51 to 75 of 143 Threat Modelling Jobs in England

you'll be doing Guiding teams on security best practices, compliance, and secure coding. Collaborating with architects and developers to review designs and code for vulnerabilities. Embedding/improving threat modelling and secure development practices into the SDLC. Designing and integrating security testing plans. Performing and overseeing application security testing and driving remediation. Managing end-to-end vulnerability More ❯

standards and guidelines. Developing organisational strategies that address information control requirements. Identifying and monitoring environmental and market trends and proactively assessing impact on business strategies, benefits and risks. Performing threat modelling and risk assessments to develop a holistic picture of threat. Developing new architectures that mitigate the risks posed by new technologies and business practices. Accurately delivering high More ❯

standards and guidelines. Developing organisational strategies that address information control requirements. Identifying and monitoring environmental and market trends and proactively assessing impact on business strategies, benefits and risks. Performing threat modelling and risk assessments to develop a holistic picture of threat. Developing new architectures that mitigate the risks posed by new technologies and business practices. Accurately delivering high More ❯

The Role As a SOC Detection Engineer, you will design, develop, and maintain high-quality detection content to improve threat visibility and reduce risk across customer environments. You apply expert knowledge of attacker tactics and telemetry sources to create and manage scalable, accurate, and resilient detection rules across SOC platforms. Operating as part of the SOC team, you support … operations by expanding detection coverage, improving rule performance, and collaborating with threat intelligence, incident response, and platform engineering teams to operationalise threat insights. You also contribute to internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key Responsibilities Detection Engineering and Delivery – You will develop, test, and deploy detection rules across SIEM, XDR … and other SOC platforms, supporting comprehensive, customer-aligned threat coverage. Lifecycle Management and Optimisation – You will monitor detection performance, tune rules to reduce false positives, and remediate logic or configuration issues caused by changing environments. Post-Incident Gap Analysis – You will perform detection reviews following incidents to identify missed coverage, determine root causes, and improve detection logic or supporting More ❯

assets. Collates, defines, and enforces secure configuration baselines and hardening standards in alignment with organisational security obligations and recognised industry frameworks (e.g., CIS Benchmarks, Microsoft Security Baselines). Conducts threat modelling and risk assessments to identify vulnerabilities or compliance gaps. Maintains and manages Software Bills of Materials (SBOMs). Assists with integrating security monitoring, logging, and alerting capabilities. … risk assessments, risk mitigation plans, and security operations procedures. Performs security validation, configuration assessments, and support user acceptance testing (UAT) for security-related features. Collates and analyses information for threat intelligence requirements from a variety of sources. Designs and executes complex vulnerability research activities. Provides guidance, support and mentoring to other IT Engineers as requested by the IT Leadership … . Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated More ❯

blue team skillsets Develop operating procedures and use cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/… Standards (NIST, CIS, ISO27001) Scripting & Automation (PowerShell, Azure CLI, Azure Logic Apps) MITRE ATT&CK, Threat Modelling Knowledge of CVEs and security vulnerabilities SIEM Tools, Cyber Hunting Techniques Operational threat intelligence and common attack vectors Security vulnerabilities, technical reports Cyber Defence Manager will pay a salary range of £70,000 to £85,000 plus benefits. This opportunity More ❯

blue team skillsets Develop operating procedures and use cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/… Standards (NIST, CIS, ISO27001) Scripting & Automation (PowerShell, Azure CLI, Azure Logic Apps) MITRE ATT&CK, Threat Modelling Knowledge of CVEs and security vulnerabilities SIEM Tools, Cyber Hunting Techniques Operational threat intelligence and common attack vectors Security vulnerabilities, technical reports Cyber Defence Manager will pay a salary range of £70,000 to £85,000 plus benefits. This opportunity More ❯

for the United Kingdom, currently residing in the UK. The position is located in Manchester. Responsibilities Evaluate and strengthen our overall security posture by performing continuous audits, risk assessments, threat modelling, and architecture reviews to ensure effective controls and adherence to regulatory standards. Consistently monitor and assess cloud environments for vulnerabilities and misconfigurations utilising tools like AWS Inspector … sensitive information with discretion, professionalism, and sound judgment. Relevant certifications such as AWS Certified Security - Speciality, CISSP, CCSP, or Terraform Associate (or equivalent experience). Preferred Qualifications Exposure to threat intelligence and security analytics , particularly within cloud environments. Bachelor's degree in Computer Science, Information Technology, or Information Security , or equivalent practical experience. Familiarity with key security frameworks and More ❯

and relevant experience Key Skills Secure GCP architecture design (IAM, encryption, VPC Service Controls) Cloud security assessments and gap analyses Compliance with GDPR, NCSC Cloud Security Principles, ISO 27001 Threat modelling, risk assessments, and vulnerability management GCP security tooling (Security Command Center, Cloud Armor, etc.) CI/CD pipeline security integration Infrastructure as Code (Terraform, Deployment Manager) Experience More ❯

maintain platform security processes and plans within established frameworks Design and manage automated security tooling that prevents security issues before they occur Perform security-focused code reviews and support threat modelling exercises Champion cloud security principles across product engineering teams Incident Management & Monitoring: Lead incident response for security risks and issues raised by SOC teams Manage implementation of More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ie cyber security asset management, attack surface management, etc) Pragmatic application of zero-trust philosophies Cloud based security (GCP, AWS and Azure) Pentest scoping and analysis experience Application security Threat modelling To apply for this position please submit your CV. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this More ❯

Cloud Security, and DevSecOps. You have experience with security frameworks (NIST, ISO 27001) and a proven track record of securing large-scale, high-availability systems. You are adept at threat modelling, security architecture review, and penetration testing concepts. Prior experience in the O&G (Oil & Gas) sector, government projects, or other critical infrastructure is a significant advantage. You More ❯

lead high-impact security projects within complex OT environments. As a Senior ICS OT Cyber Security Engineer, you will take a lead role in securing operational technology networks, delivering threat modelling, penetration testing, and cyber risk mitigation strategies for industrial environments. You will work closely with key stakeholders to design secure architectures, provide technical leadership on live security More ❯

lead high-impact security projects within complex OT environments. As a Senior ICS OT Cyber Security Engineer, you will take a lead role in securing operational technology networks, delivering threat modelling, penetration testing, and cyber risk mitigation strategies for industrial environments. You will work closely with key stakeholders to design secure architectures, provide technical leadership on live security More ❯

ensure Azure-based solutions meet enterprise security standards and compliance requirements, dealing with the following: Security Planning & Risk Assessment Analyze and define security requirements for Azure-based projects. Conduct threat modeling and risk assessments for cloud workloads. Support the secure configuration of Azure services (e.g., Azure AD, Key Vault, Defender for Cloud). Project Delivery Support Act as the More ❯

controls, and ensure compliance across one of the UKs most sensitive programmes. What Youll Do Design & implement secure cloud architectures (IAM, encryption, VPC). Lead risk assessments, gap analyses & threat modelling. Advise on compliance (GDPR, NCSC Principles, ISO 27001). Configure cloud-native security tools & integrate with SIEM (Splunk, Chronicle). Embed security in CI/CD pipelines with More ❯