required projects Manage security risk for the whole project life cycle Perform security activities, including but not limited to, security design reviews, risk assessments, threatmodelling, and vulnerability management and risk mitigation on internally & externally developed software Embedding security within DevOps (eg CI/CD pipelines), developing security more »
effective authorization concepts for SAP systems. Administer SAP roles and analyze user access to ensure compliance with segregation of duties (SoD) policies. Produce detailed threat models after reviewing technical design documents. Review and input security into solution architecture and high-level designs. Advise and consult with development teams on more »
Experience with Google Identity and containerization technologies (e.g., Docker, Kubernetes) is a plus. Strong understanding of security principles and best practices (e.g., secure coding, threat modeling). Excellent problem-solving and analytical skills. Ability to work effectively in a fast-paced, collaborative environment. Excellent written and verbal communication skills. more »
Master the art of penetration testing with tools like Burp Suite, OWASP ZAP, and/or Kali Linux. Have experience with secure coding practices, threat modeling, and API security. Are a skilled communicator and collaborator, able to bridge the gap between technical and non-technical audiences. Senior Application Security more »
trading API, web sockets, datastore services, and new initiatives Continually iterate on the security measures taken to ensure the resiliency of the protocol through threat modeling brainstorms and internal security reviews Lead the effort on exploring ambiguous and novel solutions to complex problems that are inherent to the company more »
various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and translating that research data into high quality detections. Your role involves actively seeking effective and comprehensive detection strategy and capabilities, ensuring detections … monitoring and Incident Response , acting as the frontline for attacks against the firms' infrastructure. As a Detection Engineer, your role will include advanced analysis, threat hunting, evaluation of new security technology as well as ensuring larger technology projects at the company are ready to be integrated into the Attack … point and coaching the team through adopting monitoring responsibility. Key areas of focus include: Public/Private Cloud Engineering and Incident Response,Detection Engineering, Threat Modelling.Hands-on experience withat least 1 cloud platform (AWS, Azure, GCP) is required. Primary Qualifications Min. 6 years of working experience with at least more »
the cloud-native development security compliance/governance, supporting security teams with deliverables, prioritisation, definition, governance, and documentation. Use security data, monitoring tools, and threat intelligence to inform insights and build the big picture. Lead the delivery of security initiatives, applying expertise and best practice. Support decision-making on … security initiatives and solutions, including the delivery approach; lead the definition of security implementations, including threat modelling. Lead delivery for cross-functional, multi-disciplinary teams comprising internal and external stakeholders. Help our teams lead their transformation and implementation of cybersecurity initiatives. Assist with various Cyber technical initiatives, including NIST … and ISO framework rollout and certification. Skills and Experience: Degree in computer science, business, or another relevant field Understanding of threat intelligence and its use in an operational environment Familiarity with cyber indices and industry best practices Experience with NIST, ISO, PCI, GDPR and SOC frameworks and certification Knowledge more »
world better than we found it. Description Apple is seeking a security professional to join its Information Security Response Organization, as part of the Threat Analysis and Incident Response function. A successful candidate will possess a proven technical background, relevant Information Security experience with a strong focus in the … Response, Security Engineering, and/or Intrusion Detection Proficient understanding of incident response automation strategies, with demonstrated ability to implement them Proficient understanding of threat modeling, operational threat intelligence, and common attack vectors Knowledge of web application vulnerabilities with ability to triage/verify OWASP Top 10 issues more »
Newcastle upon Tyne, Tyne and Wear, Tyne & Wear, United Kingdom Hybrid / WFH Options
Reed Technology
Security, ensuring compliance with legislative and regulatory requirements. Develop a security architecture process that aligns security solutions and capabilities with business, technology, regulatory, and threat drivers. Provide advice on effective security strategies and counsel on security policies and practices to business stakeholders and support teams. Define principles, guidelines, standards … including technical or infrastructure architecture, application development, or cloud development. Proven experience in developing architecture blueprints, strategies, and roadmaps. Strong working knowledge of conducting threat-modelling exercises for new applications and services. Practical knowledge of the information security standards domain. Experience working with external audit and certification organisations. more »
Senior Threat Analyst ?? Can you build and implement effective threatmodelling processes? Join my clients Cyber Operations team to build and implement effective threatmodelling processes, produce strategic threat reports, and support organizational security development. Staying ahead of cyber threats, identify security gaps, and more »
and solution designs , to help advise project managers and developers across the business. Maintain awareness of current and emerging security risks and the changing threat landscape and recommend mitigating solutions to project managers and developers to help ensure security enhancement and controls are pro-actively applied across the LGRI … preferred) and/or AWS security technologies is essential. Expertise and practical experience of Information Security frameworks including NIST, ISO27001/17 and STRIDE ThreatModelling Framework. Understanding of general security practices such as encryption, IAM, PAM, penetration testing, container security, security information and event management etc. and more »
and IaC tools (Terraform, CloudFormation, etc.) Expertise in configuration management (Ansible, Chef, Puppet) and container orchestration (Kubernetes, Docker Swarm) Deep understanding of security principles, threatmodelling, vulnerability scanning, and secure coding practices Familiarity with mobile development frameworks (React Native, Flutter) and application security testing (SAST, DAST, IAST) Strong more »
deep product partnership. We build strong relationships with other teams and help them build secure software. This includes reviewing early-stage designs, helping develop threat models.A World-Changing CompanyAt Palantir, we’re passionate about building software that solves problems. We partner with the most important institutions in the world … our products against our dedicated adversaries. • Architecture and design. You will be the security subject matter expert for product architects and engineers. You will threat model, assess risks, and help implement security controls and mitigations to address identified issues. You will directly steer the design of our products to … are the underpinnings of our team.Core ResponsibilitiesPerform deep architecture and security reviews on highly complex products to identify vulnerabilitiesLead engineering teams in feature design, threat modeling, and security-critical code and architectureDevelop and implement automation to eliminate entire classes of weaknesses across the organizationDrive decision-making by determining the more »
reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs.We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks.RequirementsAbility to research, articulate, pitch complex and innovative … analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products’ convergence over time and products … decommissioning.Expert knowledge of identifying, developing and communicating threatmodelling and understanding the impact of decisions, balancing requirements and deciding between approachesResearch and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisionsAble to develop vision, principles and strategy more »
development and continuous improvement of security processes, policies, standards and other governing documents and ensure compliance. Participate in and support delivery of security audits, threatmodelling and assessments and remediation of findings. Perform in-depth analysis of application code and infrastructure, architecture, and configurations to ensure compliance with more »
reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs.We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks.The Cyber Security Consultant will have the following … analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products’ convergence over time and products … decommissioning.Expert knowledge of identifying, developing and communicating threatmodelling and understanding the impact of decisions, balancing requirements and deciding between approachesResearch and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisionsAble to develop vision, principles and strategy more »
Preston, Lancashire, United Kingdom Hybrid / WFH Options
Atlas Recruitment Group Limited
Senior Threat Modeller Aerospace & Defence Preston or Filton Hybrid - 2-4 days a month £50-55,000 We are searching for a Senior Threat Modeller to join our clients Cyber Operations Team on a hybrid working model from either their Preston or Frimley offices. This is an excellent … government that span Aerospace, Land, Sea, Air, Maritime, Cyber Intelligence and Electronics. The role: * Building and implementing processes and procedures for continuous and effective threatmodelling capability * Producing reports detailing key threats to the organisation at a strategic level for business units to digest * Contributing to plans and … delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape * Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) * Identifies security gaps within the organisations estate, and more »
Filton, Gloucestershire, United Kingdom Hybrid / WFH Options
Atlas Recruitment Group Limited
Senior Threat Modeller Aerospace & Defence Preston or Filton Hybrid - 2-4 days a month £50-55,000 We are searching for a Senior Threat Modeller to join our clients Cyber Operations Team on a hybrid working model from either their Preston or Frimley offices. This is an excellent … government that span Aerospace, Land, Sea, Air, Maritime, Cyber Intelligence and Electronics. The role: * Building and implementing processes and procedures for continuous and effective threatmodelling capability * Producing reports detailing key threats to the organisation at a strategic level for business units to digest * Contributing to plans and … delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape * Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) * Identifies security gaps within the organisations estate, and more »
Frimley, Surrey, United Kingdom Hybrid / WFH Options
CBSbutler Holdings Limited trading as CBSbutler
Senior Threat Modeller Remote-based with occasional travel to Preston or Frimley £45,000 - £55,000 + 2.5% bonus + excellent bens What you'll be doing - Senior Threat Modeller Building and implementing processes and procedures for continuous and effective threatmodelling capability Producing reports detailing … digest Contributing to plans and delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) Identifies security gaps … and builds attack simulations to support Purple Team engagements by illustrating potential attack patterns to prioritise future remediation efforts Your skills and experiences - Senior Threat Modeller An in-depth understanding of the external security environment and how the organisation reacts to security threats Good knowledge of cyber threatmore »
Senior Threat Analyst ?? Can you build and implement effective threatmodelling processes? Join my clients Cyber Operations team to build and implement effective threatmodelling processes, produce strategic threat reports, and support organizational security development. Staying ahead of cyber threats, identify security gaps, and … design attack simulations for Purple Team engagements. Key Responsibilities: Develop and execute continuous threatmodelling procedures. Create strategic threat reports for their business units. Support security development in line with regulatory changes. Maintain up-to-date knowledge of cyber threats and analyst tools. Identify security gaps and … build attack simulations. Skills & Experience: Deep understanding of the external security environment and threat response. Knowledge of the cyber threat landscape, current affairs, and geopolitics. Expertise in infrastructure analysis (perimeters, network endpoints, user behavior). Package: £50,000 Hybrid - 2/3 split Huge training budget Multiple locations more »
South East London, London, United Kingdom Hybrid / WFH Options
The Fortune Group (Recruitment) Limited
AntiVirus/AntiMalware for End User devices Antivirus/Malware/Ransomware etc for Product/Platform DDos Protection Access Management/Review (IAM) Threatmodelling Setup Bug Bounty program Application Security/Testing Brand monitoring (domans etc) Whitelist client access Encryption in Transit (confirm 100%) Social Engineering more »
Birmingham, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threatmodelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - ThreatModelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »
level executives. Complementary Technical Skills: Hands-on experience with programming languages, databases, and IoT. Knowledge of containerisation technologies such as Docker. Experience with Attack & Threat Modelling. Familiarity with Red Team testing and social engineering attack methodologies. Working knowledge of CobaltStrike. Experience with bug bounty programs and vulnerability disclosure policies. more »