1 to 25 of 42 Threat Modelling Jobs in London

data lifecycle. You will guide organizations through application security challenges, embedding controls into design, build, and deployment phases, while leveraging practices such as Threat Modelling, Secure SDLC, and DevSecOps. With expertise in vulnerability management, data protection, and regulatory compliance, you will design security guardrails that support application modernization … achieved securely. Responsibilities Provide advisory and technical expertise on application security across the Software Development Lifecycle (Design, Build, Deploy). Lead activities such as Threat Modelling, Secure SDLC integration, DevSecOps practices, and application security testing. Implement security guardrails to support secure application modernization on multicloud platforms. Drive application ...

main security partner for engineering and product teams. Key Responsibilities Create and enforce security policies for products throughout their lifecycle. Lead threat modelling to identify potential risks in new and existing applications. Train team members on Threat Modelling Manage vulnerabilities by tracking issues, prioritizing fixes … perform root cause analysis to prevent future issues. Run incident response efforts , including simulations to improve readiness. Skills & Experience Needed Extensive knowledge of threat modelling , vulnerability management , and secure development practices . Experience in incident response and bug bounty programs . Ability to work across teams and communicate ...

SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging threats and recommend proactive mitigations. Provide mentoring, training, and security awareness support to internal teams. Essential Skills … risk-based security. Relevant certifications such as CISSP, CompTIA Security+, GIAC, or equivalent. Excellent documentation, communication, and stakeholder collaboration skills. Desirable Background in threat modelling or secure software design. Knowledge of ISO27001, Cyber Essentials Plus, or cloud security certifications. Experience in large-scale or regulated environments. What ...

SAST, DAST, SCA) and work with developers to remediate findings. Support cloud security controls (primarily Azure, including cloud-native apps). Champion secure development, threat modelling, and DevSecOps integration. Research emerging threats and recommend proactive mitigations. Provide mentoring, training, and security awareness support to internal teams. Essential Skills … risk-based security. Relevant certifications such as CISSP, CompTIA Security+, GIAC, or equivalent. Excellent documentation, communication, and stakeholder collaboration skills. Desirable Background in threat modelling or secure software design. Knowledge of ISO27001, Cyber Essentials Plus, or cloud security certifications. Experience in large-scale or regulated environments. What ...

line with Group standards. Ensure that RAG pipelines, tool-use APIs, memory systems and multi-agent workflows follow robust security controls. Threat Modelling for AI Agents & LLM Pipelines Conduct threat modelling specific to AI Agents, including: Prompt injection and cross-agent contamination Tool misuse and unauthorised … across all AI Agent and GenAI products. Training, Guidance & Best Practice Train engineering and product teams on secure agent engineering, Microsoft GenAI security, LLM threat patterns and cyber expectations. Build reusable templates and reference architectures for secure AI Agent implementation. Provide hands-on support to unblock security design challenges. ...

. Youll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. We dont expect you to know everything … just to be curious, practical, and willing to dive in. What Youll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/ ...

dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. They don't expect you to know everything - just … curious, practical, and willing to dive in. What You'll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates ...

dissect designs, model attack paths, and show engineering teams what “good” really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. They don’t expect you to know everything — just … curious, practical, and willing to dive in. What You’ll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates ...

client audit requests as they relate to AI use at the firm. Perform detailed security analysis of application architectures to provide assurance. Understand threat modelling and participate in major incidents responses with IAM and AI components. Review and approve the IAM components of solution designs. Collaborate with cloud ...

align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share … adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure ...

Responsibilities Design secure cloud architectures across AWS/Azure/GCP for enterprise-scale transformation projects Define and implement application security standards including threat modelling, secure SDLC, API security and DevSecOps practices Conduct security risk assessments, architecture reviews and produce high-level and low-level security designs Advise ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

currently active UK Developed Vetting (DV) security clearance. Preferred qualifications: Certifications in CISSP, CCSP, or relevant cloud-specific security credentials. Experience leading comprehensive threat modeling exercises and conducting detailed risk assessments for customer systems to identify security vulnerabilities. Experience in securing modern cloud-native architectures, including containerisation technologies (e.g. ...

Lead installation, configuration, testing and handover of CyberArk secrets-management solutions into Run & Maintain teams. Provide architectural leadership on privileged access risk reduction through threat modelling, control selection and adherence to security policies . Act as a trusted advisor to senior stakeholders (CISO, security architects, platform owners, programme ...

Zero Trust, NIST, ISO 27001. Strong focus on Identity Management, encryption, and secure onboarding processes. You must be able to conduct Tenant Design Reviews , Threat Modelling , and ensure full Regulatory Compliance . This position falls Inside IR35. Apply now for immediate consideration ...

point of escalation for your team and providing services directly into customers. 1. Technical Delivery (OT Cyber Security) Perform OT risk assessments, threat modelling, and vulnerability assessments. Assess and/or assure compliance with the NIS Regulations, NCSC CAF, NIST CSF, IEC 62443, ISO 27001, and sector-specific … mentoring, coaching, performance management, and career development support. Support the ongoing development of other Bridewell capabilities in areas such as OT security architecture, GRC, threat intelligence, or incident response. Oversee training pathways, success planning and technical competency development for consultants ranging from Senior Lead to Consultant level. 5. Strategic ...

AntiVirus/AntiMalware for End User devices Antivirus/Malware/Ransomware etc for Product/Platform DDos Protection Access Management/Review (IAM) Threat modelling Setup Bug Bounty program Application Security/Testing Brand monitoring (domans etc) Whitelist client access Encryption in Transit (confirm 100%) Social Engineering ...

business and technology horizon which spans significant parts of RMG and involves significant stakeholder engagement where technological credibility combined with clear communication is vital. Threat modelling. The role holder will perform threat modelling and security impact assessments in order to support development of security architecture blueprints ...

SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat modelling, risk assessments, and vulnerability management. Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Develop ...

SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat modelling, risk assessments, and vulnerability management. Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Develop ...

would not have the knowledge and skills to execute Working knowledge of compliance standards. With working knowledge of secure development practices and standards. Basic Threat Modelling and dynamic security testing experience. Experience with scripting (e.g. python, bash, etc) essential. Experience with Azure/AWS security configuration. Experience ...

private clouds You're a confident presenter and have accelerated appreciation of security across engineering teams You regularly support building and analysis of threat models using a well defined process You have experience securing data centers and networking devices You're terrified by supply chain and CI/ ...

SLAs, regulatory standards (NCSC, ISO27001) and vendor ecosystems.? Mentor junior architects, contribute to service catalogue evolution and conduct design reviews for risk/threat modelling.? Drive innovation in AIOps, edge computing and sustainability-focused infra for defence-adjacent clients.? Person specification Essential: Active SC clearance with 7+ years ...

DevSecOps Engineer | Fully Remote | £60,000 - £70,000 Our client is a fast-growing cyber-defence and threat-intelligence company committed to protecting organisations from sophisticated cyber threats. They combine advanced security analytics, automation and human expertise to deliver real-time defence across modern cloud and on-prem environments. … they build. The Role: As a DevSecOps Engineer, you will sit at the intersection of development, operations and security. Youll work closely with engineering, threat research, and security operations teams to design, build, and maintain secure, scalable infrastructure and CI/CD pipelines. What Youll do: +Design, maintain ...

Hybrid| Remote The ideal candidate will hold an active DV clearance and have a solid background in Cyber Security Engineering working within a high-threat government environment, with the following skills and experience: Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, Sentinel … Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in Protective Monitoring & SOC operation Experience in network security principles, firewalls, and access control mechanisms. Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable. ...