101 to 125 of 311 Threat Modelling Jobs in the UK

of applications. Collaborate with empowered teams to ensure secure design, development, implementation, and verification of applications. Provide remediation guidance and recommendations to developers and administrators. Participate in and advance threat modelling practices across the division. Help stakeholders make risk-based decisions. Train developers and create educational presentations. Develop tools and automation supporting responsibilities. What You Bring to The … identify threats. Excellent ability to communicate, verbally and in writing, complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management. Strong experience in threat modelling software systems. Certification in CISSP or CCSP, it's a plus. Strong problem-solving capabilities using various technologies. Capability to research a new topic and to learn More ❯

the processes and functions performed by the IS Security team Support IS Security to achieve regulatory and statutory compliance requirements Complete cyber risk assessments, including third party suppliers Apply threat modelling principles to complex system and solution designs to identify security risks and appropriate mitigations Support, monitor and recommend improvements to cyber incident management processes Provide input and … Understanding of assessing data security and governance requirements and identifying suitable controls. (essential) Experience of delivering cloud focused security solutions with a solid understanding of modern cyber threats and threat modelling techniques (preferred) Good understanding of security frameworks (NIST CSF, Mitre ATT&CK) (essential) What You’ll Get in Return: We are committed to recognising and rewarding hard More ❯

design by setting security needs and requirements to ensure alignment to L&G Security Policies and Standards, participating in Technology or Supplier selection as a security SME and applying threat and initial risk assessment approaches to select appropriate controls. Work with the Group wide Security Improvement Programme to ensure Group Functions services align with current Security requirements. 2. Security … Information Security broadly, knowledge of Access Control security, transportation security, secure architecture principles, cryptography and operational controls (such as back-ups, resilient design, anti-virus) are essential * Knowledge of Threat modelling, control frameworks and Risk assessment techniques (such as ISO2700x, COBIT, COSO, ITIL and NIST Cyber Security Framework) is desirable * Knowledge of Cloud Security practices is desirable Experience More ❯

deployment, and ongoing operations. Define cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Contribute to the production and review of assurance artefacts, including security cases, risk registers, control implementation evidence, and compliance documentation. Provide … skills In-depth understanding of operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/IT systems within large engineering More ❯

outside IR35 Start Date: 1st July Responsibilities: Provide expert security consultancy across the project lifecycle, with a focus on secure-by-design practices. Lead or support security risk assessments, threat modelling, and architectural reviews. Support the production and review of security documentation (RMADS, SyOps, Security Cases, etc.). Engage with technical and delivery teams to embed security requirements More ❯

outside IR35 Start Date: 1st July Responsibilities: Provide expert security consultancy across the project lifecycle, with a focus on secure-by-design practices. Lead or support security risk assessments, threat modelling, and architectural reviews. Support the production and review of security documentation (RMADS, SyOps, Security Cases, etc.). Engage with technical and delivery teams to embed security requirements More ❯

deployment, and ongoing operations. Define cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Contribute to the production and review of assurance artefacts, including security cases, risk registers, control implementation evidence, and compliance documentation. Provide … skills In-depth understanding of operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/IT systems within large engineering More ❯

NIST. Implement third-party security tools and assist in incident response, working with the CSOC team on Cloud threats and events. Build and enforce Cloud-native security tools, conduct threat modelling, and architectural reviews to improve security practices. Support risk, compliance, and governance initiatives, promote Cloud security, and identify platform improvements. Map attack paths and lead the implementation More ❯

they pertain to the cyber domain. Experience working with cyber and security requirements down to the system control level. Experience conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Experience working with product engineers, system architects, and developers to More ❯

servers, VM environments, client machines, and cloud services.o Proficiency in security-related software and tools, understanding of secure network architectures, experience with encryption and security protocols, and familiarity with threat modelling and risk assessments.o Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.o Strong analytical skills to identify security threats and implement effective solutions.o Ability More ❯

development and maintenance of a secure software development lifecycle (SDLC) with a focus on secure coding practices in languages like Python, C++, Rust, Go and Kotlin/Java. Conduct threat modeling, vulnerability assessments and security code reviews across different platforms, ensuring security is embedded at every stage of the development lifecycle. Provide mentorship, guidance, and training on security best … and ensure compliance with QRT's standards. Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Alibaba Cloud, AWS, Azure, and on-prem systems. Proactively identify security risks and develop strategies for risk mitigation in a fast-paced high-stakes environment. At least … and Linux-based systems. Extensive experience with one or more cloud platforms such as AWS, Microsoft Azure and Alibaba Cloud used in a hybrid environment. In-depth knowledge of threat modeling, risk assessment and development of mitigation strategies for large-scale, complex systems in a fast-paced environment. Experience integrating security scanning tools into CI/CD pipelines and More ❯

in incident response and break/fix situations as needed. Analyze system services, operating systems, networks, and applications from a security perspective discovering security issues that appear under new threat scenarios. Create custom use cases, system alarms, correlation signatures, watch lists and 20 plus custom regex parsers to meet customer's IT security needs. Support onboarding and maintenance of … a product-based company Experience in Windows, Unix/Linux, and/or network administration experience. Experience with cloud security posture management (CSPM) tools. Good understanding of information security threat landscape, and prior experience with threat modeling, including usage of relevant tools and technologies. Good problem solving and troubleshooting skills. Excellent interpersonal communication skills, with ability to work More ❯

engineering partners with cutting-edge tools, techniques, and methodologies to naturally build secure products. What you'll Need to Succeed/Role Requirements: Strong foundations in secure design reviews, threat modeling experience, code reviews, pen-testing Minimum of 3 years of technical experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication … of security principles, compliance regulations, and change management. Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Proven expertise in architectural threat modeling and conducting secure design reviews. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10 or SANS top 25). Familiarity with automated dynamic scanners, fuzzers More ❯

engineering partners with cutting-edge tools, techniques, and methodologies to naturally build secure products. What you'll Need to Succeed/Role Requirements: Strong foundations in secure design reviews, threat modeling experience, code reviews, pen-testing Minimum of 3 years of technical experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication … of security principles, compliance regulations, and change management. Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Proven expertise in architectural threat modeling and conducting secure design reviews. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10 or SANS top 25). Familiarity with automated dynamic scanners, fuzzers More ❯

controls following formal governance mechanisms for IS Security processes. Assist IS Security in achieving regulatory and statutory compliance. Conduct cyber risk assessments, including evaluations of third-party suppliers. Apply threat modeling principles to system and solution designs to identify risks and mitigations. Support and improve cyber incident management processes. Contribute to operational cybersecurity projects. What to bring Experience working … Cyber Security KPIs (preferred). Experience engaging third-party security specialists (preferred). Understanding of data security, governance, and controls (essential). Experience with cloud security solutions and modern threat modeling (preferred). Knowledge of security frameworks like NIST CSF, Mitre ATT&CK (essential). What You'll Get in Return: We offer a competitive salary and benefits, including More ❯

from any location. Security Tooling & Integration: Evaluate, select, and onboard security solutions (e.g., endpoint protection, SIEM, vulnerability scanners). Integrate security tools with existing systems and workflows, ensuring effective threat detection and response. Automation & Scripting: Develop and maintain scripts and automation tools to streamline IT operations and enhance security. Automate security tasks, such as patch management, vulnerability scanning or … the specific risks and challenges of a distributed workforce. Requirements: Proven experience as an IT Administrator, ideally in a startup environment with a globally distributed workforce. Strong understanding of threat models in blockchain environment. Proactive application of security principles, including Zero Trust architecture, and their application in a remote work context. Experience with MDM solutions, Google Workspace, SSO, and More ❯

for processes and functions performed by the IS Security team. Supporting IS Security to achieve regulatory and statutory compliance requirements. Completing cyber risk assessments, including third-party suppliers. Applying threat modeling principles to complex system and solution designs to identify security risks and mitigation strategies. Supporting, monitoring, and recommending improvements to cyber incident management processes. Providing input and support … third-party security specialists for assurance. Understanding of data security and governance requirements and control identification. Experience delivering cloud-focused security solutions and understanding of modern cyber threats and threat modeling techniques. Good understanding of security frameworks such as NIST CSF, Mitre ATT&CK. Benefits At Sword, our core values and culture focus on caring for our people, investing More ❯

OIDC, OAuth) and their implementations. Experience with Google Identity and containerization technologies (e.g., Docker, Kubernetes) is a plus. Strong understanding of security principles and best practices (e.g., secure coding, threat modeling). Excellent problem-solving and analytical skills. Ability to work effectively in a fast-paced, collaborative environment. Excellent written and verbal communication skills. Preferred Qualifications: Google Cloud certifications More ❯

develop creative network solutions to address security challenges. Security and Firewall Management: Manage firewall configurations for the CyberEnergianetwork based on operational requirements. Develop and implement network security tools, produce threat models, and assess risks around existing configurations. Provide subject matter expertise on network security, firewalls, and industry best practices. Document and formalize security processes. Automation and Infrastructure Management: Drive More ❯

be doing for us A day in the life of this role could look like Shadowing a product owner to map manual processes, then turning those into user stories, threat models, and agent blueprints Designing, building, and deploying agents using orchestration frameworks, vector stores, RAG pipelines, memory systems, and real-time APIs Iterating on prompts, reward strategies, and safety More ❯

a fast-growing FinTech that is reshaping the payments landscape. You will collaborate with engineering teams to build security into products from day one, focusing on secure cloud architecture, threat modelling, and risk management. This is not a hands-off role. You will be the go-to advisor for product teams, helping them understand risk, make informed security … assessments and drive a secure-by-design culture Collaborate with engineering teams on cloud-native architecture (GCP, AWS, Azure) Analyse vulnerabilities, prioritise risks, and manage remediation through Jira Lead threat modelling and architecture reviews Shape security tooling and process improvements What you will bring 3 to 5 years in Cyber Security, Product Security, or Secure Software Development Strong … knowledge of GCP (primary), AWS, Azure Experience with threat modelling, AppSec, and security in CI/CD pipelines Ability to communicate security concepts clearly and balance risk with business priorities A collaborative, pragmatic approach Why join Shape security at scale in a high-growth FinTech Work in a fast-paced, collaborative environment Salary £80,000 to More ❯

a fast-growing FinTech that is reshaping the payments landscape. You will collaborate with engineering teams to build security into products from day one, focusing on secure cloud architecture, threat modelling, and risk management. This is not a hands-off role. You will be the go-to advisor for product teams, helping them understand risk, make informed security … assessments and drive a secure-by-design culture Collaborate with engineering teams on cloud-native architecture (GCP, AWS, Azure) Analyse vulnerabilities, prioritise risks, and manage remediation through Jira Lead threat modelling and architecture reviews Shape security tooling and process improvements What you will bring 3 to 5 years in Cyber Security, Product Security, or Secure Software Development Strong … knowledge of GCP (primary), AWS, Azure Experience with threat modelling, AppSec, and security in CI/CD pipelines Ability to communicate security concepts clearly and balance risk with business priorities A collaborative, pragmatic approach Why join Shape security at scale in a high-growth FinTech Work in a fast-paced, collaborative environment Salary £80,000 to More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities Design, develop … and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities Design, develop … and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities Design, develop … and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and More ❯