1 to 25 of 30 Permanent Threat Modelling Jobs in the UK with Remote Work Options

software systems by reviewing designs, auditing code, and performing penetration tests. The role involves developing and implementing vulnerability mitigation strategies, conducting risk assessments and threat modelling, and managing vulnerabilities using industry standards. You will act as a security expert, proactively identifying and addressing potential threats, and integrating robust more »

clearance and have a proven Cyber Security Engineering background, with the following skills/experience: Experience in Security information and event management (SIEM), Splunk, Threat modelling system solutions. Experience Cyber operations protective monitoring. Experience of providing advice, guidance and assuring documentation against security standards. Experience of working with … different cyber threat intelligence feeds. more »

will engineering teams to create solutions that solve or remediate security problems. This will involve a range of activities, including (but not limited to) threat modelling, selection and configuration of DevSecOps tools, high-level and detailed security designs. About you We are looking for a Senior Security Engineer … with experience in design and implementing cloud native applications in the cloud. You should have demonstrable experience in Threat modelling, design and implementing security controls in the cloud environment (AWS or Azure) Design and implementing cloud native and hybrid solutions in major public cloud platforms. Understanding of cryptographic more »

the Governance, Risk, and Compliance (GRC) team to inform on risk, compliance, and assurance matters related to the portfolio of change initiatives. Ensure that Threat Modeling is implemented for identified programs, projects, and engineering initiatives within the portfolio. Work closely with the Security Culture team to ensure alignment and more »

to product owners and delivery teams working on a viariety solutions for both colleagues and members. This will include developing solution overviews and designs, threat models, and architectural patterns. This opportunity is within the Security Architecture team, and part of Security and Resilience. The team have a challenging mandate … understanding their problems helping find secure solutions Assuring and advising on secure systems design Creating patterns and other architecture artefacts Good knowledge of cryptography Threat Modelling using common industry techniques (such as STRIDE, Attack Trees, PnG), and working with a recognised risk framework to evaluate severity and priority. … level you will have: A good general appreciation of enterprise-wide security threats, controls and principles across the above areas Experience or aptitude for threat evaluation and documenting enterprise-level architectural solutions that mitigate, or offer a risk aligned roadmap to mitigation. Producing artefacts such as Security designs, patterns more »

ecommerce or retail sectors Strong domain driven design (DDD) skills and experience Familiarity with high-availability and resilience engineering patterns, secure design principles and threat modelling. Expertise with software used to create clear strategic/architectural documentation and assets. Educated to degree level or equivalent experience. Location: Fully Remote more »

Senior Threat Modeller Remote-based with occasional travel to Preston or Frimley £45,000 - £55,000 2.5% bonus excellent bens What you ll be doing - Senior Threat Modeller Building and implementing processes and procedures for continuous and effective threat modelling capability Producing reports detailing key threats … digest Contributing to plans and delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) Identifies security gaps … and builds attack simulations to support Purple Team engagements by illustrating potential attack patterns to prioritise future remediation efforts Your skills and experiences - Senior Threat Modeller An in-depth understanding of the external security environment and how the organisation reacts to security threats Good knowledge of cyber threat more »

all product teams, dealing with complex projects daily and serving as the escalation point for the Product Security Specialist (PSS). You will lead threat modelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists … a team of Product Security Specialist (PSS). Providing leadership, technical guidance, and support to the Product Security Specialists. You will lead/facilitate threat modelling workshops with SMEs. Engaging with key stakeholders to identify threats and recommend countermeasures. Collaborating with strategy, transformation, and digital engineering parts of … such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a more »

processes and toolset. Main duties: Use understanding of digital systems and attack frameworks to apply theory to practice. Be aware of the current cyber threat landscape and industry best practices and standards. Lead on scope and health of data gathering such as event monitoring and vulnerability scanning. Interpret threat intelligence and vulnerability data to prioritise findings. Act as technical escalation for analyst on alerts, incidents, investigations, including hands on experience. Carry out threat modelling and risk assessments. Skills Required: Security and Risk assessment. Vulnerability detection, prioritisation and reporting. Ability to communicate on technical issues with users more »

collaboration with vendors for optimal value. Communicate effectively with stakeholders to drive the adoption of security tools and standards. Maintain an up-to-date threat model and regularly update the roadmap for ongoing protection. Requirements | Desirables: Strong technical security skills related to endpoint, cloud, and infrastructure security products, particularly more »

areas to address pain points and continuously improve connectivity capabilities. Communicate effectively with stakeholders to promote secure communication practices. Maintain an up-to-date threat model and cyber view of the network and connectivity landscape. Perform network assessments, audits, and optimisations to ensure performance, security, and compliance standards are more »

/exploit them, real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE) Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited What We’ll Give You A team of …/exploit them, real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE) Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited What We’ll Give You A team of more »

Identify security breaches, implement corrective actions, and devise strategies to prevent future incidents. Collaborate with developers across Sportradar for in-depth security reviews and threat modeling. Work in an international team and environment. Automate application and infrastructure scanning and reporting. Mentor junior penetration testers and provide guidance on best … and IT infrastructure security best practices, including methodologies like OWASP Testing Guide andPTES Knowledgeof scripting languages (e.g., PowerShell, Python, Perl). Excellent understanding of threat modeling and SDLC/SSDLC processes. Effective communication skills across all organizational levels. Proven leadership and team mentoring experience. Preferred Qualifications and Skills: Demonstrable more »

office, 4 days remote working, work from home Key Skills: Continuous Integration (CI), Continuous Deployment (CD), Infrastructure as Code (IaC), Security Automation, Vulnerability Management, Threat Intelligence, Secure Software Development Lifecycle (SSDLC), Compliance as Code, Security Orchestration, Container Security, Microservices Security, Threat Modelling, Secure Configuration Management, Secure DevOps more »

software systems by reviewing designs, auditing code, and performing penetration tests. The role involves developing and implementing vulnerability mitigation strategies, conducting risk assessments and threat modelling, and managing vulnerabilities using industry standards. You will act as a security expert, proactively identifying and addressing potential threats, and integrating robust more »

for each assigned product team/squad, and will support the implementation of secure solutions throughout the development life-cycle. You will also facilitate threat modeling workshops assisting product teams in identifying and mitigating threats. What you will be doing Oversee security related issues across multiple product teams/… Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modeling workshops with SMEs Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security … such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modeling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a task. more »

Key Skills: Proven API Development experience In depth knowledge of API Integration Technologies, e.g. REST, SOAP Extensive exposure to secure coding principles e.g. OWASP, Threat Modelling High skills level in the ASP.NET and the .NET ecosystem and tools e.g. C#, Visual Studio, dotnet CLI Deep understanding of SOLID more »

Skills & Qualifications: Proven experience in API development and integration technologies such as REST and SOAP. Extensive knowledge of secure coding principles, including OWASP and Threat Modelling. Excellent hands-on coding skills using ASP.NET, the .NET ecosystem, and tools like C#, Visual Studio, and dotnet CLI. A deep understanding of more »

Knowledge and experience of applying best practice for solution security (e.g., OWASP, NCSC cloud security principles) Strong understanding and practical experience of performing security threat modelling and articulating risk profiles Deep understanding of security concepts and demonstrated application to technical solutions Knowledge and experience of applying best practice more »

Master the art of penetration testing with tools like Burp Suite, OWASP ZAP, and/or Kali Linux. Have experience with secure coding practices, threat modeling, and API security. Are a skilled communicator and collaborator, able to bridge the gap between technical and non-technical audiences. Senior Application Security more »

Security, ensuring compliance with legislative and regulatory requirements. Develop a security architecture process that aligns security solutions and capabilities with business, technology, regulatory, and threat drivers. Provide advice on effective security strategies and counsel on security policies and practices to business stakeholders and support teams. Define principles, guidelines, standards … including technical or infrastructure architecture, application development, or cloud development. Proven experience in developing architecture blueprints, strategies, and roadmaps. Strong working knowledge of conducting threat-modelling exercises for new applications and services. Practical knowledge of the information security standards domain. Experience working with external audit and certification organisations. more »

and IaC tools (Terraform, CloudFormation, etc.) Expertise in configuration management (Ansible, Chef, Puppet) and container orchestration (Kubernetes, Docker Swarm) Deep understanding of security principles, threat modelling, vulnerability scanning, and secure coding practices Familiarity with mobile development frameworks (React Native, Flutter) and application security testing (SAST, DAST, IAST) Strong more »

deep product partnership. We build strong relationships with other teams and help them build secure software. This includes reviewing early-stage designs, helping develop threat models.A World-Changing CompanyAt Palantir, we’re passionate about building software that solves problems. We partner with the most important institutions in the world … our products against our dedicated adversaries. • Architecture and design. You will be the security subject matter expert for product architects and engineers. You will threat model, assess risks, and help implement security controls and mitigations to address identified issues. You will directly steer the design of our products to … are the underpinnings of our team.Core ResponsibilitiesPerform deep architecture and security reviews on highly complex products to identify vulnerabilitiesLead engineering teams in feature design, threat modeling, and security-critical code and architectureDevelop and implement automation to eliminate entire classes of weaknesses across the organizationDrive decision-making by determining the more »

reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs.We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks.The Cyber Security Consultant will have the following … analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products’ convergence over time and products … decommissioning.Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approachesResearch and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisionsAble to develop vision, principles and strategy more »

Senior Threat Modeller Aerospace & Defence Preston or Filton Hybrid - 2-4 days a month £50-55,000 We are searching for a Senior Threat Modeller to join our clients Cyber Operations Team on a hybrid working model from either their Preston or Frimley offices. This is an excellent … government that span Aerospace, Land, Sea, Air, Maritime, Cyber Intelligence and Electronics. The role: * Building and implementing processes and procedures for continuous and effective threat modelling capability * Producing reports detailing key threats to the organisation at a strategic level for business units to digest * Contributing to plans and … delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape * Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) * Identifies security gaps within the organisations estate, and more »