26 to 41 of 41 Threat Modelling Jobs in London

that will fundamentally change how their Application Security is Delivered within the SDLC. Early Phases of the Programme have already defined the Target Architecture, Threat Model & Prompt Engineering Strategy . The Next Stage is to Transform this Foundation into a Production - Grade Capability Used Daily by Engineering Teams , enabling … Agent Behaviours Policy Frameworks & Guardrails Tool Schemas & Execution Constraints Implement Protections Against: Prompt Injection Jailbreak Attempts Unsafe Tool Execution Ensure Alignment with Defined AASA Threat Model & Governance Standards Evaluation, Metrics & Assurance: Build & Maintain a Full Evaluation Framework , including: Golden Datasets & Regression Test Suites Precision/Recall Measurement for Vulnerability ...

driving the technical remediation follow-up. Cloud Security Guardrails : Provide hands-on security guidance for cloud platforms, specifically across Salesforce, Azure, and AWS. Threat Modelling : Act as the technical security authority within project streams, identifying threats early in the design phase. Required Technical Skills & Experience: Deep AppSec Background ...

Advising on secure design, risk, and compliance across complex IT estates Applying frameworks like ISO 27001, NIST, GDPR, PCI-DSS in real environments Running threat modelling and identifying architectural vulnerabilities Working closely with architects, engineers, and stakeholders to influence secure solutions Translating technical risk into clear business impact ...

logging, encryption, access control and network design Own security controls around package repositories, container images, third-party dependencies and base image standards Run threat modelling for new platform services, Kubernetes components and pipeline changes, converting findings into practical remediation work Partner with Security Operations to build detections ...

equivalent experience Experience applying cyber security principles across the systems or product engineering lifecycle Knowledge of cyber risk management and vulnerability management Experience with threat modelling frameworks such as MITRE ATT and CK, DEF3ND, or EMB3D Awareness of industrial control systems or operational technology environments Working knowledge ...

equivalent experience Experience applying cyber security principles across the systems or product engineering lifecycle Knowledge of cyber risk management and vulnerability management Experience with threat modelling frameworks such as MITRE ATT and CK, DEF3ND, or EMB3D Awareness of industrial control systems or operational technology environments Working knowledge ...

oversees the company's security program, ensuring S&P Global is protected from existing and emerging threats. In close partnership with Security Operations and Threat Intelligence, you will detect, analyze, and decisively respond to security incidents, enrich investigations with timely intelligence, and help drive proactive defences. While based … . This role requires a detail-oriented, critical thinker who understands how adversaries exploit systems, networks, and people-and how to respond. Experience applying threat intelligence to investigations and to improve detections is highly desirable. Primary Responsibilities Coordinate and triage response to cybersecurity events and conduct forensic analysis across ...

monitoring. Experience leading data security roadmaps from current to target state, identifying required capabilities, technology changes, dependencies, risks, and timelines. Expertise performing data-focused threat modelling (e.g. STRIDE, MITRE ATT&CK, DREAD) to identify risks and recommend architectural mitigations. Excellent advisory skills with the ability to provide architectural ...

monitoring. Experience leading data security roadmaps from current to target state, identifying required capabilities, technology changes, dependencies, risks, and timelines. Expertise performing data-focused threat modelling (e.g. STRIDE, MITRE ATT&CK, DREAD) to identify risks and recommend architectural mitigations. Excellent advisory skills with the ability to provide architectural ...

Design, build, and ship reliable backend services and APIs in Python (Flask) that power core product functionality. Own features end-to-end: data modelling (Postgres), API design, testing, production rollout and ongoing improvements. Help uphold strong engineering standards through thoughtful code reviews, testing discipline, clean architecture, and pragmatic decision … Payments/fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank ...

Design, build, and ship reliable backend services and APIs in Python (Flask) that power core product functionality. Own features end-to-end: data modelling (Postgres), API design, testing, production rollout and ongoing improvements. Help uphold strong engineering standards through thoughtful code reviews, testing discipline, clean architecture, and pragmatic decision … Payments/fintech knowledge (reconciliation, idempotency, auditability, ledger concepts). Experience with distributed systems patterns (queues, background jobs, retries, rate limiting). Security experience (threat modelling, OWASP-style concerns, secure API design). Familiarity with Terraform. Why join us? £60k salary + equity 40 days holiday (incl. bank ...

findings clearly Desirable: Experience with biometric systems and identity verification technologies Security research background Contributions to open-source tooling or vulnerability research Exposure to threat modelling and secure architecture reviews If this sounds like you, apply now or reach out directly. Oscar Associates (UK) Limited is acting ...

hardening techniques API Security OAuth and token-based authentication Abuse prevention and rate limiting Identification and mitigation of business logic vulnerabilities Secure SDLC Threat modeling and design reviews Hands-on security reviews of mobile and backend systems Cross-functional Collaboration Partnering closely with product managers and mobile/backend ...

management Familiarity with CIS benchmarks for OCI and applying them in real environments Relevant OCI certifications (e.g., Architect Associate/Professional, Security) Exposure to threat modelling or risk assessment for cloud platform designs ...

vulnerabilities, ARKO provides real-time security insights directly within the IDE. This solves the limitations of traditional static security tools by offering contextual threat models, prioritisation of risks, and actionable remediation guidance. Based in London, DevSecAI bridges the gap between development, security, and compliance in one seamless workflow. ...

rollouts with AWS Roles Anywhere; harden OBO (On-Behalf-Of) flows. Security: Implement sender-constrained tokens (PoP) and JIT for non-human identities. Threats: Modelling for Confused Deputy and Federation Hijacks; ensuring full traceability per EU AI Act Art. 12 & 14 . Role 2: Threat & Adversarial AI Expert ...