151 to 175 of 211 Threat Modelling Jobs in the UK

architectures. Review technical designs for security compliance and risk. Establish secure-by-design guidelines and support DevSecOps practices. Evaluate new technologies and lead security tool POCs and integrations. Perform threat modelling and security risk assessments. Collaborate with cross-functional teams on secure architecture and governance. Provide security expertise, training, and mentorship to technical teams. Support security monitoring and More ❯

one or more cloud environment. An understanding of key attacker techniques and capabilities models; and the various Cyber Kill Chain frameworks. Experience in securing cloud platform. Encryption; Knowledge in threat modelling and ethical hacking. Extensive experience working with SIEM solutions. Basic experience in some scripting languages This role falls inside of IR35 and is hybrid working with the More ❯

Conducting assurance reviews and risk assessments Embedding security into solution designs Supporting incident response and post-incident analysis Ensuring compliance with GDPR, ISO27001, NIST, and other frameworks Advising on threat modelling and mitigation strategies What We're Looking For: Strong understanding of security principles and frameworks Experience designing and implementing security controls Excellent stakeholder engagement and communication skills More ❯

your teammates to take ownership of security across the business from hardening and monitoring to governance and incident response Designing and evolving secure architectures using defence in depth and threat modelling principles across cloud, networks and endpoints Driving vulnerability management and scaling tooling such as CSPM, SIEM, IAM and endpoint protection to manage risk effectively Contributing to compliance More ❯

Key Responsibilities: Lead the design, implementation, and upkeep of the OT Cybersecurity Management System and policies to OG86 and IEC(phone number removed)-1 compliance. Conduct risk assessments and threat modeling for OT environments in accordance with IEC(phone number removed)-2. Manage NIS compliance for OT Networks and produce the NIS annual report. Collaborate withOT Engineers to More ❯

experience and expertise in programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience. Extensive experience and expertise in any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience. Experience using Large Language Models (LLM) in security engineering. Preferred Qualifications Master More ❯

years of experience in cloud security, particularly with AWS, and at least 2+ years in software development. Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, API gateways, and API Security (authentication and authorization). Proficiency in programming languages such as Python More ❯

partner closely with product teams to make sure that our users can safely and confidently engage with the onchain world. What you'll be doing (ie. job duties): Perform threat modeling and security assessments of blockchain products and services. Propose, plan, and execute Red Team operations based on realistic threats. Write detailed reports covering the goals and outcomes of More ❯

our culture and success. How will you contribute? Secure SDLC Integration: Embed security within the software development lifecycle, ensuring security is considered at every phase-from design to deployment. Threat Modeling & Security Design Reviews: Conduct structured threat modeling and security assessments for new features, architectures, and services. Vulnerability Management & Remediation: Work closely with engineering teams to identify and … Experience working in SaaS, multi-tenant cloud environments. Knowledge of machine learning security (AI/ML model risks, LLM security best practices). Familiarity with attack surface management and threat intelligence. What do we offer? We value our people and offer a competitive salary along with company bonus Strong maternity and paternity scheme A workplace pension scheme Take what More ❯

connected hardware products. You will work closely with firmware, hardware, and cloud teams to ensure our devices are secure by design and resilient to emerging threats. Job Responsibilities Conduct threat modelling and risk assessments for IoT devices, firmware, and communication protocols. Design and implement secure boot, secure firmware updates (OTA), and hardware-level security controls (e.g., TPM, secure … elements). Perform firmware and embedded software security assessments. Collaborate with hardware and embedded teams on secure product architecture. Monitor evolving IoT threat landscapes and update security policies accordingly. Contribute to internal security standards and assist in compliance with industry benchmarks (e.g., ETSI EN , NIST IR 8259). Work with the AppSec and Cloud Security teams to ensure end … end system security. Qualifications 4+ years of experience in IoT, embedded, or hardware security. Deep knowledge of embedded systems, firmware development, and relevant communication protocols. Experience with common IoT threat vectors and mitigations. Familiarity with secure coding practices in C/C++ or any other language and embedded environments. Hands-on experience with hardware debugging tools (e.g., JTAG, logic More ❯

of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of … OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks —from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber security frameworks applicable to OT environments. Understanding of the NCSC Cyber More ❯

of OT network architecture , protocols, and change management processes. Lead incident response and remediation for cyber events detected by our OT SIEM systems. Actively support vulnerability management and ensure threat exposure is minimised. Provide hands-on leadership in data and asset management , including backup and removable media deployments. Apply and track security metrics to ensure the ongoing effectiveness of … OT environments. Hands-on knowledge of OT technologies and protocols , including experience managing configuration changes. Experience working within incident response frameworks —from coordination to containment and recovery. Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber security frameworks applicable to OT environments. Understanding of the NCSC Cyber More ❯

assessments and more to high profileclients across all industries. The purpose of this role is to deliver our offensivesecurity services including digital footprint reconnaissance, socialengineering, vulnerability assessments, penetration testing, threat modelling,cyber-attack simulation exercises, and more to high profile clients across allindustries. The purpose of this role is to deliver our Cyber Security services across our broad More ❯

also contribute to security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and …/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident More ❯

also contribute to security compliance and best practices, ensuring products meet regulatory and industry standards. Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure-by-design principles. Identify and …/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident More ❯

around performance, security, and scalability. Drive best practices in real-time logging, monitoring, and alerting. Actively promote the use of The Very Group's observability platform. Create and maintain threat models for Performance Unit products. Continuously enhance CI processes to improve deployment efficiency. Identify and mitigate risks, obstacles, and issues impacting technical delivery. Adhere to and help shape policies … services A working knowledge of the Elastic Observability platform (Elastic certification is a plus) Extensive experience building secure, scalable, and highly available software applications Strong understanding and application of threat modelling A background in hands-on software engineering with current, relevant experience A passion for code quality, testing, and engineering best practices Proven ability to influence and negotiate More ❯

improvements Participate in on-call rotation for high-priority issues and assist during major incidents Create and maintain documentation including SOPs and security protocols Support IT security team with threat modelling, remediation, and policy compliance Essential: Strong background in network engineering and troubleshooting across complex environments Operational knowledge of LAN/WAN infrastructure, routing protocols (OSPF, BGP, EIGRP More ❯

build innovative ways of building and assessing operationally resilient technology services. Principal Accountabilities: - Business Impact Assessments & Risk Identification: Develop asset management strategies, lead business impact and vulnerability assessments, conduct threat modelling, and maintain risk identification frameworks. - Risk Assessment & Evaluation: Ensure compliance with governance policies, provide expertise on operational resilience, and support risk assessments for internal operations and third More ❯

alerting systems for the respective platform to facilitate effective incident management. Tool Development: Build tools aligned with the relevant framework and strategy to support the platform. Security and Compliance: Threat modelling and risk assessments. Continuous Improvement: Leverage test automation to minimize system downtime and improve uptime metrics by proactively monitoring and resolving issues. CI/CD: Write and More ❯

and the measurement of controls. Experience of IT Security documentation (policies, standards, processes, procedures and patterns). Experience of IT Health Check and Vulnerability Assessments Experience of risk and threat modelling. Qualifications: accreditation/assurances CISM/XCCP/ISO 27001 To apply, please submit your most recent CV for review. More ❯

and TCP/IP Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++, or similar object-oriented languages Preferred Qualifications Experience with AWS products and services Experience with threat modeling, secure coding, identity management, authentication, software development, cryptography, system administration, or network security Proficiency in programming languages such as Python, Java, or C++ Amazon is committed to equal More ❯

to high-profile clients across all industries. The purpose of this role is to deliver offensive security services such as digital footprint reconnaissance, social engineering, vulnerability assessments, penetration testing, threat modeling, cyber-attack simulation exercises, and more. You'll benefit from ongoing coaching, career mentoring, and support through our career pathway. You will have opportunities to develop market-leading More ❯

and enhance existing cryptographic software, ensuring robustness, security, and performance across supported platforms. Support compliance with relevant security standards (e.g., FIPS, ISO/IEC, NIST PQC). Participate in threat modeling and risk assessments related to cryptographic software. Required Skills And Qualifications Master's or PhD degree in computer science, mathematics, or a related field, with a strong background More ❯

that our users can safely and confidently engage with the onchain world. What you'll be doing (ie. job duties): Develop onchain security strategies and perform security assessments and threat modeling of various blockchain protocols. Lead from the front, be proactive and thorough, and identify top onchain security risks and develop strategies to deal with them. Provide expert technical More ❯

product owners, and compliance teams to ensure that secure design principles and automated security controls are Embedded throughout the software development lifecycle (SDLC). You will take ownership of threat modeling, vulnerability management, and security automation efforts with a specific focus on cloud platforms, primarily Google Cloud Platform (GCP). You will be instrumental in building scalable, resilient security … Application Security Architecture & Strategy Lead the design and implementation of comprehensive application security frameworks that guide the secure development of cloud-native APIs, microservices, and web applications. Conduct detailed threat modeling workshops and architectural risk assessments, identifying vulnerabilities early and collaborating on risk mitigation strategies. Define and enforce secure coding standards and architectural best practices aligned with industry benchmarks … industries. Hands-on experience with a range of application security testing tools including SAST, DAST, and SCA, and integrating these into automated build and deployment pipelines. Practical expertise with threat modeling methodologies such as STRIDE, PASTA, or Attack Trees. Strong knowledge of secure coding standards and common vulnerabilities (OWASP Top 10, API Security Top 10) and how to mitigate More ❯