18 of 18 Threat Modelling Jobs in the Midlands

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job descriptionAs the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at the More ❯

to protect and preserve the ability of HMRC to function and serve the public against threats posed by possible cyber-attacks is critical. Cyber Threat Operations (CTO) is part of the Cyber Security Delivery (CSD) function in HMRC Security. CTO covers a diverse range of responsibilities across the span … of anti-phishing, brand abuse management, cyber threat intelligence, data science, and threat hunting. We are seeking an G7 Cyber Threat Intelligence Lead, who will report to the G6 Head of CTO. The successful candidate will manage three SO Cyber Threat Intelligence Managers and one SO … Threat Hunting Manager. Job description As the Cyber Threat Intelligence Lead, on a day-to-day basis you will be overseeing and directing the work of Cyber Threat Intelligence and Threat Hunting which will involve: Overseeing the delivery of high quality cyber threat analysis at More ❯

and services, with a focus on ensuring the security of gas operations Define and document security architecture blueprints for new systems and applications, including threat modelling and risk assessments Establish security standards, best practices, and design patterns to support cloud, physical and operational technologies Collaborate with development teams … into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with More ❯

and services, with a focus on ensuring the security of gas operations Define and document security architecture blueprints for new systems and applications, including threat modelling and risk assessments Establish security standards, best practices, and design patterns to support cloud, physical and operational technologies Collaborate with development teams … into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with More ❯

cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Contribute to the production and review of assurance artefacts, including security cases, risk registers, control implementation … operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/ More ❯

and responsibilities As a Cybersecurity Architect, you will specialize in DevSecOps, integrating security into the software development lifecycle, automating security practices, and ensuring robust threat modeling and vulnerability management. Your primary focus will be on cloud-native and on-premises environments, with a strong emphasis on application security, infrastructure More ❯

Responsibilities Lead cyber risk assessment activities across IT and OT environments, correlating outputs into strategic risk tracking. Manage the cyber security risk toolkit , including threat modelling, attack trees, and scenario-based exercises. Develop and implement cyber security policies, processes, and staff training aligned with Secure by Design principles. … Oversee first-line security operations , including outsourced 24/7 SOC management . Define and manage cyber threat intelligence requirements . Provide cyber risk consultancy for business development projects, ensuring regulatory compliance. Contribute to supply chain risk management , assessing supplier security risks. Act as Deputy NIS Reporting Officer (NRO More ❯

tools. Excellent understanding and experience with manual security testing to find vulnerabilities and logical issues. Knowledge and understanding of OWASP and its utilisation within threat modelling. Experience of software development and languages. Working knowledge of CI and CD pipelines and associated security tooling. Use of planned structured methodologies for … considered throughout the lifecycle. Identifying and managing any security flaws within our software through appropriately liaising with external bodies where necessary. Performing risk assessments, threat modelling and design reviews to ensure effective security controls. Identifying opportunities for converting manual tasks into automated processes and identify tooling to support More ❯

systems.Define cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms.Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards.Provide expertise on OT protocols, SCADA systems, field devices, and network architecture relevant to the client's … of operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures.Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures.Demonstrated ability to define, implement, and assure security controls across complex OT/IT More ❯

cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Provide expertise on OT protocols, SCADA systems, field devices, and network architecture relevant to the client … operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/ More ❯

cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Provide expertise on OT protocols, SCADA systems, field devices, and network architecture relevant to the client … operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/ More ❯

cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Provide expertise on OT protocols, SCADA systems, field devices, and network architecture relevant to the client … operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/ More ❯

complex infrastructure environments A strong technical background across Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies Experience with cyber security concepts, such as Threat Modelling, Incident Response, Penetration Testing (external/internal) Advanced knowledge of cloud products and services e.g. Azure, Microsoft 365 Emotionally intelligent and able More ❯

Design and maintain a framework for data discovery, classification, access control, and monitoring to prevent unauthorized data access or leaks. Conduct risk assessments and threat modelling, and support secure code reviews with development teams to identify and mitigate vulnerabilities. Create and maintain security standards and guidelines tailored to More ❯

optimize scalable, secure, and compliant software solutions for medical devices and connected health applications. Ensure adherence to IEC 62304, FDA, and cybersecurity regulations, addressing threat modeling, secure coding practices, and risk management. Work with cross-functional teams to architect cloud solutions, ensuring performance, scalability, security, and compliance. Implement cloud … Compliance Ensure secure software development practices in compliance with FDA, IEC 62304, and ISO 27001. Implement identity management, authentication, and data encryption strategies. Conduct threat modeling, vulnerability assessments, and penetration testing. Address cybersecurity challenges in connected medical devices and healthcare IoT. Unit Testing, Quality Assurance & Documentation Implement automated testing More ❯

and maintain strong relationships with clients, becoming a trusted advisor. Strong understanding of foundational IT and networking concepts. Confident writing SIEM queries and performing threat-hunting. Excellent communication skills, both written and oral, to a range of audiences, including senior management. Responsibilities Compiling and presenting high quality monthly reports … clients. Assisting with training and support for our junior analysts. Proactively suggesting improvements for existing SIEM alarms and developing new use-cases based on threat intelligence and client threat models. Creating and improving SOC dashboards to give real-time visibility for clients and stakeholders. Onboarding new clients, including More ❯

and implement comprehensive security strategies for Payments System Upgrades. Conduct thorough risk assessments to identify potential security threats and develop mitigation strategies. Create comprehensive threat models aligning with MITRE ATTACK/STRIDE frameworks. Recommend the best controls & mitigations to potential vulnerabilities Ensure the design comply with relevant regulations and … would be within a financially regulated enterprise (e.g., PCI compliance). Proven experience working previously for financial organizations. Previous relevant experience in developing bespoke Threat Models leveraging frameworks like MITRE ATTACK & STRIDE. Proficiency in assessing the Identity & Access Management functions & associated risks during Acquisition process. Be able to understand More ❯

and maintain strong relationships with clients, becoming a trusted advisor. Strong understanding of foundational IT and networking concepts Confident writing SIEM queries and performing threat-hunting Excellent communication skills, both written and oral, to a range of audiences, including senior management. Responsibilities Compiling and presenting high quality monthly reports … clients. Assisting with training and support for our junior analysts Proactively suggesting improvements for existing SIEM alarms and develop new use-cases based on threat intelligence and client threat models. Creating and improving SOC dashboards to give real time visibility for clients and stakeholders Onboarding new clients, including More ❯