1 to 25 of 28 Threat Modelling Jobs in London

Threat Modelling Consultant Rate - £550 per day Inside IR35 Location - London twice a week on site Duration - 6 months initial We are looking to recruit an experienced Threat Modelling Consultant to design and implement comprehensive threat models for 90-100 diverse applications. You will evaluate … application-generated logs, develop threat detection strategies and report findings to the Information Security team. This role requires deep expertise in Microsoft Azure security tools, log analytics and automation to enhance the customer's application anomaly detection capabilities. Key Responsibilities: Develop detailed threat models tailored for a large ...

play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the life cycle. Working closely with stakeholders, you will define security architectures … Design - Embed security into every stage of the solution life cycle, ensuring systems are designed with security controls from the outset rather than retrofitted. Threat Modelling - Lead and facilitate threat modelling exercises (eg STRIDE), identifying vulnerabilities and defining mitigations early in delivery Risk Assessment - Identify, assess ...

functions and a relentless focus on operational excellence, the Head of Security Services builds and empowers high-performing teams to deliver 24/7 threat detection, rapid incident response, and proactive risk management. This includes ownership of security controls, security testing, tech assurance and vulnerability and threat management … Leadership Team. Operations & Service Delivery • Oversee daily operations of technical security functions, working collaboratively with the SOCs to provide 24/7 visibility and threat detection ensuring services are resilient, risk-aware, and aligned with business needs. • Regularly review and modernise SOC processes, technologies, and talent. • Partner with MSSPs ...

appetite, and regulatory requirements. Solution Delivery : Provide architectural guidance during project lifecycle (HLD/LLD), review designs, and ensure solutions meet security requirements. Risk & Threat Management : Conduct threat modelling, assess vulnerabilities, and ensure appropriate mitigating controls are designed and implemented. Governance & Standards : Define and maintain security policies …/LLD, patterns, data flows). Hands on understanding of cloud environments (Azure/AWS/GCP), networks, applications, and data protection. Familiarity with threat modelling, risk assessment, and regulatory compliance. Excellent communication skills, able to explain complex security topics to technical and non-technical audiences. Technical standards ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities … offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. Developing innovative analytical techniques to identify incidents effectively. Collaborating with an outsourced ...

exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities … offers hybrid/remote working options, a salary range of £60,000 - £80,000 and benefits. You will be responsible for: Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities. Developing innovative analytical techniques to identify incidents effectively. Collaborating with an outsourced ...

/Hybrid/Remote The ideal candidate will have an active Security clearance and a strong background in Cyber Security Assurance within a high-threat government environment. Skills and experience. Experience in producing GovAssure and Secure-By-Design assessments, including Risk Assessment Papers, Risk Treatment Plans, Risk Business Cases … Management Plans. Knowledge and experience with security architecture and Security Information and Event Management (SIEM) tools, such as Splunk, Defender, Sentinel, ELK, and Tenable Threat Modelling System solutions. Extensive understanding of cybersecurity threats, attack vectors, vulnerabilities, and security controls. Demonstrable knowledge of cybersecurity frameworks and standards, including ...

security professionals who want to transition into a GenAI-focused career path and develop deep expertise in securing AI/ML systems. Key Responsibilities Threat Analysis and Vulnerability Assessment Conduct regular threat modelling and vulnerability assessments across AI/ML systems, including data pipelines, model APIs … skills in Python and Bash Strong knowledge of cloud technologies, specifically AWS and Azure Strong understanding of API development and API security Experience with threat modelling, penetration testing, and vulnerability assessments Familiarity with secure software development practices (OWASP, DevSecOps) Interest in or exposure to data science ...

deployment and tuning (Defender for Endpoint, CrowdStrike), Intune/Jamf device management, privileged access workstations, JIT/JEA models API and application security: threat modelling (STRIDE/PASTA), OAuth 2.0/OIDC implementation review, secrets management (Key Vault, HashiCorp Vault), and secure SDLC integration PKI, certificate lifecycle automation … automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines ...

secure architecture patterns across cloud, infrastructure, applications, and data platforms. Provide architectural security guidance throughout the project lifecycle , including HLD and LLD reviews. Conduct threat modelling, vulnerability assessments, and risk analysis , ensuring appropriate mitigation strategies. Define and maintain security standards, policies, and guardrails aligned to regulatory obligations such … high-quality architecture documentation (HLD, LLD, security patterns, data flows). Hands-on understanding of cloud environments (Azure, AWS, or GCP) . Knowledge of threat modelling, risk assessment, and regulatory compliance frameworks . Strong communication skills with the ability to explain complex security concepts to both technical ...

teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. Rationale/deliverables: Contribute … enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team Key Responsibilities Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps , especially around ...

strategic change projects; define and implement security standards across the full software development lifecycle; develop API security standards and secure integration patterns and conduct threat modelling and risk assessments for new technology implementations. Location/WFH: There's a hybrid work from home model with three days … City office with rooftop bar. About you: You have an indepth knowledge of Application Security and secure software development You have experience of conducting threat modelling, security risk assessments and security architecture reviews You're keen to take ownership of Greenfield systems and processes You're collaborative ...

currently looking for an experienced Security Design Consultant, to work on assignment with a financial services customer. As a Security Design Consultant, you conduct threat modelling and risk assessments, and be responsible for the design and implementation of secure architecture solutions and security controls. What they are looking … Architecture level experience in cyber security Threat modelling experience Risk assessment experience Strong understanding of security frameworks such as NIST and ISO 27001 Cloud experience Operational background/experience This is an exciting opportunity for an experienced Security Design Consultant to join a truly world-class business, which ...

client audit requests as they relate to AI use at the firm. Perform detailed security analysis of application architectures to provide assurance. Understand threat modelling and participate in major incidents responses with IAM and AI components. Review and approve the IAM components of solution designs. Collaborate with cloud ...

align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share … adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure ...

DevOps and infrastructure teams to embed security into cloud deployments Monitor and improve cloud security posture Identify and remediate vulnerabilities across cloud systems Support threat modelling and security architecture discussions Required Skills: Experience working with AWS, Azure or GCP environments Understanding of cloud security best practices Familiarity with … container technologies such as Docker or Kubernetes Experience with infrastructure-as-code tools such as Terraform Strong understanding of security monitoring and threat detection Nice to Have: Experience with cloud security tools such as Prisma, Wiz or Lacework Knowledge of DevSecOps practices Security certifications such as CISSP, CCSP ...

Defining identity, access and network security models within cloud platforms • Working closely with engineering and DevOps teams to embed security controls • Producing architecture documentation, threat models and security design reviews Experience within financial services, fintech or regulated environments would be beneficial. Interested? Please apply below Cloud Security Architect, Cyber ...

optimisation of Microsoft Defender for Cloud Develop and enforce Azure security policies, standards, and guardrails Implement Zero Trust principles across Azure workloads Conduct threat modelling and architecture risk assessments Review and remediate security findings from Defender, vulnerability tools, and audits Collaborate with Operations teams to drive timely remediation ...

experience designing secure enterprise or cloud architectures. Strong knowledge of cloud security (eg, AWS, Azure, or GCP). Experience with security architecture frameworks and threat modelling methodologies. Understanding of identity and access management, network security, and data protection. Ability to advise stakeholders and guide technical teams on security ...

clicks. As an AWS Security Engineer you will design AWS cloud solutions, implement and manage security controls between AWS and Kubernetes EKS environments, conduct threat modelling, code review and penetration testing on the AWS infrastructure, configure and manage web application firewall rules and automate security checks and repetitive ...

about influence, clarity, and partnership translating complex technical concepts into actionable guidance while building trusted relationships across the organisation. You will design reference architectures, threat models, and secure design patterns across hybrid, cloud-native, and on-premises environments, establishing the frameworks and guardrails that drive consistent, resilient, and scalable ...

role with no trackside/site access required. Key Responsibilities Cybersecurity Governance & Assurance Produce and maintain: Cyber Security Management Plans (CSMP) Risk assessments and threat models Assurance and compliance documentation Control framework mappings Align artefacts to client standards (TfL/Network Rail) and industry frameworks Support continual improvement … quality oversight to junior engineers/graduate staff Essential Experience Cybersecurity governance & assurance in enterprise or critical infrastructure environments Proven delivery of: Risk assessments Threat modelling Cyber security management documentation Control framework mapping Strong knowledge of ISO/IEC 27001 and IEC 62443 Solid understanding of network architecture ...

operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Ability to perform triage of security events to determine their scope, priority ...

secure by design practices, with technical delivery teams for both existing systems and new systems, e.g. use of internal or external guidance, leading Threat Modelling activity. Nurture the use of secure technical practices to deliver technical excellence. Support experimentation and innovation in solving problems. Contributes to the development ...

BPMN tools (e.g., Camunda, Airflow, Drools) related to customization of modeler and engine. Nice to have Experience with enterprise architecture frameworks (TOGAF, Zachman) and threat modeling (STRIDE). Knowledge of data partitioning, GDPR, and the latest UI trends, such as Micro Frontend Architecture, is desirable. Experience with Pega/ ...