21 of 21 Threat Modelling Jobs in the South West

resilient to evolving cyber and information threats. Key Responsibilities Identify, interpret, and integrate security requirements throughout the product and system development lifecycle . Lead threat modelling and risk assessments , applying recognised frameworks such as ISO/IEC 27001, NIST 800-30/53, and ISO 31000. … configure industry-standard threat-modelling tools (e.g., STRIDE-based tools, attack-tree tooling). Provide expert advice on secure architectures, ensuring risks are understood, prioritised, and mitigated. Ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-138/05-139 , and ISN 23/ ...

practices throughout the software development lifecycle, with a strong emphasis on 'shift-left' principles to embed security early in the process. You will facilitate threat modelling workshops to help product teams identify, assess, and mitigate potential threats. You will also collaborate closely with other functions within the CISO … Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against ...

. Youll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. We dont expect you to know everything … just to be curious, practical, and willing to dive in. What Youll Do Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships. Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/ ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

delivering high-quality cyber risk assessments and assurance in complex digital environments, preferably in government or critical infrastructure. Strong knowledge of cyber risk management, threat modelling, security architecture, and IT Health Checks, including experience with SaaS and cloud security. Skilled at applying cyber security standards, regulatory frameworks ...

portfolio of assignments, advising on risk, architecture, and secure delivery for nationally critical systems. Key responsibilities include • Engaging directly with client teams to understand threat landscape, risk appetite, and delivery constraints • Defining and documenting proportionate security architectures aligned to business outcomes • Leading threat modelling and security design ...

implementing security controls across CI/CD pipelines and cloud infrastructure Driving improvements in secure development maturity, tooling, and automation Supporting teams with threat modelling, secure architecture patterns, and cloud security best practices Working closely with central security, platform, and engineering teams to balance risk, delivery, and usability ...

alerting/response workflows. Understanding of the Microsoft Cloud Adoption Framework, Azure Landing Zones and the Well-Architected Framework. Familiarity with DevSecOps practices: threat modelling, dependency and container scanning, SBOM management, and shift-left security. Comfortable collaborating with software engineers and SREs; able to translate platform capabilities into ...

Elicit and document business and functional requirements with embedded security and privacy considerations. Produce security-aware artefacts, including Business Requirements Documents (BRDs), Functional Specifications, Threat Modelling inputs, Risk Assessment reports, and Security Requirements Traceability Matrix (SRTM). Support the identification and documentation of service assets, data flows ...

blue-green), and infrastructure-as-code. Establish robust observability (metrics, logs, traces) and capacity/scale models for high-throughput, highly available services. Lead threat modeling, architecture reviews, and audit readiness for Tier 0 services; ensure security and privacy are embedded through the lifecycle. Mentor engineers, influence cross ...

blue-green), and infrastructure-as-code. Establish robust observability (metrics, logs, traces) and capacity/scale models for high-throughput, highly available services. Lead threat modeling, architecture reviews, and audit readiness for Tier 0 services; ensure security and privacy are embedded through the lifecycle. Mentor engineers, influence cross ...

blue-green), and infrastructure-as-code. Establish robust observability (metrics, logs, traces) and capacity/scale models for high-throughput, highly available services. Lead threat modeling, architecture reviews, and audit readiness for Tier 0 services; ensure security and privacy are embedded through the lifecycle. Mentor engineers, influence cross ...

blue-green), and infrastructure-as-code. Establish robust observability (metrics, logs, traces) and capacity/scale models for high-throughput, highly available services. Lead threat modeling, architecture reviews, and audit readiness for Tier 0 services; ensure security and privacy are embedded through the lifecycle. Mentor engineers, influence cross ...

blue-green), and infrastructure-as-code. Establish robust observability (metrics, logs, traces) and capacity/scale models for high-throughput, highly available services. Lead threat modeling, architecture reviews, and audit readiness for Tier 0 services; ensure security and privacy are embedded through the lifecycle. Mentor engineers, influence cross ...

blue-green), and infrastructure-as-code. Establish robust observability (metrics, logs, traces) and capacity/scale models for high-throughput, highly available services. Lead threat modeling, architecture reviews, and audit readiness for Tier 0 services; ensure security and privacy are embedded through the lifecycle. Mentor engineers, influence cross ...

security area to advance the business relative to the industry. Qualifications 6+ years of experience in vulnerability discovery/security engineering/application security Threat modeling experience of microservice architectures Experience working in a large cloud or software company Extensive research or experience with multiple classes of security bugs … Expertise in applying risk identification techniques to develop security solutions Experience and understanding of Cryptographic algorithms, standards, implementation and application Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software Experience working with large enterprise customers ...

security area to advance the business relative to the industry. Qualifications 6+ years of experience in vulnerability discovery/security engineering/application security Threat modeling experience of microservice architectures Experience working in a large cloud or software company Extensive research or experience with multiple classes of security bugs … Expertise in applying risk identification techniques to develop security solutions Experience and understanding of Cryptographic algorithms, standards, implementation and application Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software Experience working with large enterprise customers ...

security area to advance the business relative to the industry. Qualifications 6+ years of experience in vulnerability discovery/security engineering/application security Threat modeling experience of microservice architectures Experience working in a large cloud or software company Extensive research or experience with multiple classes of security bugs … Expertise in applying risk identification techniques to develop security solutions Experience and understanding of Cryptographic algorithms, standards, implementation and application Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software Experience working with large enterprise customers ...

security area to advance the business relative to the industry. Qualifications 6+ years of experience in vulnerability discovery/security engineering/application security Threat modeling experience of microservice architectures Experience working in a large cloud or software company Extensive research or experience with multiple classes of security bugs … Expertise in applying risk identification techniques to develop security solutions Experience and understanding of Cryptographic algorithms, standards, implementation and application Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software Experience working with large enterprise customers ...

security area to advance the business relative to the industry. Qualifications 6+ years of experience in vulnerability discovery/security engineering/application security Threat modeling experience of microservice architectures Experience working in a large cloud or software company Extensive research or experience with multiple classes of security bugs … Expertise in applying risk identification techniques to develop security solutions Experience and understanding of Cryptographic algorithms, standards, implementation and application Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software Experience working with large enterprise customers ...

security area to advance the business relative to the industry. Qualifications 6+ years of experience in vulnerability discovery/security engineering/application security Threat modeling experience of microservice architectures Experience working in a large cloud or software company Extensive research or experience with multiple classes of security bugs … Expertise in applying risk identification techniques to develop security solutions Experience and understanding of Cryptographic algorithms, standards, implementation and application Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software Experience working with large enterprise customers ...