1 to 25 of 680 Threat Modelling Jobs in England

Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to C More ❯

strategy definition which is often the first step in engaging our clients, helping to influence the board and CxO with top-down buy-in and understanding. Providing insight for threat modelling, risk management and security overlay approaches by conducting security maturity assessments. Developing new security strategies to manage emerging risks in Cloud & agile/DevSecOps operating environments. Providing More ❯

Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to C More ❯

Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to C More ❯

Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness. Lead security architecture workshops and technical … ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident response, threat intelligence integration, and advanced detection strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to C More ❯

systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: - Identify business objectives, user needs, risk appetite and cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry … Contribute to a reference architecture of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than only the identification of challenges … native security capabilities and good practice within Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO More ❯

NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and threat-based approaches to evaluate and recommend appropriate and proportionate security technologies and solutions (e.g., SIEM, IAM, CASB, container security). Outline key security components, interfaces, and dependencies. Develop architectural … Document security design principles and provide rationale. Ensure designs align with business objectives, security policies, and industry best practices, with a focus on cloud-native security considerations. Risk and Threat Management: Conduct comprehensive risk assessments and threat modelling, providing detailed analysis and actionable recommendations. Advise clients on risk mitigation strategies and security best practices, and support the More ❯

expertise and excellence, working collaboratively across government to deliver holistic, customer centric cyber security services. This includes consultancy support that continually evolves to emerging technologies and the ever-changing threat and risk landscape. It is an exciting time to be part of our active and encouraging Cybersecurity and Architecture communities, working within HMRC and across HMG. As an Enterprise … TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design Patterns: Establish baselines for current security technologies and develop design patterns to support solution architects in implementing effective … DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations More ❯

expertise and excellence, working collaboratively across government to deliver holistic, customer centric cyber security services. This includes consultancy support that continually evolves to emerging technologies and the ever-changing threat and risk landscape. It is an exciting time to be part of our active and encouraging Cybersecurity and Architecture communities, working within HMRC and across HMG. As an Enterprise … TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design Patterns: Establish baselines for current security technologies and develop design patterns to support solution architects in implementing effective … DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities. Cyber Security Operations More ❯

ensure compliance with regulatory requirements Collaborate with clients to understand their security needs and provide tailored solutions Lead security assurance activities, including risk assessments, vulnerability assessments, penetration testing, and threat modelling techniques such as MITRE ATT&CK, STRIDE, DREAD, and PASTA Provide expert guidance on security controls and measures to protect cloud infrastructure and data Stay up-to More ❯

and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis, threat modeling, and vulnerability assessments Experience in coordinating with diverse cross-functional teams, including software engineers, designers, and stakeholders to drive the necessary outcomes. Strong technical abilities and a track … Contribute actively to the creation and refinement of CloudBees product's cybersecurity features, maintaining a deep understanding of emerging technologies and industry best practices Conduct regular security analysis and threat assessments, identifying vulnerabilities and potential improvements in the product's security Generation of technical marketing requirements documents and creation of product roadmaps Collaborate closely with CloudBees cybersecurity team to More ❯

systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: Identify business objectives, user needs, risk appetite, and cyber security obligations Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards, as well as industry … to both technical and non-technical stakeholders Contribute to a reference architecture of established patterns, principles, and guidelines Research emerging technologies and new products, positioning them against the evolving threat landscape and client risk appetite Distil complex information into key discussion points to facilitate resolution rather than just identifying challenges Contribute to developing the Security Practice's skills and … Experience with Cloud platforms (AWS and/or Microsoft Azure), including native security features and best practices Deep knowledge of modern security concepts, attack vectors, malware, security analytics, and threat intelligence Understanding of security testing and vulnerability management, including pen testing, CVSS, and CVE Experience with security standards such as ISO 27001, 27002, 27017, and 27108 DESIRABLE SKILLS AND More ❯

NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and threat-based approaches to evaluate and recommend appropriate and proportionate security technologies and solutions (e.g., SIEM, IAM, CASB, container security). Outline key security components, interfaces, and dependencies. Develop architectural … Document security design principles and provide rationale. Ensure designs align with business objectives, security policies, and industry best practices, with a focus on cloud-native security considerations. Risk and Threat Management: Conduct comprehensive risk assessments and threat modelling, providing detailed analysis and actionable recommendations. Advises clients on risk mitigation strategies and security best practices, and support the More ❯

ensure compliance with regulatory requirements. Collaborate with clients to understand their security needs and provide tailored solutions. Lead security assurance activities, including risk assessments, vulnerability assessments, penetration testing, and threat modelling techniques such as MITRE ATT&CK, STRIDE, DREAD, and PASTA. Provide expert guidance on security controls and measures to protect cloud infrastructure and data. Stay up-to More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration across product, engineering … teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk management frameworks. Work closely with the AI engineering …/ML systems, securing data pipelines, models, and associated infrastructure. Strong technical background in areas such as application security, cloud security (AWS/Azure), identity and access management, and threat detection. Proficiency with SIEM, SOAR, EDR, vulnerability management, and DevSecOps practices. Deep understanding of modern attack vectors, threat intelligence, and incident response processes. Experience with security frameworks and More ❯

and FedRAMP and the audit process around demonstrating compliance effectively. Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework Expertise in risk analysis, threat modeling, and vulnerability assessments Experience in coordinating with diverse cross-functional teams, including software engineers, designers, and stakeholders to drive the necessary outcomes. Strong technical abilities and a track … Contribute actively to the creation and refinement of CloudBees product's cybersecurity features, maintaining a deep understanding of emerging technologies and industry best practices Conduct regular security analysis and threat assessments, identifying vulnerabilities and potential improvements in the product's security Generation of technical marketing requirements documents and creation of product roadmaps Collaborate closely with CloudBees cybersecurity team to More ❯

mechanisms are in place Help us to stay nimble by building compliance and security control automations Drive security infrastructure deployments across our growing environments Perform regular security assessments, audits, threat modeling and architecture design reviews to identify risks and vulnerabilities, triage found risks, identify improvements appropriately and design controls to implement as corrective actions Lead incident response efforts, including … the DevSecOps mindset that we have created across our technology teams Requirements What skills are essential: You have an in-depth knowledge of security principles, technologies, best practices and threat detection and mitigation strategies Knowledge of common attack vectors and methodologies (OWASP Top 10, Mitre ATT&CK Framework and social engineering tactics The ability to identify potential threats, attack More ❯

put those plans into action. Engineer highly secure contained environments for cloud and on-premises solutions, with a focus on minimizing attack surfaces and preventing unauthorized access. Risk and Threat Management: Perform comprehensive risk assessments and threat modelling, providing detailed analysis and acting on recommendations. Advise clients on risk mitigation strategies and security best practices and lead … put those plans into action. Engineer highly secure contained environments for cloud and on-premises solutions, with a focus on minimizing attack surfaces and preventing unauthorized access. Risk and Threat Management: Perform comprehensive risk assessments and threat modelling, providing detailed analysis and acting on recommendations. Advise clients on risk mitigation strategies and security best practices and lead More ❯

put those plans into action. Engineer highly secure contained environments for cloud and on-premises solutions, with a focus on minimizing attack surfaces and preventing unauthorized access. Risk and Threat Management: Perform comprehensive risk assessments and threat modelling, providing detailed analysis and acting on recommendations. Advise clients on risk mitigation strategies and security best practices and lead More ❯

efficient deployments. Collaborate closely with Cloud Platform Engineers, DevX and Product Engineering to ensure security requirements are integrated into system designs and technology choices from the outset. Participate in threat modelling exercises for cloud-native applications, microservices, and infrastructure components. Support internal and external penetration testing engagements for Funding Circle applications, services, and cloud infrastructure. Contribute to vulnerability … in cloud security (AWS), DevSecOps, and application security, becoming a key contributor in these areas. Proactively identify areas for security improvement and contribute to security initiatives. Proactively monitor the threat landscape, evaluate emerging cloud security risks and trends, and translate them into actionable security improvements. What we’re looking for Hands-on experience (e.g. 1+ years) in Information Security More ❯

also contribute to security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and …/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident More ❯

also contribute to security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and …/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident More ❯

Collaborate with IT, cloud, and cybersecurity teams to ensure secure integration across systems and applications. Lead architectural reviews and assurance of designs working with System Integrators & partner resources. Conduct threat modeling and risk assessments on network infrastructure and recommend mitigations. Support incident response teams during network-related security incidents and perform root cause analysis. Evaluate and recommend security tools … IPS/IDS, and SD-WAN. Understanding of Zero Trust Architecture, microsegmentation, and secure cloud networking (e.g., Azure, AWS, GCP). Experience with security information and event management (SIEM), threat intelligence, and vulnerability management. Excellent communication and documentation skills, with the ability to influence and educate stakeholders. Relevant certifications strongly preferred (e.g., CISSP, CCNP Security, CCIE Security, GIAC, Azure More ❯