176 to 200 of 200 Threat Modelling Jobs in the UK

of a world-class security framework, including associated services (penetration testing, research, consultancy etc.). What we need from you/essential skills & experience: Experience of Mobile platform security, threat modelling and mitigation techniques Capable of conducting regular reviews of our mobile application security posture using your hands-on experience. Develop and maintain pen-testing security tools, scripts More ❯

Overview Engineer the future of global finance. At Citi, our Tech team doesn't just support finance - we are helping to redefine it. Every day, $5 trillion crosses through our network. We do business in 180+ countries operating at a More ❯

one or more cloud environment. An understanding of key attacker techniques and capabilities models and the various Cyber Kill Chain frameworks. Experience in securing cloud platform; Encryption. Knowledge in threat modelling and ethical hacking. Extensive experience working with SIEM solutions; Basic experience in some scripting languages. More ❯

Real Time user interfaces that are deeply integrated with the Android OS. Strong understanding of mobile security principles and best practices, including secure data storage, network communication (mTLS), and threat modelling. Proficiency in consuming RESTful APIs and Real Time data streams (eg, WebSockets) in a mobile environment. Strong understanding of Android performance profiling tools and techniques to debug and More ❯

real-time user interfaces that are deeply integrated with the Android OS. ? Strong understanding of mobile security principles and best practices, including secure data storage, network communication (mTLS), and threat modeling. ? Proficiency in consuming RESTful APIs and real-time data streams (e.g., WebSockets) in a mobile environment. ? Strong understanding of Android performance profiling tools and techniques to debug and More ❯

in code, containers, APIs, and infrastructure-as-code before they reach production. Collaborates with development, security, and operations teams to implement remediation and improve security posture. Stays current with threat landscapes, tools, and methodologies to proactively defend against evolving cyber risks in general and more specific to an airline industry, transportation sector. Your Responsibilities Integrate security practices and tools … identify flaws in CI/CD, IaC, and cloud/containerized environments. Perform manual and automated security testing on web apps, APIs, pipelines. Participate in agile ceremonies (sprint planning, threat modeling, grooming). Create detailed reports, providing actionable advice to clients on how to address the identified vulnerabilities and improve their security posture; outlining identified vulnerabilities, their potential impact … background (OWASP Top 10, API security). Manual pentesting of modern web apps, APIs, and CI/CD pipelines. Deep understanding of DevSecOps practices, secure SDLC and proficient in threat modeling and secure design review. Proficiency in automating security checks within the CI/CD pipeline using tools like Jenkins, GitLab, and Ansible is vital. Knowledge of secure coding More ❯

organisation recruiting. Responsibilities We are looking for a hands-on Cyber Security specialist to continuously monitor networks & systems for security breaches or intrusions. Identify threats via penetration testing and threat modelling, working with DevOps, IT and compliance teams to enforce policies, respond to risks and improve defences. Be a fixer of Cyber Security issues, capable of resolving issues More ❯

one or more cloud environment; An understanding of key attacker techniques and capabilities models; and the various Cyber Kill Chain frameworks; ; Experience in securing cloud platform; Encryption; Knowledge in threat modelling and ethical hacking; Extensive experience working with SIEM solutions; Basic experience in some scripting languages Networking, SOC, Infrastructure background is good. Security Analyst apply due diligence to More ❯

to high-profile clients across all industries. The purpose of this role is to deliver offensive security services such as digital footprint reconnaissance, social engineering, vulnerability assessments, penetration testing, threat modeling, cyber-attack simulation exercises, and more. You'll benefit from ongoing coaching, career mentoring, and support through our career pathway. You will have opportunities to develop market-leading More ❯

Governance: Ensure the MLOps platform adheres to stringent financial industry regulations (e.g., GDPR, SOX, PCI-DSS, SWIFT CSCF) and internal policies (Model Risk Management). Automate compliance evidence collection. Threat Modeling & Risk Assessment: Proactively conduct threat modeling for AI/ML systems, identifying risks related to data poisoning, model inversion, adversarial attacks, and unauthorized access to sensitive models. More ❯

Initial We are looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate … Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis. Investigate anomalies and escalate incidents based on network telemetry. Endpoint Protection: Deploy and manage CrowdStrike Falcon agents across enterprise endpoints. Maintain and update … detection rules, ensuring alignment with threat intelligence. Security Operations Centre (SOC): Act as a Level 2 SOC Analyst and Incident Handler. Triage, investigate, and respond to security alerts and incidents. Collaborate with other SOC team members to ensure timely resolution and documentation. Threat Intelligence & Insider Threat Monitoring: Monitor threat feeds and manage Indicators of Compromise (IOCs More ❯

Oracle Cloud Infrastructure The Oracle Threat and Vulnerability Management (TVM) team proactively identifies, assesses, prioritizes, and relentlessly drives the remediation of security weaknesses and vulnerabilities at scale across the total enterprise. The TVM team performs security assessments, vulnerability research, guides and advises mitigation strategies, and coordinates the response to zero-day and other urgent vulnerabilities. We ensure the security … security posture of Oracle Manage and lead the performance of vulnerability assessments and deviation reviews Be able to critically examine an organization and system through the perspective of a threat actor and articulate risks in clear, detailed terms Guide effective remediations and fixes in our cloud (including public, private, distributed, hybrid, and multi) and on-premise platforms and products … into prioritized work or features Expertise in applying risk identification techniques to develop security solutions Experience and understanding of cryptographic algorithms, standards, implementation and application Experience and understanding of threat modeling, penetration testing, reverse engineering and attacks on software Experience working with large enterprise customers The ideal candidate posseses or has the ability to obtain and maintain a Developed More ❯

Identifying and exploiting vulnerabilities in networks, systems, and configurations. Developing custom tooling and scripts to support testing and reporting. Conducting technical research and publishing internal findings or blogs. Supporting threat modelling and contributing to detection engineering efforts. Working closely with clients to provide solutions and deliver elite technical assessments. What You Bring Strong hands on experience in infrastructure More ❯

Identifying and exploiting vulnerabilities in networks, systems, and configurations. Developing custom tooling and scripts to support testing and reporting. Conducting technical research and publishing internal findings or blogs. Supporting threat modelling and contributing to detection engineering efforts. Working closely with clients to provide solutions and deliver elite technical assessments. What You Bring Strong hands on experience in infrastructure More ❯

defined OT penetration testing engagements. What You'll Do: Conduct thorough penetration tests on client systems, applications, and networks - specifically OT/ICS systems - to identify security weaknesses. Perform threat modelling and adversarial simulations. Collaborate with clients to understand their security needs and provide tailored recommendations. Develop and execute test plans, ensuring all testing is carried out ethically More ❯

to Type) providing a complete picture to the customer of system performance. This role will give you a unique opportunity to act as an end user/operator of threat models participating in scenarios, applying doctrine, reacting to events, and learning these systems in detail. This task will give unrivalled access to our customers, as well as international partners More ❯

security advice Review and thoroughly understand applications from a security perspective, using your knowledge of Secure by design, NCSC best practice and control frameworks such as NIST, ISO, CIS Threat models/techniques to identify security threats to systems Provide risk and threat-based mitigation advice on system designs Develop excellent working relationships with key stakeholders Communicate effectively More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track risk More ❯

and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal … regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track risk More ❯

a team of exceptional security engineers, delivering a technical roadmap that you will shape. What you'll be doing Application Security (AppSec) : Driving secure development practices, code analysis, and threat modelling. Security Operations (SOC) : Overseeing monitoring, incident response, vulnerability management, and operational resilience. Governance, Risk & Compliance (GRC) : Leading our efforts to achieve and maintain compliance with PCI, GDPR, SOC2 … track record of growing a collaborative and cross-functional Security team. Scaling AppSec : You've owned and scaled a robust Application Security program, including secure development, code analysis, and threat modelling. Running Security Operations : You have deep experience overseeing a Security Operations function, managing monitoring, incident response, and vulnerability management. Driving GRC : You're an expert in managing compliance More ❯

cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM/PAM implementations and M365/Azure/Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external … audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track key security KPIs and metrics. Produce security performance and risk reports for executive and board audiences. Maintain security risk registers and More ❯

that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't just monitor; you'll actively engage in the … will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl stay … attack reconstruction and intelligence gathering. Proactively research emerging cyber threats. Apply analytical understanding of attacker methodologies and tactics, system vulnerabilities, and key indicators of attacks and exploits. Contribute to threat intelligence reports and briefings that provide situational awareness of cyber threats impacting the company's global network infrastructure, to every level of the organization. Participate in threat hunt More ❯

SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and … strategies. Key requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as Python, Java More ❯

on an evaluation of their potential and support them throughout their time at Cloudflare. Come join us! Available Locations: London, UK About the Team Cloudforce One is Cloudflare's threat operations and research team, responsible for identifying and disrupting cyber threats ranging from sophisticated cyber criminal activity to nation-state sponsored advanced persistent threats (APTs). Cloudforce One works … in close partnership with external organizations and internal Cloudflare teams, continuously developing operational tradecraft and expanding ever-growing sources of threat intelligence to enable expedited threat hunting and remediation. Members of Cloudforce One are at the helm of leveraging an incredibly vast and varied set of data points that only one of the world's largest global networks … can provide. The team is able to analyze these unique data points, at massive scale and efficiency, synthesizing findings into actionable threat intelligence to better protect our customers.The team's core disciplines are data engineering, data science, devops, and security. We use data science and machine learning to process large volumes of data and build threat intelligence for More ❯

and domain expert within the organization and be able to communicate security risk and concepts to both technical and non-technical audiences. Lead initiatives with Engineering teams to optimize threat models and mitigate risks. Encourage a positive security culture across the Engineering organization. Relentlessly champion for security outcomes on behalf of our customers. Work with other engineering leaders to … embed security into day-to-day development processes. Help proactively assess security risk through product deep dives, threat modeling, and design, architecture and implementation reviews. Review and improve existing security processes related to product assessments, pen testing, and bug bounty findings. Develop product security controls and supervising strategies to grow our threat detection capabilities. Seek opportunities for security … tooling and automation. What You'll Bring 5+ years of proven experience securing enterprise applications and infrastructure, preferably in the Crypto and FinTech space. Experience with the application of threat modeling and other risk identification techniques. Strong understanding of the OWASP top 10, including details of common vulnerabilities and emerging threats. Experience with authentication and authorization standards, including OAuth More ❯