1 to 25 of 39 Remote/Hybrid Threat Modelling Jobs in the UK

Architect) to support public sector digital and technology programmes by embedding security early in project lifecycles. The role focuses on defining security requirements, conducting threat modelling, and advising delivery teams on proportionate, technically sound security controls. You will work closely with technical design and delivery teams, operating independently … prem, and application environments. Key Responsibilities Draft and define security requirements aligned to the Cyber Assessment Framework (CAF) Facilitate and participate in group threat-modelling sessions with technical delivery teams Produce clear threat statements as outputs of threat-modelling activities Undertake independent research to: Identify ...

resilient to evolving cyber and information threats. Key Responsibilities Identify, interpret, and integrate security requirements throughout the product and system development lifecycle . Lead threat modelling and risk assessments , applying recognised frameworks such as ISO/IEC 27001, NIST 800-30/53, and ISO 31000. … configure industry-standard threat-modelling tools (e.g., STRIDE-based tools, attack-tree tooling). Provide expert advice on secure architectures, ensuring risks are understood, prioritised, and mitigated. Ensure compliance with MOD and HMG standards, including JSPs, Def Stan 05-138/05-139 , and ISN 23/ ...

early. You'll work closely with Software Development teams to ensure application-based vulnerabilities are understood, prioritised, and remediated effectively. You'll contribute to threat modelling, penetration testing, secure design reviews, and the continuous improvement of security testing methodologies. The role also plays a key part in enhancing … SECURITY SPECIALIST ESSENTIAL SKILLS: * Hands-on experience with static and dynamic application security testing tools * Strong understanding of OWASP principles and their use within threat modelling * Experience conducting and reporting on web application penetration testing * Knowledge of software development practices and common programming languages * Working knowledge ...

privileged access Design secure network architectures covering encryption, key management, and secure connectivity Embed application security principles , including secure APIs, data protection, and threat modelling Ensure systems are designed for security resilience , availability, and risk mitigation Collaborate with engineering, platform, and delivery teams to embed security across … Deep knowledge of IAM , authentication, authorisation, and privileged access management Strong background in network security , encryption, and key management Experience with application security , including threat modelling and secure data flows Ability to design systems with security resilience built in Active SC Clearance Nice-to-Have Skills Hands ...

cloud infrastructures. Contribute to blogs and research within the business community. Experience Required The successful candidate will possess proven experience in cybersecurity, security architecture, threat modelling, or related fields within Public Sector and MOD and will have achieved or be working towards Full Membership of CIISEC … NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding of: Cloud security including Azure, Amazon Web Service, Key Management Systems, Containerisation, Network Security Groups ...

teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. Rationale/deliverables: Contribute … enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team Key Responsibilities Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps , especially around ...

testing frameworks The AI Security Engineer is responsible for securing AI platforms and systems against adversarial threats. The role focuses on technical security controls, threat modelling, red teaming, and continuous monitoring of AI systems. Focus of the role Design and implement security controls for AI and LLM systems … Perform AI-specific threat modelling and risk analysis Lead red team and blue team testing of AI platforms Conduct prompt injection and adversarial testing Knowledge & Experience Strong background in security engineering and cloud security Hands-on experience with AI red teaming and adversarial testing Familiarity with AI security ...

cryptography) Solid understanding of IAM concepts (RBAC, ABAC, PAM, SSO) Strong analytical skills with the ability to interpret complex technical information Good understanding of threat modelling and threat intelligence methodologies (OWASP, STRIDE, MITRE) For more details, please reach out to . Reasonable Adjustments: Respect and equality ...

align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share … adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure ...

world national security impact, while enjoying hybrid working and strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What ...

Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ITHC scoping and remediation Certifications ...

principles, standards and patterns Design and assure security controls for new and existing systems, platforms and integrations Conduct security architecture reviews, risk assessments and threat modelling Provide pragmatic guidance to engineering teams, architects and third-party suppliers Ensure alignment between security architecture, enterprise architecture and technology roadmaps Support ...

portfolio of assignments, advising on risk, architecture, and secure delivery for nationally critical systems. Key responsibilities include • Engaging directly with client teams to understand threat landscape, risk appetite, and delivery constraints • Defining and documenting proportionate security architectures aligned to business outcomes • Leading threat modelling and security design ...

performance optimization across environments. Ensure cloud architectures support observability, fault tolerance, and high availability. Data Engineering & Intelligent Systems Guide the engineering team in data modelling, data access patterns, and efficient use of databases (MSSQL, PostgreSQL, MySQL). Work with data engineers to enable secure, efficient data movement between systems … reliable data sources and APIs. Security Engineering & Governance Partner with security engineers to integrate security throughout the software lifecycle (shift-left security, secure coding, threat modelling). Own the implementation of secure authentication/authorization practices, audit logging, encryption at rest/in transit, and other application security ...

products and components. Examples of the tasks, include, but are not limited to; assessment to latest cybersecurity standards, penetration testing (IoT and WebApp), threat modelling, firmware investigation, code analysis etc. This service will be provided to external clients, who will predominantly be manufacturers of wired and wireless … related controls (encryption, digital signatures, secure boot, access control, password management). Understanding how to implement security activities such as vulnerability and patch management, threat intelligence etc. Hands-on practical knowledge with reverse engineering and/or vulnerability testing tools and techniques. Experience in common scripting languages such ...

clicks. As a Cloud Security Engineer you will design AWS cloud solutions, implement and manage security controls between AWS and Kubernetes EKS environments, conduct threat modelling, code review and penetration testing on the AWS infrastructure, configure and manage web application firewall rules and automate security checks and repetitive ...

ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. What you'll need to succeed Strong practical experience in designing and running Identity and Access Management (IAM) solutions for both ...

range of other perks Your role: As a Test Engineer you'll play a key role in building security into applications, carrying out threat modelling and risk assessments during the design phase to ensure solutions are secure by default. You'll help define security requirements for new features ...

outcomes. About You We're looking for someone with a blend of technical expertise and delivery mindset: Hands-on application security experience: secure coding, threat modelling, SAST/DAST tooling. Strong knowledge of SDLC and CI/CD integration, with experience securing software throughout its lifecycle. Pragmatic, delivery ...

fixes to reduce manual work Work with engineering teams to fix vulnerabilities at pace Operate and improve cloud security tooling, including Wiz Support audits, threat modelling and security reviews Mentor junior DevSecOps engineers and support skill development Qualifications What we’d love you to bring: Strong hands ...

engineering or systems administration background. Experience supporting projects and product teams to identify security gaps and define remediation plans. Development experience and familiarity with threat modelling, security frameworks (e.g. NIST CSF), and risk management. Strong written and verbal presentation skills. What do we offer you? At Gamma ...

engineering or systems administration background. Experience supporting projects and product teams to identify security gaps and define remediation plans. Development experience and familiarity with threat modelling, security frameworks (e.g. NIST CSF), and risk management. Strong written and verbal presentation skills. What do we offer you? At Gamma ...

Define and maintain engineering and architectural standards, patterns, and best practices. Conduct option evaluations, risk assessments, and make informed technology recommendations. API, Integration & Data Modelling Design API ecosystems including versioning, discovery, governance, throttling, and security. Define schemas, data contracts, and integration patterns for internal and external systems. Promote consistent … point of contact for architectural decision-making. Security, Compliance & Quality Assurance Ensure secure-by-design principles across all solutions. Support threat modelling, risk assessments, and compliance with security and data protection requirements. Drive non-functional requirement definition (performance, scalability, availability, resilience). Support test strategy and quality engineering ...