1 to 25 of 180 Permanent Threat Modelling Jobs in the UK excluding London

IT Cyber Security Analyst Ref: YC46941 A highly successful IT and telecommunications services company is currently recruiting an IT Cyber Security Analyst (Threat Intelligence Analyst) to work at their clients site in London. In this role, you will be responsible for identifying, analysing, and communicating cyber threats to support proactive defence strategies. The ideal candidate should have expertise in … threat intelligence analysis, collaboration across teams, familiarity with security tools, and strong analytical skills. ELIGIBLE APPLICANTS: (O) Eligible visa: Permanent residence, Spouse, Partner, Working holiday, Graduate (X) NOT eligible: Student visa, Requiring visa sponsorship, WORK TYPE: office-based VISA SUPPORT: No TYPE: 6 months rolling contract, full-time WORKING HOURS: Mon-Fri 9:00-17:00 SALARY: up to … 54k, depending on experience START: Nov-Dec 2025 LOCATION: London (office-based) Cyber Security Analyst Main Responsibilities: Monitor and analyse the global threat landscape to identify emerging risks, adversary tactics, and trends relevant to the organization's business and technology environment Collaborate with Red Team, Blue Team, and Penetration Testing teams to integrate threat intelligence into testing scenarios More ❯

IT Cyber Security Analyst Ref: YC46941 A highly successful IT and telecommunications services company is currently recruiting an IT Cyber Security Analyst (Threat Intelligence Analyst) to work at their clients site in London. In this role, you will be responsible for identifying, analysing, and communicating cyber threats to support proactive defence strategies. The ideal candidate should have expertise in … threat intelligence analysis, collaboration across teams, familiarity with security tools, and strong analytical skills. ELIGIBLE APPLICANTS: (O) Eligible visa: Permanent residence, Spouse, Partner, Working holiday, Graduate (X) NOT eligible: Student visa, Requiring visa sponsorship, WORK TYPE: office-based VISA SUPPORT: No TYPE: 6 months rolling contract, full-time WORKING HOURS: Mon-Fri 9:00-17:00 SALARY: up to … 54k, depending on experience START: Nov-Dec 2025 LOCATION: London (office-based) Cyber Security Analyst Main Responsibilities: Monitor and analyse the global threat landscape to identify emerging risks, adversary tactics, and trends relevant to the organization's business and technology environment Collaborate with Red Team, Blue Team, and Penetration Testing teams to integrate threat intelligence into testing scenarios More ❯

IT Cyber Security Analyst Ref: YC46941 A highly successful IT and telecommunications services company is currently recruiting an IT Cyber Security Analyst (Threat Intelligence Analyst) to work at their clients site in London. In this role, you will be responsible for identifying, analysing, and communicating cyber threats to support proactive defence strategies. The ideal candidate should have expertise in … threat intelligence analysis, collaboration across teams, familiarity with security tools, and strong analytical skills. ELIGIBLE APPLICANTS: (O) Eligible visa: Permanent residence, Spouse, Partner, Working holiday, Graduate (X) NOT eligible: Student visa, Requiring visa sponsorship, WORK TYPE: office-based VISA SUPPORT: No TYPE: 6 months rolling contract, full-time WORKING HOURS: Mon-Fri 9:00-17:00 SALARY: up to … 54k, depending on experience START: Nov-Dec 2025 LOCATION: London (office-based) Cyber Security Analyst Main Responsibilities: Monitor and analyse the global threat landscape to identify emerging risks, adversary tactics, and trends relevant to the organization's business and technology environment Collaborate with Red Team, Blue Team, and Penetration Testing teams to integrate threat intelligence into testing scenarios More ❯

Overview Senior Threat Modeler - Job Title: Senior Threat Modeler Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role What you'll be doing: Maintains an in-depth understanding of the external and internal security environment and how the organisation reacts to … security threats Contributes to, plans and delivers activities in support of organisational and security development needs in accordance with regulatory requirements and changes in the threat landscape The assessment, validation and reporting of information on current and potential cyber threats to maintain an organisation's situational awareness Identifying security gaps and building attack simulations to support Purple Team engagements … attack patterns to prioritise future remediation efforts Is a subject matter expert (SME) on emerging threats and will work on complex issues as a fully contributory member of the Threat Modelling Team, with limited guidance from the Line Manager Produces reports detailing key threats and risks to the organisation at a strategic level for business units to digest More ❯

You will champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive … daily significant change to complex Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security best practice, relevant threats … security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question and a task. Working Schedule This role More ❯

You will champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive … daily significant change to complex Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security best practice, relevant threats … security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question and a task. Working Schedule This role More ❯

You will champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive … daily significant change to complex Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security best practice, relevant threats … security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question and a task. Working Schedule This role More ❯

You will champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive … daily significant change to complex Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security best practice, relevant threats … security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question and a task. Working Schedule This role More ❯

You will champion secure development practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO organisation, including Application Security, Offensive … daily significant change to complex Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security best practice, relevant threats … security principles, practices, and frameworks, such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based question and a task. Working Schedule This role More ❯

Validate the effectiveness of security controls and recommend improvements. Deliver security architecture for cloud and hybrid environments. Scope and review IT Health Checks (ITHC) and produce remediation plans. Conduct threat modelling, risk assessments, and design proportional controls. Produce security architecture artefacts including standards and blueprints. Travel to client sites (approx. 40-60%) as required for classified system access. … HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain, attack trees), HLD/LLD reviews Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM. Working towards or holding CIISEC Full Membership or UK Cyber More ❯

technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging threats and recommend proactive mitigations. Provide mentoring, training, and security awareness support to internal teams. Essential Skills & Experience Strong hands-on experience … principles such as Zero Trust and risk-based security. Relevant certifications such as CISSP, CompTIA Security+, GIAC, or equivalent. Excellent documentation, communication, and stakeholder collaboration skills. Desirable Background in threat modelling or secure software design. Knowledge of ISO27001, Cyber Essentials Plus, or cloud security certifications. Experience in large-scale or regulated environments. What's on Offer Competitive salary More ❯

technology stack. Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging threats and recommend proactive mitigations. Provide mentoring, training, and security awareness support to internal teams. Essential Skills & Experience Strong hands-on experience … principles such as Zero Trust and risk-based security. Relevant certifications such as CISSP, CompTIA Security+, GIAC, or equivalent. Excellent documentation, communication, and stakeholder collaboration skills. Desirable Background in threat modelling or secure software design. Knowledge of ISO27001, Cyber Essentials Plus, or cloud security certifications. Experience in large-scale or regulated environments. What's on Offer Competitive salary More ❯

software development lifecycle - from designing controls and integrating testing into CI/CD pipelines to supporting vulnerability management and remediation. Acting as the go-to expert for secure design, threat modelling, and compliance, you'll make sure teams have the knowledge, tools, and confidence to build securely from the start. Alongside this, you'll maintain clear documentation and … of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs A collaborative, proactive approach to solving problems More ❯

design across technology platforms including cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration … and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling – Kill Chain – Attack tree analysis. Certifications: AWS/Azure Security Professional, CCSP, CISSP, CISM, CIISEC, UK Cyber Security Council registration (Chartered or Principal). What’s in More ❯

design across technology platforms including cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration … and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling – Kill Chain – Attack tree analysis. Certifications: AWS/Azure Security Professional, CCSP, CISSP, CISM, CIISEC, UK Cyber Security Council registration (Chartered or Principal). What’s in More ❯

design across technology platforms including cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration … and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application More ❯

design across technology platforms including cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration … and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application More ❯

planning, dependency/risk management, quality gates). Establish and enforce best-in-class DevOps, trunk-based, CI/CD, and monitoring standards. Sponsor the adoption of secure SDLC, threat modelling, vulnerability management, identity/authorisation, privacy by design; ISO27001/9001, security posture and customer due diligence. Cross-functional leadership Partner closely with Product leaders to ensure … career ladders, performance management, and fostering a high-bar engineering culture. Ability to drive reliability, performance, and cost efficiency in cloud environments. Skilled sponsor and champion of secure SDLC, threat modelling, vulnerability management, and privacy by design. Ability to partner with product and legal teams on security trade-offs and customer due diligence. Skilled in agile delivery, quarterly More ❯

a key contributor to the Cyber team by focusing on application security architecture and implementing a robust risk management programme. Collaborating closely with different teams to devise plans, perform threat modelling, adopt architecture best practices, drive secure development lifecycles, and manage risk remediation. Providing expertise in security best practices and compliance while undertaking hands-on security testing. Identifying … review sprints to ensure application security is prioritised before deployment. Partnering with architecture and development teams to review application design and code for security vulnerabilities. Establishing and promoting a threat modelling capability to evangelise secure coding practices in the development lifecycle. Delivering technical advice to ensure security standards are fully understood and complied with across teams. Developing and More ❯

practice across the practice. What you'll be doing: Leading application security architecture for high-profile public sector clients. Advising on and implementing secure development practices aligned with OWASP, threat modelling, and secure SDLC frameworks. Supporting pre-sales, solution design, and client engagements across consulting projects. Mentoring and upskilling client teams and internal consultants on application security. Experience … required: Consulting experience in application security architecture, preferably with exposure to public sector clients. Deep knowledge of OWASP Top 10, secure coding practices, threat modelling, and vulnerability management. Experience influencing design and security strategy across large programmes. Strong communication and client-facing skills; able to present to both technical and executive stakeholders. The package: Up to More ❯

software testing, QA, Quality Assurance, .NET, Azure DevOps, CI/CD pipeline, API testing, Security testing, RAG, Model orchestration, hallucination detection, NIST AI RMF, EU AI Act, security validation, threat modelling, Microsoft Azure, £450 - £500 Inside IR35, Contract, On-site, CambridgeIncrease your chances of an interview by reading the following overview of this role before making an application. … developers and data scientists to establish service-level quality metrics and observability hooks. Validate services against AI regulatory frameworks and ensure traceability, fairness, and robustness in outcomes. Participate in threat modelling and security validation of exposed APIs and AI services. Provide feedback early in the lifecycle to reduce defects and improve design. Mentor junior testers, encourage continuous learning More ❯

across enterprise and solution architectures. Assist in security assessments of existing architectures, identifying gaps and recommending improvements to enhance resilience and compliance. Gain hands-on experience in security architecture modelling, threat modelling, and secure design reviews. Learn to integrate security into the systems engineering lifecycle, from requirements analysis through to implementation and operations. Develop practical knowledge of More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯