1 to 25 of 50 Permanent Threat Modelling Jobs in the UK

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the life cycle. Working closely with stakeholders, you will define security architectures … Design - Embed security into every stage of the solution life cycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (eg STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

functions and a relentless focus on operational excellence, the Head of Security Services builds and empowers high-performing teams to deliver 24/7 threat detection, rapid incident response, and proactive risk management. This includes ownership of security controls, security testing, tech assurance and vulnerability and threat management … Leadership Team. Operations & Service Delivery • Oversee daily operations of technical security functions, working collaboratively with the SOCs to provide 24/7 visibility and threat detection ensuring services are resilient, risk-aware, and aligned with business needs. • Regularly review and modernise SOC processes, technologies, and talent. • Partner with MSSPs ...

CYBER SECURITY ARCHITECT - CHESTER (HYBRID) KEY POINTS Senior security leadership role reporting to the Head of Cyber Security Lead Security Engineering across IAM, Cloud, Threat Modelling & Application Security Hybrid working - minimum 2 days per week onsite near Chester Competitive salary + strong benefits package ABOUT THE CLIENT … embedding security by design across all IT and business change initiatives. You will lead the Security Engineering function, covering Identity & Access Management, Cloud Security, Threat Modelling, and Application Security. You'll work closely with both technical teams and senior business stakeholders to ensure secure solution design, influence strategic ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities … offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. Developing innovative analytical techniques to identify incidents effectively. Collaborating with an outsourced ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities … offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. Developing innovative analytical techniques to identify incidents effectively. Collaborating with an outsourced ...

security professionals who want to transition into a GenAI-focused career path and develop deep expertise in securing AI/ML systems. Key Responsibilities Threat Analysis and Vulnerability Assessment Conduct regular threat modelling and vulnerability assessments across AI/ML systems, including data pipelines, model APIs … skills in Python and Bash Strong knowledge of cloud technologies, specifically AWS and Azure Strong understanding of API development and API security Experience with threat modelling, penetration testing, and vulnerability assessments Familiarity with secure software development practices (OWASP, DevSecOps) Interest in or exposure to data science ...

deployment and tuning (Defender for Endpoint, CrowdStrike), Intune/Jamf device management, privileged access workstations, JIT/JEA models API and application security: threat modelling (STRIDE/PASTA), OAuth 2.0/OIDC implementation review, secrets management (Key Vault, HashiCorp Vault), and secure SDLC integration PKI, certificate lifecycle automation … automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines ...

productivity. Mentor senior engineers and influence technical leaders across the organisation. Secure-by-Design & Compliance Embed secure-by-design principles into architectural decisions. Ensure threat modelling is performed for new features and major changes. Champion secure coding standards and integration of security testing into the delivery pipeline. Collaborate … delivery of product capabilities. Strong background in cloud-native architectures (microservices, event-driven, distributed systems). Deep understanding of secure-by-design principles, threat modelling, cryptography basics, and modern security practices. Experience with API design, integration patterns, and domain-driven design (DDD) and Event Driven Design. Ability ...

strategic change projects; define and implement security standards across the full software development lifecycle; develop API security standards and secure integration patterns and conduct threat modelling and risk assessments for new technology implementations. Location/WFH: There's a hybrid work from home model with three days … City office with rooftop bar. About you: You have an indepth knowledge of Application Security and secure software development You have experience of conducting threat modelling, security risk assessments and security architecture reviews You're keen to take ownership of Greenfield systems and processes You're collaborative ...

Product Security Management System (PSMS) and propose improvements when gaps or inefficiencies are identified. Support evidence generation required for Cybersecurity Conduct security analyses , threat modelling and vulnerability assessments within the digital engineering environment. Support incident investigations and maintain accurate records of product-security-relevant decisions . Essential Skills … product, system or cyber security engineering industries. (Internal BAE Systems training is available for Product Security specialism) An awareness of secure-by-design principles , threat modelling, risk assessment methodologies and security control design. Practical knowledge of security policies, standards and good practice frameworks in highly regulated industries Experience ...

Product Security Management System (PSMS) and propose improvements when gaps or inefficiencies are identified. Support evidence generation required for Cybersecurity Conduct security analyses , threat modelling and vulnerability assessments within the digital engineering environment. Support incident investigations and maintain accurate records of product-security-relevant decisions . Essential Skills … product, system or cyber security engineering industries. (Internal BAE Systems training is available for Product Security specialism) An awareness of secure-by-design principles , threat modelling, risk assessment methodologies and security control design. Practical knowledge of security policies, standards and good practice frameworks in highly regulated industries Experience ...

Product Security Management System (PSMS) and propose improvements when gaps or inefficiencies are identified. Support evidence generation required for Cybersecurity Conduct security analyses , threat modelling and vulnerability assessments within the digital engineering environment. Support incident investigations and maintain accurate records of product-security-relevant decisions . Essential Skills … product, system or cyber security engineering industries. (Internal BAE Systems training is available for Product Security specialism) An awareness of secure-by-design principles , threat modelling, risk assessment methodologies and security control design. Practical knowledge of security policies, standards and good practice frameworks in highly regulated industries Experience ...

world national security impact, while enjoying hybrid working and strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration ...

client audit requests as they relate to AI use at the firm. Perform detailed security analysis of application architectures to provide assurance. Understand threat modelling and participate in major incidents responses with IAM and AI components. Review and approve the IAM components of solution designs. Collaborate with cloud ...

align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share … adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure ...

DevOps and infrastructure teams to embed security into cloud deployments Monitor and improve cloud security posture Identify and remediate vulnerabilities across cloud systems Support threat modelling and security architecture discussions Required Skills: Experience working with AWS, Azure or GCP environments Understanding of cloud security best practices Familiarity with … container technologies such as Docker or Kubernetes Experience with infrastructure-as-code tools such as Terraform Strong understanding of security monitoring and threat detection Nice to Have: Experience with cloud security tools such as Prisma, Wiz or Lacework Knowledge of DevSecOps practices Security certifications such as CISSP, CCSP ...

identity management (e.g., Entra ID), and secure application development. Deliver clear cybersecurity advice to technical and non-technical stakeholders on Azure security best practices, threat protection, and compliance. Champion 'Secure by Design' across IT infrastructure, emphasizing Azure Defender, Sentinel, and application security controls. What were looking for Expertise … application security (e.g., OWASP, DevSecOps), and network segmentation. Strong knowledge of Azure-specific security tools (e.g., Azure Security Center, Key Vault, Policy, Private Link), threat modelling, secure SDLC, and assurance processes. Experience delivering "secure by design" in regulated sectors (e.g., finance, healthcare, critical infrastructure), including Azure compliance certifications ...

with the highest security standards. Design and create secure Enterprise-Grade Architectures Across Cloud, Hybrid, and On-Prem Environments Conduct comprehensive risk assessments and threat modelling to proactively identify vulnerabilities and develop effective mitigation strategies Develop and maintain security policies and frameworks that adhere to industry standards such ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

based at Warminster working in a hybrid style. Key Responsibilities: Developing, contributing and management of the security vision, security architecture specifications, security architecture analysis, threat-modelling, security requirements, security standards and design patterns, reference architectures, security strategies and roadmaps Advising internal and customer leadership on Cybersecurity issues, systems ...

scale. 💡 You’ll work on: • Designing secure architectures using ISO 27001, NIST, CIS • Cloud security across AWS/Azure/GCP • Zero Trust, threat modeling & risk assessments • Security strategy, audits & compliance (NIS2, DORA) • Stakeholder advisory + pre-sales & roadmap planning 🔍 Must have: ✔ 5–12 yrs in Security Architecture/ ...

What You'll Do Core Responsibilities: Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments Execute social engineering assessments and physical security testing Produce detailed scoping documents and executive-level … growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning : Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise ...

Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ITHC scoping and remediation Certifications ...