1 to 25 of 305 Permanent Threat Modelling Jobs in the UK

seeking a highly skilled contractor to perform threat modelling and assessment activities across complex IT and telecommunications infrastructure. This role will be part of a small team whose function will be to identify risks across multiple and complex environments over a six-month engagement. Key Responsibilities: * Conduct comprehensive … threat modelling and risk assessments on diverse IT and telecoms infrastructure. * Collaborate with architecture and engineering teams to identify vulnerabilities and recommend mitigations. * Develop threat models using a pre-defined methodology. * Contribute to and produce clear, actionable reports and briefings for technical and non-technical stakeholders. Essential ...

INFORMATION SECURITY SPECIALIST KEY POINTS * Hybrid working model (Manchester) - up to £55,000 p/a* Focus on application security, code analysis, threat modelling and penetration testing* Work closely with Software Development teams across a large technical environment* Opportunity to influence secure development practices and automation initiatives ABOUT … automation THE INFORMATION SECURITY SPECIALIST ROLE: In this role, you'll focus on securing internally developed and third-party applications, carrying out code reviews, threat modelling, and application penetration testing. You'll partner closely with Software Development teams to ensure secure design principles are understood and embedded throughout ...

INFORMATION SECURITY SPECIALIST KEY POINTS * Hybrid working model (Stoke-on-Trent) - up to £55,000 p/a* Focus on application security, code analysis, threat modelling and penetration testing* Work closely with Software Development teams across a large technical environment* Opportunity to influence secure development practices and automation … automation THE INFORMATION SECURITY SPECIALIST ROLE: In this role, you'll focus on securing internally developed and third-party applications, carrying out code reviews, threat modelling, and application penetration testing. You'll partner closely with Software Development teams to ensure secure design principles are understood and embedded throughout ...

INFORMATION SECURITY SPECIALIST KEY POINTS * Hybrid working model (Manchester) - up to £55,000 p/a * Focus on application security, code analysis, threat modelling and penetration testing * Work closely with Software Development teams across a large technical environment * Opportunity to influence secure development practices and automation initiatives ABOUT … automation THE INFORMATION SECURITY SPECIALIST ROLE: In this role, you'll focus on securing internally developed and third-party applications, carrying out code reviews, threat modelling, and application penetration testing. You'll partner closely with Software Development teams to ensure secure design principles are understood and embedded throughout ...

data lifecycle. You will guide organizations through application security challenges, embedding controls into design, build, and deployment phases, while leveraging practices such as Threat Modelling, Secure SDLC, and DevSecOps. With expertise in vulnerability management, data protection, and regulatory compliance, you will design security guardrails that support application modernization … achieved securely. Responsibilities Provide advisory and technical expertise on application security across the Software Development Lifecycle (Design, Build, Deploy). Lead activities such as Threat Modelling, Secure SDLC integration, DevSecOps practices, and application security testing. Implement security guardrails to support secure application modernization on multicloud platforms. Drive application ...

compliance teams to ensure products are secure by design and resilient in production. PSLs define and implement security policies, manage vulnerability backlogs, and lead threat modelling and incident response efforts. What you’ll own Define and implement security policies and tooling across the product lifecycle, from design … development to deployment and maintenance. Lead threat modelling for new and existing applications, guiding teams and ensuring outputs are documented and tracked. Manage the product vulnerability backlog, prioritizing remediation of high and critical vulnerabilities, and tracking key metrics such as open vulnerabilities, SLA compliance, and average ...

carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We're looking for a Threat Defence and Cyber Security Operations - Threat Intelligence Lead. Based at our Paddington site, you'll build on the existing URENCO capabilities to further develop … Threat Intelligence function within the Threat Defence and Cyber Security Operations Team. We're looking for a motivated and experienced individual who wants to join a high performing team and be a part of and influence a transformational journey. This role reports to the Head of Threat ...

carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We're looking for a Threat Defence and Cyber Security Operations - Threat Intelligence Lead. Based at our Paddington site, you'll build on the existing URENCO capabilities to further develop … Threat Intelligence function within the Threat Defence and Cyber Security Operations Team. We're looking for a motivated and experienced individual who wants to join a high performing team and be a part of and influence a transformational journey. This role reports to the Head of Threat ...

Join Police Digital Service as NMC Senior Cyber Threat Hunter - Hybrid - starting salary £65,000pa About Police Digital Service and NMC At PDS, we empower UK policing to stay ahead of evolving threats in a rapidly changing digital landscape. As the trusted technology partner for law enforcement, we deliver … value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local levels. ...

SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging threats and recommend proactive mitigations. Provide mentoring, training, and security awareness support to internal teams. Essential Skills … risk-based security. Relevant certifications such as CISSP, CompTIA Security+, GIAC, or equivalent. Excellent documentation, communication, and stakeholder collaboration skills. Desirable Background in threat modelling or secure software design. Knowledge of ISO27001, Cyber Essentials Plus, or cloud security certifications. Experience in large-scale or regulated environments. What ...

SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging threats and recommend proactive mitigations. Provide mentoring, training, and security awareness support to internal teams. Essential Skills … risk-based security. Relevant certifications such as CISSP, CompTIA Security+, GIAC, or equivalent. Excellent documentation, communication, and stakeholder collaboration skills. Desirable Background in threat modelling or secure software design. Knowledge of ISO27001, Cyber Essentials Plus, or cloud security certifications. Experience in large-scale or regulated environments. What ...

cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

candidate will report to the Head of Cyber Security and will lead the Security Engineering function, which covers Identity and Access Management, Cloud Security, Threat Modelling, and Application Security. This is a senior role that will shape Icelands security architecture and ensure that security is embedded … principles and technologies. Experience of working within a predominantly Microsoft environment. Expertise in cloud security (Microsoft Azure; AWS experience desirable). Ability to perform threat modelling and provide secure design guidance for projects and applications. Excellent communication and stakeholder engagement skills. Ability to influence and embed security practices ...

candidate will report to the Head of Cyber Security and will lead the Security Engineering function, which covers Identity and Access Management, Cloud Security, Threat Modelling, and Application Security. This is a senior role that will shape Iceland’s security architecture and ensure that security is embedded … principles and technologies. · Experience of working within a predominantly Microsoft environment. · Expertise in cloud security (Microsoft Azure; AWS experience desirable). · Ability to perform threat modelling and provide secure design guidance for projects and applications. · Excellent communication and stakeholder engagement skills. · Ability to influence and embed security practices ...

line with Group standards. Ensure that RAG pipelines, tool-use APIs, memory systems and multi-agent workflows follow robust security controls. Threat Modelling for AI Agents & LLM Pipelines Conduct threat modelling specific to AI Agents, including: Prompt injection and cross-agent contamination Tool misuse and unauthorised … across all AI Agent and GenAI products. Training, Guidance & Best Practice Train engineering and product teams on secure agent engineering, Microsoft GenAI security, LLM threat patterns and cyber expectations. Build reusable templates and reference architectures for secure AI Agent implementation. Provide hands-on support to unblock security design challenges. ...

with infrastructure engineers, architects and project teams, you will ensure that platforms are secure, compliant and aligned with recognised frameworks. Your work will span threat modelling, vulnerability research, configuration baselines, incident analysis, and the integration of monitoring, logging and alerting capabilities. You will also contribute to security documentation … access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards Experience with ...

. Youll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. We dont expect you to know everything … just to be curious, practical, and willing to dive in. What Youll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/ ...

dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. They don't expect you to know everything - just … curious, practical, and willing to dive in. What You'll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates ...

dissect designs, model attack paths, and show engineering teams what “good” really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. They don’t expect you to know everything — just … curious, practical, and willing to dive in. What You’ll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates ...

seeking a highly skilled contractor to perform threat modelling and assessment activities across complex IT and telecommunications infrastructure. This role will be part of a small team whose function will be to identify risks across multiple and complex environments over a six-month engagement. Key Responsibilities: Conduct comprehensive … threat modelling and risk assessments on diverse IT click apply for full job details ...

Life on the team The Cyber Threat Operations Team plays a vital role in protecting Computacenter from the latest threats and threat actors. We maintain a forward-looking mentality to identify emerging threats and trends, ensuring we stay one step ahead of security threats. Our team combines specialist … skills in Threat Intelligence, Threat Hunting, Malware Analysis, Digital Forensics, Incident Response, and Threat Modelling. At our core, we are driven by a mission to “investigate, collate and locate”: to unearth new threats, gather all available intelligence, and proactively respond. We apply technical expertise and global awareness ...

client audit requests as they relate to AI use at the firm. Perform detailed security analysis of application architectures to provide assurance. Understand threat modelling and participate in major incidents responses with IAM and AI components. Review and approve the IAM components of solution designs. Collaborate with cloud ...

align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share … adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure ...

Responsibilities Design secure cloud architectures across AWS/Azure/GCP for enterprise-scale transformation projects Define and implement application security standards including threat modelling, secure SDLC, API security and DevSecOps practices Conduct security risk assessments, architecture reviews and produce high-level and low-level security designs Advise ...