76 to 100 of 143 Threat Modelling Jobs in England

controls, and ensure compliance across one of the UKs most sensitive programmes. What Youll Do Design & implement secure cloud architectures (IAM, encryption, VPC). Lead risk assessments, gap analyses & threat modelling. Advise on compliance (GDPR, NCSC Principles, ISO 27001). Configure cloud-native security tools & integrate with SIEM (Splunk, Chronicle). Embed security in CI/CD pipelines with More ❯

practices, DevSecOps methodologies, GitHub workflows, and Terraform. Deep understanding of cloud security principles in AWS and Azure, particularly around IAM, secrets management, and networking. Proficient in secure coding practices, threat modeling, and vulnerability remediation. Familiar with a range of security tooling including static and dynamic analysis, software composition analysis, and container security. Excellent communication and collaboration skillsable to translate More ❯

Risk Treatment Plan, Risk Business Case & Security Management Plan). Experience of implementing vulnerability management processes. Experience of security assurance and the measurement of controls. Experience in risk and threat modelling within a high-threat government environment. More ❯

Risk Treatment Plan, Risk Business Case & Security Management Plan). Experience of implementing vulnerability management processes. Experience of security assurance and the measurement of controls. Experience in risk and threat modelling within a high-threat government environment. More ❯

they expand, theyre seeking a Head of Cyber Security to lead from the front, shaping security strategy across legal, IT, and client-facing systems. Youll define security architecture, lead threat assessments, manage incident response, and ensure compliance with regulatory standards relevant to legal practice. This role offers you a unique opportunity to build a security function in a high … firm. Required Skills: Proven track record in senior security roles (e.g. Head of Security, CISO, or equivalent) Strong technical foundation in cloud security, identity & access management, network security, encryption, threat modelling Hands-on knowledge securing hybrid and cloud infrastructure (AWS/Azure/GCP) Experience building and managing security teams, setting processes (incident response, SOC, vulnerability management) Familiarity More ❯

Knowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS). Familiarity with security technologies such as firewalls, web proxies/remote access solutions. Experience with ZTNA, CTI, threat modelling is beneficial. Bachelor’s degree in information security, Computer Science, or a related field, or relevant industry experience. Relevant security certifications (e.g., CISSP, CISM, CEH) are highly More ❯

developers and data scientists to establish service-level quality metrics and observability hooks. ? Validate services against AI regulatory frameworks and ensure traceability, fairness, and robustness in outcomes. ? Participate in threat modelling and security validation of exposed APIs and AI services. ? Provide feedback early in the lifecycle to reduce defects and improve design. ? Mentor junior testers, encourage continuous learning More ❯

of multi-disciplinary teams in complex infrastructure environments A strong technical background across Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies Experience with cyber security concepts, such as Threat Modelling, Incident Response, Penetration Testing (external/internal) Advanced knowledge of cloud products and services e.g. Azure, Microsoft 365 Emotionally intelligent and able to recognise and manage the More ❯

Application Insights, Datadog/Grafana) and alerting/response workflows. Understanding of the Microsoft Cloud Adoption Framework, Azure Landing Zones and the Well-Architected Framework. Familiarity with DevSecOps practices: threat modelling, dependency and container scanning, SBOM management, and shift-left security. Comfortable collaborating with software engineers and SREs; able to translate platform capabilities into simple self-service experiences. More ❯

Sign-off on application security prior to live implementation. Collaborate with the architecture and development teams to review the design and code for security vulnerabilities. Embed/improve security threat modeling and secure coding in the development lifecycle. Provide technical specialist advice to ensure that security standards are understood and can be complied with. Monitor and proactively report on More ❯

technology and digital transformation organisation delivering critical projects across energy, water, renewables, and manufacturing. The Senior ICS OT Cyber Security Engineer will secure and optimise industrial control systems, conduct threat assessments, penetration testing, and design technical solutions to mitigate cyber risks. The role involves mentoring junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone … office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT/ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team members and support project delivery. Maintain strong client and stakeholder relationships. Key Requirements More ❯

technology and digital transformation organisation delivering critical projects across energy, water, renewables, and manufacturing. The Senior ICS OT Cyber Security Engineer will secure and optimise industrial control systems, conduct threat assessments, penetration testing, and design technical solutions to mitigate cyber risks. The role involves mentoring junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone … office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT/ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team members and support project delivery. Maintain strong client and stakeholder relationships. Key Requirements More ❯

technology and digital transformation organisation delivering critical projects across energy, water, renewables, and manufacturing. The Senior ICS OT Cyber Security Engineer will secure and optimise industrial control systems, conduct threat assessments, penetration testing, and design technical solutions to mitigate cyber risks. The role involves mentoring junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone … office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT/ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team members and support project delivery. Maintain strong client and stakeholder relationships. Key Requirements More ❯

strategy and culture through close collaboration with senior leadership. Owning the organisation’s risk register and assessment processes. Leading technical risk assessments across infrastructure, applications, and third parties. Overseeing threat modelling and vulnerability management initiatives. Providing risk-based recommendations to mitigate threats and vulnerabilities. Leading internal and external audits, including managing remediation plans. Reporting on compliance posture to More ❯

Please be aware that RRP is non contractual and subject to review. Main duties of the job As a Senior Cyber Security Advisor, you will: Conduct security assessments and threat modelling, articulate cyber risk and recommend mitigating controls to ensure systems are designed securely. Provide specialist cyber security guidance aligned to NHSE security policy and industry best practice More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

other security product like Trivy Experience with cloud computing platforms such as Microsoft Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery More ❯

years of experience in cloud security, particularly with AWS, and at least 2+ years in software development. Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, API gateways, and API Security (authentication and authorization). Proficiency in programming languages such as Python More ❯

solutions that meet client requirements and implement the appropriate tools, technologies & processes to mitigate critical security risks (e.g., system and mobile antivirus software, encryption modules, patch management programs, insider threat protection, incident response plans, forensic capabilities, and regulation compliance). You'll conduct comprehensive attack path analysis and threat modelling, mapping adversary tactics and techniques to industrial … You'll lead and execute advanced penetration testing, red teaming, and adversary simulation exercises within OT/ICS environments, leveraging frameworks such as MITRE ATT&CK for ICS and modelling using Bow-Tie Analysis to proactively identify and exploit vulnerabilities. You'll conduct vulnerability assessments and administrative audits on client computer systems and network devices considering the sensitivity of More ❯

and Design team , working with product and engineering teams to embed security-by-design principles across cloud, DevSecOps, and enterprise technology landscapes. General Responsibilities (Applicable to All Roles) Perform threat modelling , risk assessments, and design reviews across infrastructure and applications. Provide security guidance and governance during project design and delivery phases. Define and document security requirements, controls, and … modern security design for emerging technologies Hands-on experience in Cloud Security Architecture and Design Familiarity with modern software engineering tooling and practices Proven experience producing security designs and threat models Nice to Have: Experience with GCP Security 4. Security Consultant – Payments Platform (Start Date: November) Key Skills Required: Proven experience migrating systems from on-premise to cloud Background More ❯

and Design team , working with product and engineering teams to embed security-by-design principles across cloud, DevSecOps, and enterprise technology landscapes. General Responsibilities (Applicable to All Roles) Perform threat modelling , risk assessments, and design reviews across infrastructure and applications. Provide security guidance and governance during project design and delivery phases. Define and document security requirements, controls, and … modern security design for emerging technologies Hands-on experience in Cloud Security Architecture and Design Familiarity with modern software engineering tooling and practices Proven experience producing security designs and threat models Nice to Have: Experience with GCP Security 4. Security Consultant – Payments Platform (Start Date: November) Key Skills Required: Proven experience migrating systems from on-premise to cloud Background More ❯