develop,implement&maintainsecurity standards and plans VulnerabilityManagement:?Research weaknesses and find ways to counter them Security incident response:?Respond to attack vectors and security incidents, and More ❯

creation of RFCs (Request for Comments) and ADR (Architectural Decision Records) , having input into decision-making across frontend technologies. Security & Risk Management: Support Lead and Senior engineers in maintaining Threat Models for any domain changes, ensuring security and risk are at the forefront of development. Continuous Improvement: Engage in continuous learning and improvement within your Community of Practice . More ❯

Head of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability. Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

s data. You will work will engineering teams to create solutions that solve or remediate security problems. This will involve a range of activities, including (but not limited to) threat modelling, selection and configuration of DevSecOps tools, high-level and detailed security designs. Key Responsibilities: We are seeking a Senior Security Engineer who has experience in the design … and implementation of secure software. You should possess verifiable experience in: Strong technical knowledge - a comprehensive understanding of software engineering principles, system architecture, and contemporary development frameworks. Threat modeling, as well as the design and implementation of security controls (either in a cloud environment or on-premises). Familiarity with cryptographic primitives and protocols. Proficiency in at least one More ❯

Engineering to embed secure practices into the SDLC and production environments. Champion a security-first mindset — empower and educate teams across the business to take ownership of security. Lead threat modelling and continuous risk assessments — proactively identify and mitigate vulnerabilities. Own and optimise security configurations across devices, cloud infrastructure, and SaaS tools. Develop and evolve the ISMS with More ❯

infrastructure. Reporting directly to the CTO, this is not a purely strategic or oversight role. You’ll be owning the security vision, building the roadmap, writing code, reviewing architecture, threat modelling, and automating at scale, while building a high-performance team around you. This is what you will own: Security Engineering Strategy Define and execute the security vision … Technical Execution Design and implement secure-by-default patterns in AWS, Kubernetes, CI/CD pipelines, and crypto-native systems. Own IaC scanning, secrets detection, and automated control implementation. Threat Modelling & Incident Readiness Lead technical reviews of high-value trading and custody systems. Translate threat intel into proactive engineering solutions. Cross-Functional Collaboration Work closely with Engineering More ❯

in securing complex, cloud-first environments within a data-rich, high-scale business — helping protect critical infrastructure and client data across global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility … through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and services Performing proactive threat hunts and maturing detection logic over time Key skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center … Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or reach out to learn more. More ❯

to high profile clients across all industries. The purpose of this role is to deliver our offensive security services including digital footprint reconnaissance, social engineering, vulnerability assessments, penetration testing, threat modelling, cyber-attack simulation exercises, and more to high profile clients across all industries. You'll benefit from ongoing coaching, career mentoring, and be supported by our career More ❯