1 to 25 of 26 Remote Threat Modelling Jobs in the South East

software development lifecycle - from designing controls and integrating testing into CI/CD pipelines to supporting vulnerability management and remediation. Acting as the go-to expert for secure design, threat modelling, and compliance, you'll make sure teams have the knowledge, tools, and confidence to build securely from the start. Alongside this, you'll maintain clear documentation and … of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs A collaborative, proactive approach to solving problems More ❯

design across technology platforms including cloud infrastructures. Contribute to blogs and research within the Cyberfort community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC and UK Cyber Security Council professional registration … and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups, Host based firewalls, Web Application More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

of Security Engineering and lead in the build-out of their cloud-native Infrastructure capability . Highly technical position where you will be responsible for not just assessing and threat modelling novel concepts and services to introduce across Security and the wider Tech functions; but leading in the actual design, configuration and implementation. Previous experience in Software Security … to put your stamp on one of the most ambitious Tech Transformations for one of the most renowned Investment Management firms in the UK. Responsibilities Perform hands-on security threat modelling, risk assessment and vulnerability remediation. Evaluate, architect, implement and support security focused tools and services. Work closely with Development teams to ensure security and privacy are built More ❯

security engineer, you will: Secure CI/CD pipelines and infrastructure-as-code (IaC) deployments across Azure. Lead container, API, and web application security initiatives, including code reviews. Support threat modelling, vulnerability management, and penetration testing activities. Drive logging integration with SIEM tools, enabling SOC monitoring and incident response. Coach engineering teams on cloud security principles and manage More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

security into agile development environments Hands-on with cloud platforms and CI/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able More ❯

with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers and More ❯

maintain platform security processes and plans within established frameworks Design and manage automated security tooling that prevents security issues before they occur Perform security-focused code reviews and support threat modelling exercises Champion cloud security principles across product engineering teams Incident Management & Monitoring: Lead incident response for security risks and issues raised by SOC teams Manage implementation of More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

Risk Treatment Plan, Risk Business Case & Security Management Plan). Experience of implementing vulnerability management processes. Experience of security assurance and the measurement of controls. Experience in risk and threat modelling within a high-threat government environment. More ❯

Risk Treatment Plan, Risk Business Case & Security Management Plan). Experience of implementing vulnerability management processes. Experience of security assurance and the measurement of controls. Experience in risk and threat modelling within a high-threat government environment. More ❯

they expand, theyre seeking a Head of Cyber Security to lead from the front, shaping security strategy across legal, IT, and client-facing systems. Youll define security architecture, lead threat assessments, manage incident response, and ensure compliance with regulatory standards relevant to legal practice. This role offers you a unique opportunity to build a security function in a high … firm. Required Skills: Proven track record in senior security roles (e.g. Head of Security, CISO, or equivalent) Strong technical foundation in cloud security, identity & access management, network security, encryption, threat modelling Hands-on knowledge securing hybrid and cloud infrastructure (AWS/Azure/GCP) Experience building and managing security teams, setting processes (incident response, SOC, vulnerability management) Familiarity More ❯

Knowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS). Familiarity with security technologies such as firewalls, web proxies/remote access solutions. Experience with ZTNA, CTI, threat modelling is beneficial. Bachelor’s degree in information security, Computer Science, or a related field, or relevant industry experience. Relevant security certifications (e.g., CISSP, CISM, CEH) are highly More ❯

years of experience in cloud security, particularly with AWS, and at least 2+ years in software development. Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, API gateways, and API Security (authentication and authorization). Proficiency in programming languages such as Python More ❯

authentication protocols. Have excellent security awareness including standards e.g., IS027001, NIST and CIS. Have a good understanding of Web APIs including SOAP, REST and GraphQL architectures. Have experience with threat modelling methodologies e.g., STRIDE. Have a good understanding of Access Controls and Identity Lifecycle management. Have excellent communication and organisational skills. Team overview Cyber Security Our products, platforms More ❯

delivery, UX, and vendor teams (incl. a HubSpot Elite Implementation Partner) to land working, secure solutions. Produce architecture docs (C4, sequence/data flow diagrams), non-functional requirements, and threat models. Experience: Deep hands-on with HubSpot CRM, Service Hub, Sales Hub Enterprise , Custom Objects , calculated properties , reports/dashboards , and complex workflows . Strong integration design using HubSpot More ❯