1 to 25 of 111 Threat Modelling Jobs in England

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

engineering teams to embed automated security testing and guardrails into development workflows. Define, implement, and maintain secure development standards, including secure coding guidelines, threat modelling practices, and minimum-security requirements for applications and APIs. Partner with engineering, platform, and product teams to embed secure-by-design principles into … development team, providing hands-on technical leadership across design, development, and operation. Perform deep-dive security activities for the team, including threat modelling, code-level reviews, and vulnerability triage/remediation support. Oversee and coordinate third-party application security reviews, ensuring consistent assessment standards and effective risk management ...

engineering teams to embed automated security testing and guardrails into development workflows. Define, implement, and maintain secure development standards, including secure coding guidelines, threat modelling practices, and minimum-security requirements for applications and APIs. Partner with engineering, platform, and product teams to embed secure-by-design principles into … development team, providing hands-on technical leadership across design, development, and operation. Perform deep-dive security activities for the team, including threat modelling, code-level reviews, and vulnerability triage/remediation support. Oversee and coordinate third-party application security reviews, ensuring consistent assessment standards and effective risk management ...

primary security resource for development teams, providing technical advice on vulnerability fixes and secure coding practices (e.g., adherence to the OWASP Top 10). Threat Modelling: Conduct formal threat modelling exercises for new features and application architectures to proactively identify and mitigate design flaws. B. Systems ...

primary security resource for development teams, providing technical advice on vulnerability fixes and secure coding practices (e.g., adherence to the OWASP Top 10). Threat Modelling: Conduct formal threat modelling exercises for new features and application architectures to proactively identify and mitigate design flaws. B. Systems ...

security of supply through facilities in Europe, the UK, and the United States. Your Role: You will be responsible for revising, developing, and maturing Threat Intelligence processes, tooling, and policies to strengthen existing services and ensure they remain effective against a constantly evolving external threat landscape. This includes … with internal and external stakeholders, building strong, trusted relationships across the business and with peer organisations within the civil nuclear sector to enable effective Threat Intelligence information sharing. You will coordinate with technical and non-technical teams to ensure relevant threat intelligence informs risk modelling and assessment ...

standardise assessments across platforms. Conduct comprehensive platform security reviews (build systems, CI/CD pipelines, runtime infrastructure, developer tooling) against defined framework criteria. Perform threat modelling and gap analysis, identifying vulnerabilities and systemic risks impacting source code, artifacts, and workloads. Engineering Platform Security Enablement Establish standardised secure architecture … security controls. Strong knowledge and understanding of service mesh, cryptography, network security, application security, vulnerability management, and risk management. Demonstrable ability to conduct threat modelling, platform security assessments, and gap analysis. Experience building and implementing maturity models, frameworks, or roadmaps in complex enterprise environments. Strong stakeholder management skills ...

Title: Cyber Threat Management Lead Location: London (2 days onsite per week) Duration: 6 months Rate: £670 via Umbrella Role Summary: We are Seeking a Cyber SME to improve cyber defence through threat intelligence, threat hunting, and detection engineering. Key Responsibilities: Apply cyber threat intelligence … strengthen network defence Conduct threat hunting and detection engineering Perform threat modelling and threat-led risk reduction Support purple team and offensive security testing to improve detections and controls Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation ...

strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish …/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience ...

cloud infrastructures. Contribute to blogs and research within the business community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

deployment/integration of security capabilities into engineering teams within the product domain. You will drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., with the engineering teams. Reducing friction is paramount and we are all about fast feedback within existing … console for a developer to check. Support teams in a collaborative manner in matters of mobile application, web application, cloud and data security, with threat modelling, risk treatment and security advice across all security domains. If you can raise a PR to fix a security issue, do so. ...

development, engineering, and product teams, ensuring AppSec requirements are integrated early and effectively into design and delivery workflows. Perform and lead application security assessments, threat modelling sessions, design reviews, and secure code review consultations. Partner with Security Product Owners and engineering teams to ensure AppSec tooling, processes … centralised Centre of Excellence or security governance function. Strong capability in developing and governing AppSec policies, standards, and secure SDLC frameworks. Expert knowledge across threat modelling, secure design, application risk assessment, and secure code review techniques. Hands-on understanding of DevSecOps practices, CI/CD pipeline security ...

Azure, GCP). Working with Product Security and engineering squads to embed secure-by-design into customer‐facing products and payments features. Running threat modelling, design reviews and security assessments for critical product initiatives. Defining opinionated, reusable secure architecture patterns, developer guardrails and security controls. Providing hands … Deep technical capability in multi‐cloud architecture and modern application security. Strong knowledge of Kubernetes, distributed systems, microservices and container security. Proven experience in threat modelling, secure design reviews and establishing secure patterns. A collaborative, low‐ego operator comfortable working across engineering, product and security teams. Consulting‐style ...

Integrate security controls into CI/CD pipelines and modern development workflows, enabling secure and automated deployment of cloud and AI workloads. Participate in threat modelling, risk assessment, and security design reviews for AI applications, APIs, and cloud services. Support evaluation and onboarding of emerging AI security tools … securing GenAI, Agentic AI, vector databases, model APIs, or data pipelines used by LLMs. Knowledge of responsible AI principles, model governance, or AI-specific threat modelling (e.g., adversarial ML, data poisoning, prompt injection). Background working in regulated industries such as Financial Services or Insurance. Strong stakeholder communication ...

delivery without owning build or operations. Key Responsibilities Attend regular project and design meetings to understand requirements and delivery milestones. Perform initial and iterative threat modelling for new features, integrations, and architectural changes. Advise on secure architecture design, including IAM, network segmentation, encryption, and data protection. Recommend … being consistently applied. Essential Experience Proven experience as a Security Architect or senior cyber security consultant in digital delivery environments. Strong Secure by Design, threat modelling, and risk-based security expertise. Experience advising product teams in agile, cloud-based delivery contexts. Confident engaging with architects, developers, and delivery ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

embed security into lifecycle governance Define and implement a modern DevSecOps tooling strategy (CI/CD, SAST/DAST, SCM, automation) Drive secure coding, threat modelling, and supply chain security practices (SBOM, provenance, signing) Develop KPIs, metrics, and maturity models to track and continuously improve SDLC performance Build … NIST SSDF, OWASP SAMM/ASVS, ISO 27034) Strong understanding of modern engineering practices (Agile, CI/CD, cloud, automation) Expertise in application security, threat modelling, and secure coding standards Experience implementing tooling ecosystems (e.g. SAST, DAST, SCA, pipeline automation) A track record of influencing senior stakeholders ...

ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. You will need: Strong practical experience in designing and running Identity and Access Management (IAM) solutions within large-scale, complex environments. … Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Ability to define standards, partner cross-functionally (IT, GRC, Engineering), and drive risk reduction through threat modelling, compliance (NIST, ISO, GDPR), and ongoing optimisation of identity systems. Experience working with cloud identity (Azure, AWS, or GCP). What ...