126 to 150 of 302 Threat Modelling Jobs in the UK

guidelines. Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines (e.g., IaC scanning, secrets detection). Perform regular cloud security assessments, misconfiguration checks, and threat modeling. Monitor infrastructure for vulnerabilities, misconfigurations, and anomalous activity. Lead incident response planning and contribute to business continuity efforts. Work closely with AppSec, GRC, and IoT teams to ensure More ❯

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud … Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and … associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience More ❯

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud … Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and … associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience More ❯

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud … Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and … associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience More ❯

I am hiring a Lead DevSecOps Consultant on behalf of an exciting consultancy specialising in specialising in cyber security solutions. Their expertise includes risk and threat assessments, ensuring robust security measures for existing and new technologies. They promote a security-focused mindset within DevOps teams, coordinate penetration testing, and document security risks. They foster effective teamwork and manage client … Guide your team in creating forward-thinking approaches to security for various projects, integrating cutting-edge technologies to establish resilient and efficient practices. Proactive Risk Management -Perform assessments and modelling to identify potential threats and implement tailored safeguards for projects and clients. Collaborative Engagement and Leadership - Enhance security awareness and help to develop both the technical and soft skills … Essential: Minimum of 3 years experience in team leadership within cyber security Minimum 5 years experience in DevSecOps or a similar technically focused role Strong leadership skills Expertise in Threat Modelling Strong knowledge of Cloud and Infrastructure Security Experience with compliance of Frameworks and Standards such as ISO 27001, NIST, GDPR etc. Solution oriented mindset Strong interpersonal skills More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯

security culture with your product technology and business colleagues. Products that have the right security culture will strive to prioritize sustainable controls and driving real risk reduction outcomes. Embed threat modelling, security design & architecture reviews into product and application teams so they adopt our control products and create products that are secure from the start. Know your product … by technology partners, with a focus on Cloud computing/emerging technologies. Required qualifications, capabilities and skills: Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls via Threat Modeling and Security Design & Architecture Reviews Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud More ❯

threats, respond to incidents, and continuously improve the security posture. Responsibilities Implement security controls for cloud infrastructures (AWS and Azure). Develop and engineer cloud security policies, ensuring proactive threat prevention, detection, and forensic analysis. Implement security solutions for containerised environments and microservices (eg, Kubernetes, Docker). Build and maintain security at every point in the CI/CD … pipeline. Build and integrate security solutions into DevSecOps pipelines, collaborating with UKRI teams. Perform cloud threat modelling and implement countermeasures. Assess third-party cloud and on-premises solutions for security risks and recommend mitigations. Design and enforce cloud security policies, standards, and best practices. Monitor security compliance and ensure adherence throughout the project life cycle and in business More ❯

high-growth financial technology business shaping the future of payments. Conduct vulnerability assessments, penetration testing, and risk analysis to identify and mitigate security weaknesses. Embed security by design and threat modelling principles into product development. Lead incident response efforts, coordinating with stakeholders to minimise risks. Collaborate with engineering, product, and commercial teams to build a secure product. Monitor … in cybersecurity and GRC, ideally in a high-growth tech environment. Strong knowledge of cloud (AWS), application, infrastructure, and network security. Familiarity with payment security standards (PCI DSS) and threat landscapes. Excellent problem-solving, attention to detail, and communication skills. A self-starter who thrives in a fast-paced environment. Even if you do not meet all of the More ❯

define and manage GCP resources securely and efficiently. Perform thorough security assessments on GCP environments, utilizing GCP-specific security tools and technologies, to identify and address potential vulnerabilities. Conduct threat modelling and risk assessments for GCP deployments, designing effective security solutions tailored to GCP services. Collaborate with cross-functional teams to respond to GCP-specific security incidents promptly More ❯

access management (IAM) solutions, including technologies like federation, single sign-on (SSO), multi-factor authentication (MFA), and entitlement management. Fraud Detection: Familiarity with fraud detection systems, including rules engines, threat modelling, and risk assessment. Knowledge of emerging cybersecurity threats and vulnerabilities, as well as industry standards like FIDO, NIST 800-63, or ISO 27001. Understanding of Agile and More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

and scalable Work with the product owner to address user needs Develop secure and high-quality production code, perform code reviews and able to debug issues Participate in agile threat modelling and vulnerability management Ensure compliance with security and regulatory requirements for MOD and high Design assurance software Develop solutions for where data can bring value to our More ❯

of security incidents, ensuring swift and effective resolution. Design and deliver engaging training sessions to raise awareness and promote a security-first mindset across the organisation. Monitor the evolving threat landscape and develop proactive strategies to mitigate risks. Coordinate internal and external audits, ensuring readiness and compliance with relevant standards. Oversee the performance and strategic direction of the Security … and PCI DSS. What you'll need to succeed Willingness to work 7-hour days, 3 days a week Demonstrated expertise in conducting technical security risk assessments and developing threat models. Comprehensive knowledge of core cybersecurity domains, including network, endpoint, and cloud security. Skilled at translating technical vulnerabilities into business-relevant language for diverse audiences. Hands-on experience operating More ❯

of security in at least one of the following areas: IP networking & OT On-premises architecture and Virtualization Cloud platforms and Containerization Databases and LLMs Mobile Technologies & Application security Threat modeling techniques to identify security threats to systems, leading to the definition of Security requirements. Managing security requirements through the delivery and operational life cycle of a system. Provision … of authoritative specialist security advice in: Risk and threat-based mitigation to system designs. Control frameworks such as NIST, ISO, CIS. Protective monitoring, Authentication and authorization best practices. Develop excellent working relationships with key stakeholders, peers and subordinates. Communicating effectively verbally and in writing, demonstrated through: Effectively explain complex technical solutions to a non-technical audience. Writing meaningfully to More ❯

and public cloud data centers. What you'll Need to Succeed: Strong foundations in software engineering. Minimum of 7 years of technical experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security. Minimum 2 years experience with Software Development Life Cycle in one or more … cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Strong background in threat modeling. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10). Familiarity with automated dynamic scanners, fuzzers, and proxy tools. An analytical mind for problem solving More ❯

and public cloud data centers. What you'll Need to Succeed: Strong foundations in software engineering. Minimum of 7 years of technical experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security. Minimum 2 years experience with Software Development Life Cycle in one or more … cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Strong background in threat modeling. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10). Familiarity with automated dynamic scanners, fuzzers, and proxy tools. An analytical mind for problem solving More ❯

with organisational security requirements. - Perform additional security-related tasks as directed by the Head of Information Security You will Ideally have - - Proven experience in technical security risk assessments and threat modelling. - Strong understanding of cybersecurity principles, including network, endpoint, and cloud security. - Ability to assess and communicate technical vulnerabilities in business terms. - Experience working with or within a SOC More ❯

the secure financial transactions space. Qualifications What will make you successful Technical skills & knowledge: Broad knowledge of cyber security concepts including cryptography, authentication and authorization, access control, secure architectures, threat modeling, vulnerabilities and software security. Strong knowledge of regulatory requirements (e.g. GDPR, ISO27001, PCI-DSS) and experience in regulatory reporting. 3-5 years of experience in GRC, risk management More ❯

of new technology. Your role and responsibilities As a Cybersecurity Architect, you will specialize in DevSecOps, integrating security into the software development lifecycle, automating security practices, and ensuring robust threat modeling and vulnerability management. Your primary focus will be on cloud-native and on-premises environments, with a strong emphasis on application security, infrastructure as code (IaC) security, and More ❯

thrive in a collaborative, high-impact environment - this is your chance to make a real difference. Key Responsibilities Define and embed security requirements throughout the product development lifecycle. Conduct threat modelling, risk assessments, and drive mitigation strategies. Advise on solution architecture, minimising security risks and ensuring compliance. Collaborate with cross-functional teams to implement security best practices. Support … by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan 05-138/139). Familiarity with HMG security and assurance frameworks is a strong plus. Comfortable using threat modelling tools and risk assessment methodologies. Key Competencies: Excellent communicator - confident, clear, and influential. Proactive problem-solver with critical thinking skills. Organised, resilient, and delivery-focused. Strong team More ❯