22 of 22 Threat Modelling Jobs in the South West

systems. The Security Architect will draw upon Enterprise Security Architecture or Security Solutions Architecture to: - Identify business objectives, user needs, risk appetite and cyber security obligations - Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls - Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry … Contribute to a reference architecture of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than only the identification of challenges … native security capabilities and good practice within Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security standards such as ISO More ❯

also contribute to security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and …/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident More ❯

also contribute to security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and …/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident More ❯

Conduct risk assessments, identify vulnerabilities, and implement mitigation measures. Integrate secure coding practices into the software development lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence More ❯

Conduct risk assessments, identify vulnerabilities, and implement mitigation measures. Integrate secure coding practices into the software development lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence More ❯

development teams to apply secure-by-design principles, ensuring security is embedded throughout the product lifecycle. Key Responsibilities Define and integrate security requirements into the product development lifecycle. Perform threat modelling, risk assessments, and implement appropriate mitigation strategies. Advise on solution architecture to minimise security risks and ensure compliance with security standards. Collaborate with product teams to ensure … Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations, including technical understanding. Scoping and managing security verification and validation activities and remedial action plans. Coordinating with product engineers, system architects More ❯

thrive in a collaborative, high-impact environment - this is your chance to make a real difference. Key Responsibilities Define and embed security requirements throughout the product development lifecycle. Conduct threat modelling, risk assessments, and drive mitigation strategies. Advise on solution architecture, minimising security risks and ensuring compliance. Collaborate with cross-functional teams to implement security best practices. Support … by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan 05-138/139). Familiarity with HMG security and assurance frameworks is a strong plus. Comfortable using threat modelling tools and risk assessment methodologies. Key Competencies: Excellent communicator - confident, clear, and influential. Proactive problem-solver with critical thinking skills. Organised, resilient, and delivery-focused. Strong team More ❯

outside IR35 Start Date: 1st July Responsibilities: Provide expert security consultancy across the project lifecycle, with a focus on secure-by-design practices. Lead or support security risk assessments, threat modelling, and architectural reviews. Support the production and review of security documentation (RMADS, SyOps, Security Cases, etc.). Engage with technical and delivery teams to embed security requirements More ❯

outside IR35 Start Date: 1st July Responsibilities: Provide expert security consultancy across the project lifecycle, with a focus on secure-by-design practices. Lead or support security risk assessments, threat modelling, and architectural reviews. Support the production and review of security documentation (RMADS, SyOps, Security Cases, etc.). Engage with technical and delivery teams to embed security requirements More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

industry regulations. Key responsibilities: Develop and implement comprehensive security strategies for Payments System Upgrades. Conduct thorough risk assessments to identify potential security threats and develop mitigation strategies. Create comprehensive threat models aligning with MITRE ATTACK/STRIDE frameworks. Recommend the best controls & mitigations to potential vulnerabilities Ensure the design comply with relevant regulations and standards, including GDPR, SOX, and … complex organization. Ideally, this experience would be within a financially regulated enterprise (e.g., PCI compliance). Proven experience working previously for financial organizations. Previous relevant experience in developing bespoke Threat Models leveraging frameworks like MITRE ATTACK & STRIDE. Proficiency in assessing the Identity & Access Management functions & associated risks during Acquisition process. Be able to understand and assess the security elements More ❯

to identify weaknesses, assess risks, and develop mitigation strategies. What You'll Be Doing Researching, designing, and building resilient systems to support National Security objectives. Conducting vulnerability assessments and threat modelling on software and hardware components. Reverse engineering a wide range of technologies to uncover vulnerabilities and improve security. Writing secure, high-performance code that integrates deeply with More ❯

About the role Do you want to be at the forefront of cyber security, protecting people, data and systems from the evolving digital threat landscape? Are you looking to apply your technical expertise in a collaborative and forward-thinking environment? As a Technical Security Analyst, you'll be part of our Security team who are responsible for keeping our … ensuring that findings are managed appropriately and remediated according to agreed timescales. Assisting in the creation, testing, and implementation of response and recovery plans in support of incident management threat modelling. Researching and investigating attack techniques and recommending ways to defend against them. Supporting the Security function in all aspects of Security operations and management reporting. Performing technical assessments More ❯

and experience: - Experience designing a Security Operations Centre (SOC) within a secure environment Experience implementing a target operating model for a Security Operations Centre Expertise in security monitoring design, threat detection, and incident response Experience in selecting tools for Security Information and Event Management (SIEM) Proficiency in IT security documentation, including policies, standards, processes, procedures, and patterns Experience in … risk and threat modelling within a high-threat government environment To apply, please submit your latest CV for review More ❯

and experience: - Experience designing a Security Operations Centre (SOC) within a secure environment Experience implementing a target operating model for a Security Operations Centre Expertise in security monitoring design, threat detection, and incident response Experience in selecting tools for Security Information and Event Management (SIEM) Proficiency in IT security documentation, including policies, standards, processes, procedures, and patterns Experience in … risk and threat modelling within a high-threat government environment To apply, please submit your latest CV for review More ❯

connected hardware products. You will work closely with firmware, hardware, and cloud teams to ensure our devices are secure by design and resilient to emerging threats. Job Responsibilities Conduct threat modelling and risk assessments for IoT devices, firmware, and communication protocols. Design and implement secure boot, secure firmware updates (OTA), and hardware-level security controls (e.g., TPM, secure … elements). Perform firmware and embedded software security assessments. Collaborate with hardware and embedded teams on secure product architecture. Monitor evolving IoT threat landscapes and update security policies accordingly. Contribute to internal security standards and assist in compliance with industry benchmarks (e.g., ETSI EN , NIST IR 8259). Work with the AppSec and Cloud Security teams to ensure end … end system security. Qualifications 4+ years of experience in IoT, embedded, or hardware security. Deep knowledge of embedded systems, firmware development, and relevant communication protocols. Experience with common IoT threat vectors and mitigations. Familiarity with secure coding practices in C/C++ or any other language and embedded environments. Hands-on experience with hardware debugging tools (e.g., JTAG, logic More ❯

A public sector digital transformation consultancy is seeking a highly capable and motivated Threat Intelligence Manager to play a critical role in a high-profile, strategically vital defence space programme. This role is ideal for a candidate with experience in MOD environments, with a firm grasp of space-based threats, SATCOM systems, and evolving strategic risks in the defence … Time) Clearance: DV Cleared (UK Nationals only) Salary/Rate: Competitive, depending on experience As a key part of our systems engineering team, you'll be responsible for maintaining threat coherence across programme layers, managing threat intelligence inputs, and ensuring requirements remain traceable and integrated from URD through to system delivery. You'll work closely with military stakeholders … intelligence SMEs, and engineering teams to provide clarity, direction, and foresight on emerging threat landscapes. Key Responsibilities Maintain and evolve the programme Threat Annex to reflect current and emerging space-based threats (including SATCOM vulnerabilities). Drive coherence and traceability of requirements (Golden Thread) across all levels of the programme. Lead Threat Forums and stakeholder engagement workshops More ❯

A public sector digital transformation consultancy is seeking a highly capable and motivated Threat Intelligence Manager to play a critical role in a high-profile, strategically vital defence space programme. This role is ideal for a candidate with experience in MOD environments, with a firm grasp of space-based threats, SATCOM systems, and evolving strategic risks in the defence … Time) Clearance: DV Cleared (UK Nationals only) Salary/Rate: Competitive, depending on experience As a key part of our systems engineering team, you'll be responsible for maintaining threat coherence across programme layers, managing threat intelligence inputs, and ensuring requirements remain traceable and integrated from URD through to system delivery. You'll work closely with military stakeholders … intelligence SMEs, and engineering teams to provide clarity, direction, and foresight on emerging threat landscapes. Key Responsibilities Maintain and evolve the programme Threat Annex to reflect current and emerging space-based threats (including SATCOM vulnerabilities). Drive coherence and traceability of requirements (Golden Thread) across all levels of the programme. Lead Threat Forums and stakeholder engagement workshops More ❯

A public sector digital transformation consultancy is seeking a highly capable and motivated Threat Intelligence Manager to play a critical role in a high-profile, strategically vital defence space programme. This role is ideal for a candidate with experience in MOD environments, with a firm grasp of space-based threats, SATCOM systems, and evolving strategic risks in the defence … Time) Clearance: DV Cleared (UK Nationals only) Salary/Rate: Competitive, depending on experience As a key part of our systems engineering team, you'll be responsible for maintaining threat coherence across programme layers, managing threat intelligence inputs, and ensuring requirements remain traceable and integrated from URD through to system delivery. You'll work closely with military stakeholders … intelligence SMEs, and engineering teams to provide clarity, direction, and foresight on emerging threat landscapes. Key Responsibilities Maintain and evolve the programme Threat Annex to reflect current and emerging space-based threats (including SATCOM vulnerabilities). Drive coherence and traceability of requirements (Golden Thread) across all levels of the programme. Lead Threat Forums and stakeholder engagement workshops More ❯