1 to 25 of 78 Remote/Hybrid Threat Modelling Jobs in England

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure … Design - Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (e.g. STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

roadmap, backlog and design decisions. Work with colleagues across product, development, and networks & infrastructure to embed security across the product lifecycle. Carry out threat modelling, secure design reviews and technical risk assessments for new and existing product capabilities. Assign pragmatic risk levels and support sensible prioritisation of remediation … software-led environment. Good understanding of how product and development teams operate, including how security considerations are balanced alongside product delivery. Strong experience of threat modelling, secure design review, vulnerability assessment and remediation prioritisation. The judgement to assess exploitability and business impact pragmatically Practical experience applying security across ...

engineering teams to embed automated security testing and guardrails into development workflows. Define, implement, and maintain secure development standards, including secure coding guidelines, threat modelling practices, and minimum-security requirements for applications and APIs. Partner with engineering, platform, and product teams to embed secure-by-design principles into … development team, providing hands-on technical leadership across design, development, and operation. Perform deep-dive security activities for the team, including threat modelling, code-level reviews, and vulnerability triage/remediation support. Oversee and coordinate third-party application security reviews, ensuring consistent assessment standards and effective risk management ...

engineering teams to embed automated security testing and guardrails into development workflows. Define, implement, and maintain secure development standards, including secure coding guidelines, threat modelling practices, and minimum-security requirements for applications and APIs. Partner with engineering, platform, and product teams to embed secure-by-design principles into … development team, providing hands-on technical leadership across design, development, and operation. Perform deep-dive security activities for the team, including threat modelling, code-level reviews, and vulnerability triage/remediation support. Oversee and coordinate third-party application security reviews, ensuring consistent assessment standards and effective risk management ...

security of supply through facilities in Europe, the UK, and the United States. Your Role: You will be responsible for revising, developing, and maturing Threat Intelligence processes, tooling, and policies to strengthen existing services and ensure they remain effective against a constantly evolving external threat landscape. This includes … with internal and external stakeholders, building strong, trusted relationships across the business and with peer organisations within the civil nuclear sector to enable effective Threat Intelligence information sharing. You will coordinate with technical and non-technical teams to ensure relevant threat intelligence informs risk modelling and assessment ...

standardise assessments across platforms. Conduct comprehensive platform security reviews (build systems, CI/CD pipelines, runtime infrastructure, developer tooling) against defined framework criteria. Perform threat modelling and gap analysis, identifying vulnerabilities and systemic risks impacting source code, artifacts, and workloads. Engineering Platform Security Enablement Establish standardised secure architecture … security controls. Strong knowledge and understanding of service mesh, cryptography, network security, application security, vulnerability management, and risk management. Demonstrable ability to conduct threat modelling, platform security assessments, and gap analysis. Experience building and implementing maturity models, frameworks, or roadmaps in complex enterprise environments. Strong stakeholder management skills ...

cloud infrastructures. Contribute to blogs and research within the business community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

development, engineering, and product teams, ensuring AppSec requirements are integrated early and effectively into design and delivery workflows. Perform and lead application security assessments, threat modelling sessions, design reviews, and secure code review consultations. Partner with Security Product Owners and engineering teams to ensure AppSec tooling, processes … centralised Centre of Excellence or security governance function. Strong capability in developing and governing AppSec policies, standards, and secure SDLC frameworks. Expert knowledge across threat modelling, secure design, application risk assessment, and secure code review techniques. Hands-on understanding of DevSecOps practices, CI/CD pipeline security ...

Integrate security controls into CI/CD pipelines and modern development workflows, enabling secure and automated deployment of cloud and AI workloads. Participate in threat modelling, risk assessment, and security design reviews for AI applications, APIs, and cloud services. Support evaluation and onboarding of emerging AI security tools … securing GenAI, Agentic AI, vector databases, model APIs, or data pipelines used by LLMs. Knowledge of responsible AI principles, model governance, or AI-specific threat modelling (e.g., adversarial ML, data poisoning, prompt injection). Background working in regulated industries such as Financial Services or Insurance. Strong stakeholder communication ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. You will need: Strong practical experience in designing and running Identity and Access Management (IAM) solutions within large-scale, complex environments. … Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Ability to define standards, partner cross-functionally (IT, GRC, Engineering), and drive risk reduction through threat modelling, compliance (NIST, ISO, GDPR), and ongoing optimisation of identity systems. Experience working with cloud identity (Azure, AWS, or GCP). What ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...

practices across the organisation. Lead complex security architecture initiatives in collaboration with architects, engineers, and platform teams across business units. Own and deliver advanced threat modelling, secure design reviews, and risk assessments for high-impact systems. Drive and support critical risk remediation and vulnerability management, including root cause … continuously improve product security maturity. What you'll bring Strong hands-on experience contributing across multiple stages of the Secure Development Lifecycle, including threat modelling, secure coding, testing, and vulnerability management. Deep expertise in multiple of these domains with working knowledge of the others: modern applications, cloud, platforms ...