1 to 25 of 152 Remote/Hybrid Threat Modelling Jobs in England

resilient to evolving cyber and information threats. Key Responsibilities Identify, interpret, and integrate security requirements throughout the product and system development lifecycle . Lead threat modelling and risk assessments , applying recognised frameworks such as ISO/IEC 27001, NIST 800-30/53, and ISO 31000. … configure industry-standard threat-modelling tools (e.g., STRIDE-based tools, attack-tree tooling). Provide expert advice on secure architectures, ensuring risks are understood, prioritised, and mitigated. Ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-138/05-139 , and ISN 23/ ...

Title: Cyber Security Specialist (Threat Modelling Contract) Location: Birmingham (Hybrid, 3 days on-site) Contract: 3 - 6 Months We are seeking an experienced Cyber Security Specialist for a 3 - 6 month hybrid contract in Birmingham. This role is focused on conducting comprehensive threat modelling and risk … telecommunications infrastructure. You will work with architecture teams to identify vulnerabilities, recommend mitigations, and produce clear, actionable reports. Essential Skills & Experience: Proven experience in threat modelling complex infrastructures. Strong background in operational security (e.g., Threat Hunting, Red Team, or Intelligence). Familiarity with threat modelling ...

INFORMATION SECURITY SPECIALIST KEY POINTS • Hybrid working model (Stoke-on-Trent) – up to £55,000 p/a • Focus on application security, code analysis, threat modelling and penetration testing • Work closely with Software Development teams across a large technical environment • Opportunity to influence secure development practices and automation … automation THE INFORMATION SECURITY SPECIALIST ROLE: In this role, you’ll focus on securing internally developed and third-party applications, carrying out code reviews, threat modelling, and application penetration testing. You’ll partner closely with Software Development teams to ensure secure design principles are understood and embedded throughout ...

practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO … Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against ...

Join Police Digital Service as NMC Senior Cyber Threat Hunter - Hybrid - starting salary £65,000pa About Police Digital Service and NMC At PDS, we empower UK policing to stay ahead of evolving threats in a rapidly changing digital landscape. As the trusted technology partner for law enforcement, we deliver … value for money. The National Management Centre (NMC) is a core part of Police Digital Service (PDS), providing 24/7/365 cyber threat detection, response, and risk management capabilities across UK policing. We help forces proactively understand and mitigate cyber risks at both national and local levels. ...

throughout the delivery lifecycle, working closely with infrastructure engineers, architects, and project/programme managers. You'll define and enforce secure configuration baselines, conduct threat modelling and risk assessments, integrate monitoring and alerting, and produce clear security artefacts that guide operational teams. Candidates must be eligible to obtain … controls across hybrid/on-prem Microsoft and Azure-centric environments. Define/enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate ...

throughout the delivery lifecycle, working closely with infrastructure engineers, architects, and project/programme managers. You’ll define and enforce secure configuration baselines, conduct threat modelling and risk assessments, integrate monitoring and alerting, and produce clear security artefacts that guide operational teams. Candidates must be eligible to obtain … controls across hybrid/on-prem Microsoft and Azure-centric environments. Define/enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate ...

throughout the delivery lifecycle, working closely with infrastructure engineers, architects, and project/programme managers. You'll define and enforce secure configuration baselines, conduct threat modelling and risk assessments, integrate monitoring and alerting, and produce clear security artefacts that guide operational teams. Candidates must be eligible to obtain … controls across hybrid/on-prem Microsoft and Azure-centric environments. Define/enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate ...

with infrastructure engineers, architects, and project/programme managers to embed security throughout the delivery lifecycle. This includes defining secure configuration baselines, carrying out threat modelling and risk assessments, improving monitoring and alerting, and producing clear, practical security artefacts for operational teams. Candidates must be eligible to obtain … security controls across hybrid/on-prem Microsoft and Azure environments. Define and enforce hardening standards (e.g., CIS Benchmarks, Microsoft Security Baselines). Perform threat modelling, risk assessments, and security validation/UAT; support incident response activities. Maintain SBOMs to support vulnerability management and supply-chain assurance. Integrate ...

cloud infrastructures. Contribute to blogs and research within the business community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

cloud infrastructures. Contribute to blogs and research within the business community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

cloud infrastructures. Contribute to blogs and research within the business community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling – Kill Chain – Attack tree analysis. Certifications: AWS/Azure Security Professional, CCSP, CISSP, CISM, CIISEC, UK Cyber Security Council registration (Chartered ...

love to hear from you. What You'll Do Lead the design and implementation of secure solutions and architectures for new projects Conduct threat modelling, security risk assessments, and business impact analyses Develop and enforce security standards, policies, and baselines across multiple platforms Guide secure cloud deployments, Azure … Azure security services and SIEM tools (MS Sentinel) Experience with Azure AD, Conditional Access, and Azure networking security Strong background in security risk assessments, threat modelling, and business impact analysis Knowledge of security frameworks: ISO 27001, NIST, or CIS Controls Deep understanding of network, system, application security, cryptography ...

teams, and strengthening enterprise security posture—particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. RATIONALE/DELIVERABLES: Contribute … enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team KEY RESPONSIBILITIES Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps, especially around ...

with infrastructure engineers, architects and project teams, you will ensure that platforms are secure, compliant and aligned with recognised frameworks. Your work will span threat modelling, vulnerability research, configuration baselines, incident analysis, and the integration of monitoring, logging and alerting capabilities. You will also contribute to security documentation … access Familiarity with regulatory and compliance frameworks such as NIST, CIS Controls, ISO 27001 and Cyber Essentials Plus Experience with SIEM, logging, monitoring and threat detection platforms Understanding of data classification, encryption and secure storage Ability to collaborate with engineers to enforce secure configurations and hardening standards Experience with ...

with strong Mobile Application experience to design and assure secure, scalable solutions across mobile, cloud, and enterprise environments. Key Responsibilities Lead security architecture and threat assessments to ensure solutions are secure by design and ready for development. Act as an SME in mobile application security (iOS & Android). Conduct … oversee mobile penetration testing , runtime analysis, and threat modelling aligned to OWASP MASVS and NCSC CHECK standards. Identify, assess, and prioritise security risks across systems, applications, and networks. Design secure architectures using modern principles such as Zero Trust . Translate technical security risks into clear, business-focused insights ...

implementing security architectures across enterprise IT and operational technology systems Collaborating with technical teams to integrate security into solution design and delivery Conducting threat modelling to identify vulnerabilities and define security requirements Managing security requirements throughout the system delivery and operational lifecycle Providing specialist security advice on: Risk … based and threat-based mitigation strategies Security frameworks such as NIST, ISO, CIS Authentication, authorisation, and protective monitoring best practices Developing strong working relationships with stakeholders, peers and teams Communicating complex technical concepts clearly to non-technical audiences Preparing written guidance, reports, and delivering impactful presentations Applying critical thinking ...

lead in the build-out of their cloud-native Infrastructure capability. Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. … most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy ...

build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience … most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy ...

build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience … most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy ...

Title: Cyber Security Specialist (Threat Modelling Contract) Location: Birmingham (Hybrid, 3 days on-site) Contract: 3 - 6 Months We are seeking an experienced Cyber Security Specialist for a 3 - 6 month hybrid contract in Birmingham. This role is focused on conducting comprehensive threat modelling and risk ...

What You'll Do Core Responsibilities: Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments Execute social engineering assessments and physical security testing Produce detailed scoping documents and executive-level … growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning: Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise ...

What You'll Do Core Responsibilities: Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments Execute social engineering assessments and physical security testing Produce detailed scoping documents and executive-level … growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning: Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise ...

What You'll Do Core Responsibilities: Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments Execute social engineering assessments and physical security testing Produce detailed scoping documents and executive-level … growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning: Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise ...

What You'll Do Core Responsibilities: Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments Execute social engineering assessments and physical security testing Produce detailed scoping documents and executive-level … growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning: Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise ...