7 of 7 Permanent Threat Modelling Jobs in the Thames Valley

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

cloud platforms. • Collaborate with enterprise and domain to align solutions. Security & Compliance • Implement robust API security practices (e.g. OAuth2, OIDC). • Ensure compliance with financial and regional regulations. • Conduct threat modeling and risk assessments for API exposure. Leadership & Collaboration • Mentor and guide development teams on API best practices. • Act as a technical liaison between business stakeholders and engineering teams. More ❯