26 to 50 of 111 Threat Modelling Jobs in London

environment. Develop Custom Security Tooling: Contribute to the creation and maintenance of in-house tools that enhance our security capabilities and automation. Product Security Support: Assist in security assessments, threat modeling, and penetration testing, working closely with the Product Security team. Secure Development Lifecycle: Help implement and improve security gates within the SDLC. Adapt & Collaborate: Be prepared to dive … into any emerging security challenges. We're a small team with big responsibilities, and flexibility is key. Investigate and triage security alerts, manage security incidents. Gather, curate and communicate threat intelligence. Support and advise business stakeholders in relation to cyber security issues. Generate reports for both technical and non-technical staff and stakeholders. What you bring: At least More ❯

implement effective security solutions that not only protect our business objectives and regulatory requirements but also provide innovative solutions to stay ahead of emerging threats. Conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design. Implementation within a Service Provider environment to create a More ❯

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud … Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and … associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience More ❯

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud … Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and … associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience More ❯

and recommend security tools, services and configurations to strengthen cloud security posture. Ensure compliance with security standards and frameworks such as ISO 27001, NIST, CIS, GDPR and others. Lead threat modelling, risk assessments, and security reviews for GCP infrastructure and applications. Define and enforce Identity and Access Management (IAM) policies, including roles, permissions and service accounts. Implement and More ❯

this is inside I35. Key Responsibilities: Lead security design and architecture across applications and projects. Ensure alignment of security solutions with business needs and regulatory standards. Conduct risk assessments, threat modelling, and vulnerability testing. Communicate risks and mitigation strategies to senior stakeholders. Work with DevOps teams on secure development pipelines. What We’re Looking For: 5+ years’ experience More ❯

and recommend security tools, services and configurations to strengthen cloud security posture. Ensure compliance with security standards and frameworks such as ISO 27001, NIST, CIS, GDPR and others. Lead threat modelling, risk assessments, and security reviews for GCP infrastructure and applications. Define and enforce Identity and Access Management (IAM) policies, including roles, permissions and service accounts. Implement and More ❯

AZ-305, AZ-104, AZ-900 or corresponding AWS certifications). Comprehensive experience with databases (in the cloud and on-premises) and practical programming skills. Experience in master data modelling and classification of data. Knowledge of SAP Business Warehouse and Master Data Management. Experience with integration patterns and methods like REST, JSON, XML or SOAP web services. Knowledge of … SSO, RBAC, MFA in Azure AD and other modern authentication concepts. Up-to-date knowledge of cybersecurity threats, current best security practices, threat modelling and risk mitigation techniques. Ability to define Minimum Viable Products (MVPs) and experience delivering them rapidly and with a high rate of IT consumer adoption. Be an advocate of the DevOps & Agile culture and More ❯

with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers and More ❯

and maintaining non-containerised solutions Proficient in a common programming language (Python or PHP is a bonus) Oracle of security concepts such as best configuration practices, risk mitigation techniques , threat modelling, incident reporting, Infosec and ISO27001 Cool as a cucumber with Linux and Command-Line Interfaces Extraordinary understanding of networking Shiny DevOps/Cloud certifications as an added More ❯

IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

IR35: Inside Work structure: Remote Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies. What you will do in this role: Implement and evolve Canonical's SecOps security standards and … tools and practices Identify, contain and guide the remediation of security threats and cyber attacks Grow the presence and thought leadership of Canonical SecOps practice Contribute to open source threat intelligence initiatives Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical Develop Canonical SecOps learning and development materials Publish blog posts … narrative about your alternative path Drive and a track record of going above-and-beyond expectations Deep personal motivation to be at the forefront of technology security Expertise in threat modelling and risk management frameworks Knowledge of security architecture and market-leading security tools Experience contributing to, and consuming, threat intelligence feeds Experience in security risk management More ❯

applications and cloud-native services within AWS. Develop and enforce DevSecOps principles by integrating security into CI/CD pipelines. Lead efforts in application security, including secure coding practices, threat modelling, and vulnerability assessments. Architect and manage IAM policies, roles, and permissions across AWS resources. Guide development teams on security best practices related to AWS security services such … in AWS security services, including IAM, KMS, GuardDuty, Security Hub, and AWS WAF. Strong understanding of Terraform, AWS CloudFormation, or similar. Hands-on experience with cloud security monitoring and threat detection. Familiarity with Kubernetes, AWS EKS, Docker. More ❯

applications and cloud-native services within AWS. Develop and enforce DevSecOps principles by integrating security into CI/CD pipelines. Lead efforts in application security, including secure coding practices, threat modelling, and vulnerability assessments. Architect and manage IAM policies, roles, and permissions across AWS resources. Guide development teams on security best practices related to AWS security services such … in AWS security services, including IAM, KMS, GuardDuty, Security Hub, and AWS WAF. Strong understanding of Terraform, AWS CloudFormation, or similar. Hands-on experience with cloud security monitoring and threat detection. Familiarity with Kubernetes, AWS EKS, Docker. More ❯

days per week onsite in their Central London office), offering the chance to work at the forefront of AI innovation while owning key areas of security architecture, detection, and threat response. 🔐 The Opportunity: This is not your average Cyber Security role. My client operates in a highly complex, high-volume AI environment – think machine learning at scale, proprietary models … role ✔ Strong understanding of securing AI/ML environments – from data pipelines and training environments to model deployment ✔ Experience with cloud security (AWS/GCP preferred), IAM , SIEM , and threat modelling ✔ Knowledge of secure coding practices , container security (Docker/Kubernetes), and infrastructure as code ✔ Ability to collaborate cross-functionally with software engineers, ML researchers, and product teams More ❯

days per week onsite in their Central London office), offering the chance to work at the forefront of AI innovation while owning key areas of security architecture, detection, and threat response. 🔐 The Opportunity: This is not your average Cyber Security role. My client operates in a highly complex, high-volume AI environment – think machine learning at scale, proprietary models … role ✔ Strong understanding of securing AI/ML environments – from data pipelines and training environments to model deployment ✔ Experience with cloud security (AWS/GCP preferred), IAM , SIEM , and threat modelling ✔ Knowledge of secure coding practices , container security (Docker/Kubernetes), and infrastructure as code ✔ Ability to collaborate cross-functionally with software engineers, ML researchers, and product teams More ❯

days per week onsite in their Central London office), offering the chance to work at the forefront of AI innovation while owning key areas of security architecture, detection, and threat response. The Opportunity: This is not your average Cyber Security role. My client operates in a highly complex, high-volume AI environment – think machine learning at scale, proprietary models … role ✔ Strong understanding of securing AI/ML environments – from data pipelines and training environments to model deployment ✔ Experience with cloud security (AWS/GCP preferred), IAM , SIEM , and threat modelling ✔ Knowledge of secure coding practices , container security (Docker/Kubernetes), and infrastructure as code ✔ Ability to collaborate cross-functionally with software engineers, ML researchers, and product teams More ❯

define and manage GCP resources securely and efficiently. Perform thorough security assessments on GCP environments, utilizing GCP-specific security tools and technologies, to identify and address potential vulnerabilities. Conduct threat modelling and risk assessments for GCP deployments, designing effective security solutions tailored to GCP services. Collaborate with cross-functional teams to respond to GCP-specific security incidents promptly More ❯

NIST. Implement third-party security tools and assist in incident response, working with the CSOC team on Cloud threats and events. Build and enforce Cloud-native security tools, conduct threat modelling, and architectural reviews to improve security practices. Support risk, compliance, and governance initiatives, promote Cloud security, and identify platform improvements. Map attack paths and lead the implementation More ❯

development and maintenance of a secure software development lifecycle (SDLC) with a focus on secure coding practices in languages like Python, C++, Rust, Go and Kotlin/Java. Conduct threat modeling, vulnerability assessments and security code reviews across different platforms, ensuring security is embedded at every stage of the development lifecycle. Provide mentorship, guidance, and training on security best … and ensure compliance with QRT's standards. Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Alibaba Cloud, AWS, Azure, and on-prem systems. Proactively identify security risks and develop strategies for risk mitigation in a fast-paced high-stakes environment. At least … and Linux-based systems. Extensive experience with one or more cloud platforms such as AWS, Microsoft Azure and Alibaba Cloud used in a hybrid environment. In-depth knowledge of threat modeling, risk assessment and development of mitigation strategies for large-scale, complex systems in a fast-paced environment. Experience integrating security scanning tools into CI/CD pipelines and More ❯

develop creative network solutions to address security challenges. Security and Firewall Management: Manage firewall configurations for the CyberEnergianetwork based on operational requirements. Develop and implement network security tools, produce threat models, and assess risks around existing configurations. Provide subject matter expertise on network security, firewalls, and industry best practices. Document and formalize security processes. Automation and Infrastructure Management: Drive More ❯

the secure financial transactions space. Qualifications What will make you successful Technical skills & knowledge: Broad knowledge of cyber security concepts including cryptography, authentication and authorization, access control, secure architectures, threat modeling, vulnerabilities and software security. Strong knowledge of regulatory requirements (e.g. GDPR, ISO27001, PCI-DSS) and experience in regulatory reporting. 3-5 years of experience in GRC, risk management More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯