1 to 25 of 40 Permanent Threat Modelling Jobs in the UK

Senior Threat Analyst Can you build and implement effective threat modelling processes? Join my clients Cyber Operations team to build and implement effective threat modelling processes, produce strategic threat reports, and support organizational security development. Staying ahead of cyber threats, identify security gaps, and … design attack simulations for Purple Team engagements. Key Responsibilities: Develop and execute continuous threat modelling procedures. Create strategic threat reports for their business units. Support security development in line with regulatory changes. Maintain up-to-date knowledge of cyber threats and analyst tools. Identify security gaps and … build attack simulations. Skills & Experience: Deep understanding of the external security environment and threat response. Knowledge of the cyber threat landscape, current affairs, and geopolitics. Expertise in infrastructure analysis (perimeters, network endpoints, user behavior). Package: £50,000 - £55,000 Hybrid - 2/3 split Huge training budget more »

Senior Threat Analyst ?? Can you build and implement effective threat modelling processes? Join my clients Cyber Operations team to build and implement effective threat modelling processes, produce strategic threat reports, and support organizational security development. Staying ahead of cyber threats, identify security gaps, and … design attack simulations for Purple Team engagements. Key Responsibilities: Develop and execute continuous threat modelling procedures. Create strategic threat reports for their business units. Support security development in line with regulatory changes. Maintain up-to-date knowledge of cyber threats and analyst tools. Identify security gaps and … build attack simulations. Skills & Experience: Deep understanding of the external security environment and threat response. Knowledge of the cyber threat landscape, current affairs, and geopolitics. Expertise in infrastructure analysis (perimeters, network endpoints, user behavior). Package: £50,000 Hybrid - 2/3 split Huge training budget Multiple locations more »

all product teams, dealing with complex projects daily and serving as the escalation point for the Product Security Specialist (PSS). You will lead threat modelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists … a team of Product Security Specialist (PSS). Providing leadership, technical guidance, and support to the Product Security Specialists. You will lead/facilitate threat modelling workshops with SMEs. Engaging with key stakeholders to identify threats and recommend countermeasures. Collaborating with strategy, transformation, and digital engineering parts of … such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a more »

Senior Threat Analyst ?? Can you build and implement effective threat modelling processes? Join my clients Cyber Operations team to build and implement effective threat modelling processes, produce strategic threat reports, and support organizational security development. Staying ahead of cyber threats, identify security gaps, and more »

inherently secure. - Ideally you will have worked across the system lifecycle, undertaking the security risk management activities required to support each phase, from initial threat and risks assessments and specification of security requirements, through to overseeing implementation and testing of socio-technical security architectures. You will also have experience … assurance workstreams for projects delivering secure systems and services within a government context. Undertaking and producing socio-technical security risk assessments, ideally including technical threat modelling (e.g. using STRIDE). Development and implementation of risk management strategies and plans. Specification, development and technical assurance of security policies and … Knowledge and understanding of core cyber security risk management areas, including but not limited to: Security governance and risk management approaches, tools, and techniques. Threat modelling (e.g. STRIDE) and socio-technical risk assessment (e.g. NIST 800-30) methodologies. Attack classification and characterisation frameworks (e.g. MITRE ATT&CK) Computer more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

will engineering teams to create solutions that solve or remediate security problems. This will involve a range of activities, including (but not limited to) threat modelling, selection and configuration of DevSecOps tools, high-level and detailed security designs. About you We are looking for a Senior Security Engineer … with experience in design and implementing cloud native applications in the cloud. You should have demonstrable experience in Threat modelling, design and implementing security controls in the cloud environment (AWS or Azure) Design and implementing cloud native and hybrid solutions in major public cloud platforms. Understanding of cryptographic more »

Senior Threat Modeller Remote-based with occasional travel to Preston or Frimley £45,000 - £55,000 2.5% bonus excellent bens What you ll be doing - Senior Threat Modeller Building and implementing processes and procedures for continuous and effective threat modelling capability Producing reports detailing key threats … digest Contributing to plans and delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) Identifies security gaps … and builds attack simulations to support Purple Team engagements by illustrating potential attack patterns to prioritise future remediation efforts Your skills and experiences - Senior Threat Modeller An in-depth understanding of the external security environment and how the organisation reacts to security threats Good knowledge of cyber threat more »

Senior Threat Modeller Remote-based with occasional travel to Preston or Frimley £45,000 - £55,000 + 2.5% bonus + excellent bens What you'll be doing - Senior Threat Modeller Building and implementing processes and procedures for continuous and effective threat modelling capability Producing reports detailing … digest Contributing to plans and delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) Identifies security gaps … and builds attack simulations to support Purple Team engagements by illustrating potential attack patterns to prioritise future remediation efforts Your skills and experiences - Senior Threat Modeller An in-depth understanding of the external security environment and how the organisation reacts to security threats Good knowledge of cyber threat more »

reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs.We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks.The Cyber Security Consultant will have the following … analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products’ convergence over time and products … decommissioning.Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approachesResearch and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisionsAble to develop vision, principles and strategy more »

Knowledge and experience of applying best practice for solution security (e.g., OWASP, NCSC cloud security principles) Strong understanding and practical experience of performing security threat modelling and articulating risk profiles Deep understanding of security concepts and demonstrated application to technical solutions Knowledge and experience of applying best practice more »

reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs.We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks.RequirementsAbility to research, articulate, pitch complex and innovative … analysis for specific domains, identify gaps in existing capabilities, service maturity. Identify missing cybersecurity and cyber-resiliency capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as products’ convergence over time and products … decommissioning.Expert knowledge of identifying, developing and communicating threat modelling and understanding the impact of decisions, balancing requirements and deciding between approachesResearch and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate subtle design decisionsAble to develop vision, principles and strategy more »

Senior Threat Modeller Aerospace & Defence Preston or Filton Hybrid - 2-4 days a month £50-55,000 We are searching for a Senior Threat Modeller to join our clients Cyber Operations Team on a hybrid working model from either their Preston or Frimley offices. This is an excellent … government that span Aerospace, Land, Sea, Air, Maritime, Cyber Intelligence and Electronics. The role: * Building and implementing processes and procedures for continuous and effective threat modelling capability * Producing reports detailing key threats to the organisation at a strategic level for business units to digest * Contributing to plans and … delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape * Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) * Identifies security gaps within the organisations estate, and more »

Senior Threat Modeller Aerospace & Defence Preston or Filton Hybrid - 2-4 days a month £50-55,000 We are searching for a Senior Threat Modeller to join our clients Cyber Operations Team on a hybrid working model from either their Preston or Frimley offices. This is an excellent … government that span Aerospace, Land, Sea, Air, Maritime, Cyber Intelligence and Electronics. The role: * Building and implementing processes and procedures for continuous and effective threat modelling capability * Producing reports detailing key threats to the organisation at a strategic level for business units to digest * Contributing to plans and … delivering activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape * Maintaining up to date knowledge of cyber security threats, analyst toolsets and relevant activity group tactics, techniques, and procedures (TTPs) * Identifies security gaps within the organisations estate, and more »

Vulnerability assessment and penetration testing methodologies and processes for web, thick-client and mobile applications Experience with Splunk and/or other SIEM platforms Threat modelling, intelligence and incident response Management, monitoring and operations of technology (backups, change management, system monitoring, incident/problem Management) Operational resilience, business more »

Developing cyber defence capabilities to protect LSEG from cyber threats that impact the confidentiality, integrity, and availability of group assets. Domain area is Vulnerability & Threat Management. Reports to Senior Manager, Vulnerability & Threat Management No direct FTE reports, but may handle contingents and vendor/partner resources. Location/… Key Risk Indicators, are delivered and handled. Technical/Job Functional Knowledge Knowledge and experience of the architecture, engineering and operation of vulnerability and threat management technology. Discovery and classification of vulnerabilities across systems and platforms. Guidance & assurance aspects of remediation. Level of knowledge in the domain technology area … level. A solid grasp of information security principles and standard methodologies. Adversary Tools, Techniques and Procedures. A deep understanding of TTP s is required. Threat Modelling experience. Broad technology knowledge across non-core domain area. Modern engineering practices, automation to drive efficiencies. Infrastructure as Code mentality. Code/ more »

and initiatives and ensure compliance with security policies and regulations. Prepare and deliver security reports and presentations to senior management and stakeholders. Knowledge of threat modelling techniques such as STRIDE. Experience and Qualifications Required Bachelor's degree in computer science, information systems, cybersecurity, or related field. Good years more »

office, 4 days remote working, work from home Key Skills: Continuous Integration (CI), Continuous Deployment (CD), Infrastructure as Code (IaC), Security Automation, Vulnerability Management, Threat Intelligence, Secure Software Development Lifecycle (SSDLC), Compliance as Code, Security Orchestration, Container Security, Microservices Security, Threat Modelling, Secure Configuration Management, Secure DevOps more »

and solution designs , to help advise project managers and developers across the business. Maintain awareness of current and emerging security risks and the changing threat landscape and recommend mitigating solutions to project managers and developers to help ensure security enhancement and controls are pro-actively applied across the LGRI … preferred) and/or AWS security technologies is essential. Expertise and practical experience of Information Security frameworks including NIST, ISO27001/17 and STRIDE Threat Modelling Framework. Understanding of general security practices such as encryption, IAM, PAM, penetration testing, container security, security information and event management etc. and more »

Systems Security Professional (CISSP) Certified Authorization Professional (CAP) Certified Secure Software Lifecycle Professional (CSSLP) HealthCare Information Security and Privacy Practitioner (HCISPP) Experience Experience in Threat Modeling. A proven track record as engineer and consultant, capable of working directly with teams, embedded in the delivery model. Experience with Kubernetes, Openshift more »

required. At least 12 years of experience in Information Security and risk related work preferable in large organization especially banking environment. Deep understanding of threat modeling and risk management principles and best practices, and able to explain it in a structured and easy-to-understand manner. Strong understanding of more »

Security, ensuring compliance with legislative and regulatory requirements. Develop a security architecture process that aligns security solutions and capabilities with business, technology, regulatory, and threat drivers. Provide advice on effective security strategies and counsel on security policies and practices to business stakeholders and support teams. Define principles, guidelines, standards … including technical or infrastructure architecture, application development, or cloud development. Proven experience in developing architecture blueprints, strategies, and roadmaps. Strong working knowledge of conducting threat-modelling exercises for new applications and services. Practical knowledge of the information security standards domain. Experience working with external audit and certification organisations. more »

AntiVirus/AntiMalware for End User devices Antivirus/Malware/Ransomware etc for Product/Platform DDos Protection Access Management/Review (IAM) Threat modelling Setup Bug Bounty program Application Security/Testing Brand monitoring (domans etc) Whitelist client access Encryption in Transit (confirm 100%) Social Engineering more »

to product owners and delivery teams working on a viariety solutions for both colleagues and members. This will include developing solution overviews and designs, threat models, and architectural patterns. This opportunity is within the Security Architecture team, and part of Security and Resilience. The team have a challenging mandate … understanding their problems helping find secure solutions Assuring and advising on secure systems design Creating patterns and other architecture artefacts Good knowledge of cryptography Threat Modelling using common industry techniques (such as STRIDE, Attack Trees, PnG), and working with a recognised risk framework to evaluate severity and priority. … level you will have: A good general appreciation of enterprise-wide security threats, controls and principles across the above areas Experience or aptitude for threat evaluation and documenting enterprise-level architectural solutions that mitigate, or offer a risk aligned roadmap to mitigation. Producing artefacts such as Security designs, patterns more »

level executives. Complementary Technical Skills: Hands-on experience with programming languages, databases, and IoT. Knowledge of containerisation technologies such as Docker. Experience with Attack & Threat Modelling. Familiarity with Red Team testing and social engineering attack methodologies. Working knowledge of CobaltStrike. Experience with bug bounty programs and vulnerability disclosure policies. more »