126 to 150 of 156 Threat Modelling Jobs in England

improvements Participate in on-call rotation for high-priority issues and assist during major incidents Create and maintain documentation including SOPs and security protocols Support IT security team with threat modelling, remediation, and policy compliance Essential: Strong background in network engineering and troubleshooting across complex environments Operational knowledge of LAN/WAN infrastructure, routing protocols (OSPF, BGP, EIGRP More ❯

build innovative ways of building and assessing operationally resilient technology services. Principal Accountabilities: - Business Impact Assessments & Risk Identification: Develop asset management strategies, lead business impact and vulnerability assessments, conduct threat modelling, and maintain risk identification frameworks. - Risk Assessment & Evaluation: Ensure compliance with governance policies, provide expertise on operational resilience, and support risk assessments for internal operations and third More ❯

networking, operating systems, applications, or cloud services. 3 years experience building cloud-based services. PREFERRED QUALIFICATIONS Experience with AWS products and services. Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security. Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce More ❯

vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent PREFERRED QUALIFICATIONS - Experience with AWS products and services - Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security - Experience with programming languages such as Python, Java, C++ Amazon is an equal opportunities More ❯

ideal for someone who wants to remain hands-on while helping grow revenue and capability across the practice. Key Experience Extensive knowledge of OT security architectures, network segregation and threat modelling Strong understanding of IEC 62443, NIST CSF, CAF and associated frameworks Demonstrable experience working across CNI, utilities, manufacturing or transport sectors Comfortable engaging with both technical stakeholders More ❯

security controls, you'll play a crucial role in safeguarding our environment. You'll also contribute to building custom security tools to enhance our capabilities and support security assessments, threat modelling, and penetration testing. You'll come with hands-on experience with AWS and Cloudflare and be comfortable working with Infrastructure as Code tools like Terraform. A strong More ❯

frameworks, taxonomies, and control libraries aligned with MRM, CRO, and CDO functions. Embed responsible AI principles into system design, control mechanisms, audit processes, and enterprise-wide AI strategies. Incorporate threat modeling, adversarial defense, data integrity, and continuity planning into AI architecture. Orchestrate the full AI lifecycle, including readiness evaluations, regulatory compliance reviews, and business adoption strategies. Focus on digital More ❯

the security of our SoC and embedded firmware solutions. In this role, you will evaluate system security architectures, review firmware code, contribute to ROM assessments, and perform hands-on threat modeling and lightweight testing. This opportunity is ideal for someone who enjoys solving complex security challenges, collaborating across domains, and making a tangible impact on real-world products. If More ❯

applications. Deploy and Manage Security Tooling: Select, implement, and operate key tools across GCP , such as Cloud Armor , Cloud Identity , Security Command Center , and VPC Service Controls for ongoing threat detection and response. Integrate Security in SDLC: Collaborate with product and engineering teams to integrate security into every stage of the software development lifecycle. Threat Modeling and Risk … Analysis: Perform structured threat modeling using frameworks such as STRIDE and PASTA to proactively mitigate security risks. Champion Developer Education: Promote secure development practices by educating engineers on cloud and application security fundamentals. Mentor and Lead: Act as a mentor to future hires, helping scale a high-impact cloud security function as the business grows. What you'll bring … with core cloud security components including IAM , WAFs , SIEM , CSPM , and vulnerability scanners. Technical Skills: Proficiency in at least one scripting or programming language (e.g. Python, Go, Bash). Threat Modeling: Practical knowledge of frameworks like STRIDE and PASTA. Education: Bachelor's degree in Computer Science, Information Security, or a related technical field. Collaborative Expertise: Clear and effective communication More ❯

security initiatives and architecting the delivery methodologies Assess security risks across client product portfolios and recommend remediation strategies while balancing business and technical requirements Advice on strategies around coding, threat modeling, and security testing for embedded systems, IoT devices while ensuring compliance with industry regulations Work alongside client R&D teams to lead on secure code reviews, threat … in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining residual risk after applying compensating security controls Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA, GDPR, ISO More ❯

Tuesday, and Friday. If you're located beyond that distance, the role is fully remote. For location-specific details, please connect with our recruiting team. What You Will Do: Threat Modeling & Design Review: Partner with engineering and product teams to perform threat modeling for new and existing features. Identify potential risks early in the design phase and recommend … with a track record of securing web applications and services. You're well-versed in the fundamentals of application security and have hands-on experience finding and fixing vulnerabilities. Threat Modeling & SDLC Expertise: Demonstrated ability to perform threat modeling and architectural risk analysis for complex applications. You understand how to integrate security into a fast-paced SDLC without More ❯

our flagship products cyber resilient? We are looking for a Security Engineer to join our Information Security team at our Oxford headquarters. You will be working across software engineering, modelling, and data science bringing your full self, including your security knowledge and expertise to the business. As a Security Engineer at Aurora Energy Research, you will enable our colleagues … reduction outcomes. Build secure products. Ensure security is considered throughout the product and software development life cycle. Provide security best practice, build security design patterns, complete security architecture reviews, threat models and risk assessments. Help solve engineering problems by implementing technical controls to mitigate risk. Ensure we are deploying solutions into a secure environment . Ensure we build solutions More ❯

of security in at least one of the following areas: IP networking & OT On-premises architecture and Virtualization cloud platforms and Containerization Databases and LLMs Mobile Technologies & Application security Threat modeling techniques to identify security threats to systems, leading to the definition of Security requirements. Managing security requirements through the delivery and operational life cycle of a system Provision … of authoritative specialist security advice in Risk and threat-based mitigation to system designs Control frameworks such as NIST, ISO, CIS Protective monitoring, Authentication and authorization best practices. Develop excellent working relationships with key stakeholders, peers and subordinates. Communicating effectively verbally and in writing, demonstrated through: Effectively explain complex technical solutions to a non-technical audience Writing meaningfully to More ❯

s most advanced, and largest, intelligence company! Reversing Emulation and Testing (RET) is a core function of Insikt Group's Technical Analysis (TA) Team. We seek a principal technical threat researcher with deep subject-matter expertise across malware analysis, reverse engineering, and malicious tooling. This role requires the ability to lead high-impact research and drive innovation in analytical … designing and implementing internal tools and workflows that increase our team's efficiency. You will be expected to develop and formalize novel approaches to dynamic analysis, configuration extraction, and threat behavior modeling. This position entails representing Insikt Group's technical threat research in customer briefings, webinars, and industry engagements. You will communicate complex technical findings to diverse audiences … ranging from internal stakeholders and threat analysts to customers and external partners, supporting both technical enablement and strategic advisory efforts. Additional responsibilities include authoring and reviewing high-visibility technical assessments, mentoring senior researchers, informing detection engineering across host- and network-based systems, identifying trends in offensive security tooling and tactics, and generating original research leads that inform Insikt Group More ❯

link Copy link Bachelor's degree or equivalent practical experience. 5 years of experience in cybersecurity, with an offensive security (e.g., Red Teaming, Penetration Testing, or Adversary Simulation) or threat modeling. Experience in a Security Operations Centre (SOC) or similar environment, with modern threat landscapes and attack techniques. Experience in technical troubleshooting and writing code in one or … more programming languages. Experience in threat modeling methodologies (e.g., STRIDE, PASTA, or attack trees) and secure system design principles. Current and active UK Developed Vetting (DV) Security Clearance. Preferred qualifications: Certifications in OSCE3, CRTP/CRTE, GIAC GCSA/Kubernetes-related, OSCP, OSCE, CRTO, CISSP, or GIAC (e.g., GPEN, GCTI, GWAPT). Experience designing or executing Purple Team exercises … combining offensive tactics with defensive feedback to drive continuous improvement. Experience with Kubernetes security, including secure cluster configuration, workload hardening, and threat detection in containerised environments. Experience in building or maturing security culture initiatives, including awareness programs, gamified training, or executive engagement. Experience with security testing tools and frameworks (e.g., MITRE ATT&CK, Cobalt Strike, Metasploit, Burp Suite, or More ❯

and controls. Your work will directly impact our global user base Focusing on Automation. Developing automated, scalable security solutions. Efficiency is key Administering HashiCorp Vault for secrets management Performing threat modeling and analysis to identify and mitigate security risks Managing PKI, TLS, and GPG infrastructure Applying cryptography and security design principles to cloud environments Documenting playbooks, procedures, and architecture … of working with consumer products, web apps, and mobile apps Proficiency in understanding authentication, authorization, and cryptography, with familiarity around modern security standards and best practices. Proficiency in data modelling of roles, permissions, and capabilities Experience with OAuth 2.0 nuances, best practices, and shortcomings Experience securely running and operating web applications, web services, and service-oriented architecture in production More ❯

Design and implement security tools, frameworks, and methodologies to protect against security threats Work closely with development teams to ensure secure coding practices are integrated throughout the SDLC Perform threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyze, and manage vulnerabilities in applications, providing guidance for remediation efforts Support incident response by … threats, vulnerabilities, and technologies to enhance our security posture Your background looks something like: Extensive experience in application security, cybersecurity, or related fields Strong understanding of secure coding practices, threat modeling, risk assessments, and incident response Proficiency in programming languages such as TypeScript, Python, or similar Experience with security tools, security protocols, encryption methods, and application security frameworks Experience More ❯

Here's what you'll be doing: When you join Simply Business, you'll protect us from threat actors who attempt to evade our cyber defenses. This is a hands-on technical position where you'll play an important role in increasing the maturity of our Security Operations Centre (SOC). Additionally, you'll need a strong drive and … for complex security incidents within the SOC team. Oversee incident response activities and ensure timely communication with stakeholders. Facilitate tabletop exercises and training for analysts, including malware reverse engineering, threat intelligence, and log analysis. Lead and mentor SOC analysts, fostering a high-performing team. Improve SOC services, including security monitoring, incident detection, analysis, and response. Establish and document processes … and communicating with diverse stakeholders, including executives. Experienced with security tools such as SIEM, IDS/IPS, EDR, and vulnerability management. Familiar with working in cloud environments. Exposure to threat modeling. (You don't need to match all the bullet points to be considered for this role.) Ready to join us and help elevate our security practices? Apply today. More ❯

into day-to-day workflows across engineering teams. Own the vulnerability management lifecycle: from discovery and triage to remediation tracking and coordinated disclosure. Build Secure Products by Design Conduct threat models, security architecture reviews and risk assessments for new features and core platform components. Develop secure design patterns and reusable guidance for engineers. Drive Security Strategy & Standards Define and … balance a pragmatic, risk-informed mindset with a strong understanding of security principles and engineering realities. Must-Have Experience Proven experience in application and product security, including secure design, threat modeling and secure coding practices. Strong knowledge of security issues in modern software stacks, such as Java, distributed systems, microservices, containers, etc. Experience integrating security tools into development pipelines More ❯

world. What you'll be doing (ie. job duties): Identify gaps in our security infrastructure and drive cross-function efforts to address them. Perform security assessments, framework development, and threat modeling of assets, including various blockchain protocols, smart contracts, and other distributed ledger tech. Partner with software engineering teams to advise on code and architecture for internal smart contract … and related topics. What we look for in you (ie. job requirements): Strong understanding of blockchains (particularly EVM chains) and highly "crypto forward". Extensive experience in architecture and threat modeling of security-critical backend crypto systems. Familiar with the threat model of a crypto custodian, including common vulnerabilities and pitfalls for systems that custody cryptocurrency. Familiar with More ❯

and domain expert within the organization and be able to communicate security risk and concepts to both technical and non-technical audiences. Lead initiatives with Engineering teams to optimize threat models and mitigate risks. Encourage a positive security culture across the Engineering organization. Relentlessly champion for security outcomes on behalf of our customers. Work with other engineering leaders to … embed security into day-to-day development processes. Help proactively assess security risk through product deep dives, threat modeling, and design, architecture and implementation reviews Review and improve existing security processes related to product assessments, pen testing, and bug bounty findings. Develop product security controls and supervising strategies to grow our threat detection capabilities. Seek opportunities for security … tooling and automation WHAT YOU'LL BRING: 5+ years of proven experience securing enterprise applications and infrastructure, preferably in the Crypto and FinTech space. Experience with the application of threat modeling and other risk identification techniques. Strong understanding of the OWASP top 10, including details of common vulnerabilities and emerging threats. Experience with authentication and authorization standards, including OAuth More ❯

technical audiences alike. Interpersonally, successful candidates will effectively harmonize disparate opinions while effectively prioritizing risks to guide their partners towards secure solutions. Key job responsibilities - Creating, updating, and maintaining threat models for a wide variety of software projects. - Manual and Automated Secure Code Review, primarily in Java, Python and Javascript. - Development of security automation tools. - Adversarial security analysis using … our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve. BASIC QUALIFICATIONS - Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security - Experience applying threat modeling or other risk identification techniques or equivalent - Experience with More ❯

individual contributor on the product security team at Databricks, managing SDLC functions for features and products within Databricks. This would include, but is not limited to, security design reviews, threat models, manual code reviews, exploit writing and exploit chain creation. You will also support IR and VRP programs when there is a vulnerability report or a product security incident. … locations in the US and EMEA. The impact you will have: Full SDLC Support for new product features being developed in ENG and non-ENG teams. This would include Threat Modeling, Design Review, Manual Code Review, Exploit writing, etc. Work with other security teams to provide support for Incident Response and Vulnerability Response as and when needed. Work with … implement security processes to improve the overall productivity of the product security organization and the SDLC process in general What we look for: 5-10 years Experience with the Threat Modeling process and ability to find design problems based on a block diagram of data flow. Solid understanding on at least two of the following domains - Web Security, Cloud More ❯

on secure-by-design and deep product partnership. We build strong relationships with other teams and help them build secure software. This includes reviewing early-stage designs, helping develop threat models. The Role Our products support some of the most important and impactful work in the world, including defense, intelligence, and commercial applications. We are trusted by our customers … InfoSec organization to harden our products against our dedicated adversaries. • Architecture and design . You will be the security subject matter expert for product architects and engineers. You will threat model, assess risks, and help implement security controls and mitigations to address identified issues. You will directly steer the design of our products to ensure we are secure-by … security engineer are the underpinnings of our team. Core Responsibilities Perform deep architecture and security reviews on highly complex products to identify vulnerabilities Lead engineering teams in feature design, threat modeling, and security-critical code and architecture Develop and implement automation to eliminate entire classes of weaknesses across the organization Drive decision-making by determining the tradeoffs between security More ❯

SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and … mitigation strategies. Key Requirements: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Familiarity with Agile methodologies like SCRUM, along with More ❯