101 to 125 of 706 Threat Modelling Jobs in England

testing to identify and mitigate risks. Security in Development Pipeline: Collaborate closely with Engineering and Product teams to integrate security into the development lifecycle using techniques such as STRIDE threat modeling and security testing (SCA and SAST) in CI/CD pipelines. Promote secure-by-design principles and best practices within the company culture. Risk Management: Facilitate risk workshops … and document information security risks and treatments using tools like Eramba GRC. Monitor the threat landscape and perform regular risk assessments to ensure appropriate controls are in place. Incident Management: Manage information security incidents and conduct in-depth technical investigations, including log analysis using AWS GuardDuty, AWS CloudWatch, and manual log searches. Coordinate with external vendors for annual penetration More ❯

environment. Develop Custom Security Tooling: Contribute to the creation and maintenance of in-house tools that enhance our security capabilities and automation. Product Security Support: Assist in security assessments, threat modeling, and penetration testing, working closely with the Product Security team. Secure Development Lifecycle: Help implement and improve security gates within the SDLC. Adapt & Collaborate: Be prepared to dive … into any emerging security challenges. We're a small team with big responsibilities, and flexibility is key. Investigate and triage security alerts, manage security incidents. Gather, curate and communicate threat intelligence. Support and advise business stakeholders in relation to cyber security issues. Generate reports for both technical and non-technical staff and stakeholders. What you bring: At least More ❯

Develop and implement a comprehensive security architecture strategy tailored to the unique risks and operational needs of the semiconductor design, manufacturing and high-tech partner ecosystem. Define reference architectures, threat models, and security design patterns across hybrid, cloud-native, and on-premise environments. Mentor a technically excellent team, with a solid focus on domain-specific expertise (cloud, semiconductors, AI … with industry standards (NIST, MITRE ATT&CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and overall cyber defense posture. Partner with senior leadership to communicate security architecture roadmaps, risk mitigation strategies, and compliance postures. Champion a culture of continuous improvement More ❯

architectures for cloud-native apps across AWS, Azure, or GCP Integrate security into CI/CD pipelines and IaC tools Apply advanced container security and runtime protection strategies Lead threat modeling, risk assessment, and identity governance in the cloud Develop reusable security patterns aligned with CIS, NIST, ISO 27001 standards Successful Candidate Will Need: Hands-on CNAPP experience (CSPM More ❯

environment. Develop Custom Security Tooling: Contribute to the creation and maintenance of in-house tools that enhance our security capabilities and automation. Product Security Support: Assist in security assessments, threat modeling, and penetration testing, working closely with the Product Security team. Secure Development Lifecycle: Help implement and improve security gates within the SDLC. Adapt & Collaborate: Be prepared to dive … into any emerging security challenges. We’re a small team with big responsibilities, and flexibility is key. Investigate and triage security alerts, manage security incidents. Gather, curate and communicate threat intelligence. Support and advise business stakeholders in relation to cyber security issues. Generate reports for both technical and non-technical staff and stakeholders. What you bring: At least More ❯

implement effective security solutions that not only protect our business objectives and regulatory requirements but also provide innovative solutions to stay ahead of emerging threats. Conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design. Implementation within a Service Provider environment to create a More ❯

hub. Responsibilities: Design and implement secure Azure architectures across IaaS, PaaS, and SaaS. Define and enforce security best practices, frameworks, and policies (e.g., Zero Trust, NIST, CIS). Perform threat modeling, risk assessments, and security reviews for cloud solutions. Implement and manage tools such as Microsoft Defender for Cloud, Sentinel, Azure Security Center, and Key Vault. Partner with architects More ❯

is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and delivery tools (e.g. More ❯

We are seeking a Senior Threat Analyst to join our rapidly growing Information Security team. This role offers a unique opportunity for a seasoned cybersecurity professional to lead our cyber defense strategy, protect our brand from threats, and build our threat intelligence and hunting capabilities from scratch. You will have significant input on tooling and services, with the … strong technical and communication skills, and a passion for solving complex problems. You'll report to the Head of Cyber Defence and lead the development of advanced CTI and threat hunting strategies, integrating seamlessly into our security processes and driving ongoing improvements. Our Future Health is the UK's largest health research program, supported by the UK Government and … to gather data from 5 million volunteers to advance health discoveries. Key Responsibilities Collaborate with the security team and MSP SOC to enhance organizational security. Develop and utilize cyber threat intelligence approaches, including tooling and feeds. Stay updated on the cyber threat landscape, especially in health research sector. Triaging, analyzing, and responding to threat intelligence alerts. Track More ❯

My client, an International Financial Services firm, based in London, are looking for a Senior Cyber Threat Hunter to join their growing team. This role will require you to work two days per week in their offices close to Canary Wharf. About the Senior Cyber Threat Hunter Role: My client is seeking a highly motivated, and skilled Senior … Threat Hunter to join a global threat management team. The role will be located in London. The position will report to the Head of Cyber Threat Intelligence and will proactively identify, investigate, and mitigate advanced cyber threats across our organization's network and systems. Leveraging a deep understanding of the latest attack techniques, threat actor tactics … tools including SIEM, EDR, and IDS/IPS (extract TTPs and behaviors from research to apply to logging and tool queries/hunts and detections) Research, document and develop threat detections based on behavioral attributes of actors, malware operators, and general threats Identify and execute tuning/configuration changes to improve detection or reporting capabilities Perform deep analysis of More ❯

IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

IR35: Inside Work structure: Remote Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

and owning security controls across our SDLC and cloud–native platforms. This is a technical role , not for architects or managers – you'll be writing code, integrating tools, running threat modelling sessions, and solving real–world security problems. What You'll Do Lead threat modelling , secure design reviews, and AppSec assessments. Integrate and automate SAST, DAST More ❯

and owning security controls across our SDLC and cloud-native platforms. This is a technical role , not for architects or managers - you'll be writing code, integrating tools, running threat modelling sessions, and solving real-world security problems. What You'll Do Lead threat modelling , secure design reviews, and AppSec assessments. Integrate and automate SAST, DAST More ❯

recruiter to learn more. Base pay range Direct message the job poster from ApTask Trusted Partner in Talent Acquisition for High-Growth Companies Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused … on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat … of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership More ❯

and proactive risk reduction initiatives Advocate for secure development practices - from CI/CD pipelines to containerised workloads - ensuring that friction is addressed with empathy and practical value Apply threat modelling frameworks to uncover vulnerabilities and recommend architecture-level mitigation strategies Work directly with developers and infrastructure teams to align real-world engineering goals with enterprise security objectives … secure systems within cloud- environments (AWS or Azure) Comfortable developing IaC (Terraform or similar), automating security controls, and contributing to secure infrastructure practices Strong understanding of modern security principles, threat actor behaviour, and risk frameworks (NIST ) Skilled in collaborating with developers to find practical, low-friction ways to implement secure patterns Confident communicator across technical and non-technical teams … with the ability to influence architecture-level decisions Deep familiarity with secure development tooling, infrastructure design, and threat modelling practices Background in highly regulated environments such as financial services, insurance, or pensions () Degree in a related field and/or certifications such as CISSP, CISM, or equivalent () Experience contributing to architectural governance, documentation, and change control in scaled More ❯

development teams to apply secure-by-design principles, ensuring security is embedded throughout the product lifecycle. Key Responsibilities Define and integrate security requirements into the product development lifecycle. Perform threat modelling, risk assessments, and implement appropriate mitigation strategies. Advise on solution architecture to minimise security risks and ensure compliance with security standards. Collaborate with product teams to ensure … Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and More ❯

API security initiatives, ensuring robust protection mechanisms are in place. Own and drive the Application Security Posture Management (ASPM) function. Integrate security within the plan/design phase through threat modelling, code and architecture reviews, and by defining secure coding standards, libraries, and best practices. Configure and manage security tooling such as ASPM, CSPM, IAM/PAM, WAF … Participate in first responder rota where you would be the point of contact for consulting on security queries from development team, reviewing state of security through internal or external threat intelligence, and responding to security alerts. Perform and support internal pentesting efforts, identifying and mitigating vulnerabilities in our applications and APIs. Who are you: Proven experience delivering web application … organisation. Proficiency with DevSecOps and SDLC tooling, including SAST, DAST, SCA, ASPM and CSPM. Hands-on experience with IAM solutions such as Auth0, or AWS Cognito. Strong background in threat modelling and vulnerability management. Strong background in AWS, cloud computing concepts, and cloud security best practices. Bonus points if: Previous experience as a software engineer. Experience running a More ❯

Working with the development team in embedding security in the SDLC Provide assistance in risk management activities Support security-related incidents Support our log monitoring operations Take part in threat modelling sessions Support the teams in risk analysis of technical vulnerabilities Support our Security Champions Assist in the execution of Threat Hunts, pentests and Threat Modelling … AWS Certified Security Familiarity with TCP/IP, DNS, firewalls, VPNs, and VLANs. Basic experience with SIEMs and security logs Understanding of vulnerability management practices Understanding of penetration testing, Threat Hunting, Red Teaming methodologies Familiarity with application security and OWASP Top Ten Scripting languages Experience with capture-the-flags Familiarity with audit principles and different information security compliance standards More ❯

company’s information security strategy and operations. You’ll play a key role in ensuring the organisation’s hybrid cloud environment is secure, compliant, and resilient against an evolving threat landscape. Key Responsibilities Strategic Leadership Develop and maintain the Information Security Strategy aligned with IT and wider business goals Build and implement policies, procedures, and board-level metrics to … organisation’s Cyber Risk Management Framework Drive a security-aware culture across departments through training, communication, and engagement Operational Security Oversight Support architectural decisions and strengthen the company’s threat modelling approach Lead incident response efforts and run simulations, red team exercises, and readiness activities Conduct proactive assessments of emerging threats and implement mitigation strategies Oversee vulnerability management More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

support the assurance lifecycle and manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance requirements for secure communications, supply chain security, platform integration, and physical security interfaces. Maintain accurate, high … the engineering lifecycle, ensuring traceability and alignment with delivery controls. Strong stakeholder engagement and communication skills, with experience working across technical, programme, and accreditation teams. Capable of contributing to threat modelling, risk assessments, and technical reviews with clear, structured input. Confident working independently in complex, multi-stakeholder environments while managing priorities and deadlines effectively. High attention to detail More ❯

threats and assessing risk. Cyber Defence: As part of your apprenticeship, you will rotate through the four pillars of Cyber Defence, supporting the Security Operations Centre, Vulnerability Management, Cyber Threat Intelligence and Security Testing functions to protect HL clients and colleagues from cyber-attacks. Help assist with ongoing development and project activities Continually improve your knowledge through technical development … and learning within the Cyber Defence Team Engage regularly with the team to drive personal development Keep up to date with the latest cyber security threat landscape and drive personal development through learning activities Ensure monitoring, analysis and reporting is delivered within specified SLA targets Specific Rotation Responsibilities: Aim to monitor and acknowledge alerts in accordance with specified SLA … You'll Learn and Do: Assist in the design and review of secure IT systems and infrastructure. Support the development of security reference architectures and design patterns. Participate in threat modelling and architectural risk assessments. Collaborate with engineering, infrastructure, and development teams to embed security into solutions. Learn how to balance business needs with security requirements in real More ❯

support the assurance lifecycle and manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance requirements for secure communications, supply chain security, platform integration, and physical security interfaces. Maintain accurate, high … the engineering lifecycle, ensuring traceability and alignment with delivery controls. Strong stakeholder engagement and communication skills, with experience working across technical, programme, and accreditation teams. Capable of contributing to threat modelling, risk assessments, and technical reviews with clear, structured input. Confident working independently in complex, multi-stakeholder environments while managing priorities and deadlines effectively. High attention to detail More ❯