176 to 200 of 239 Threat Modelling Jobs in the UK

years in product security Strong object orientated programming experience across languages such as Python, C++, Java, Go or Rust Extensive cloud experience Knowledge of threat modelling and risk assessment Please contact james.griffin@stanfordblack.com for more information If this role isn't right for you, but you know of More ❯

years in product security Strong object orientated programming experience across languages such as Python, C++, Java, Go or Rust Extensive cloud experience Knowledge of threat modelling and risk assessment Please contact james.griffin@stanfordblack.com for more information If this role isn't right for you, but you know of More ❯

to maintain and improve our leadership in the industry. Your mission Research and demonstrate cutting-edge hardware supply chain attacks. Perform security evaluations and threat modelling on supply chain processes for Ledger hardware wallets. Define and implement best practices to enhance supply chain security for manufacturing, distribution, and More ❯

easyJet is overseen by 3 Aviation Regulators, each with their own cyber security control expectations, along with legal compliance requirements and a changing cyber threat landscape. The Technical Assurance team is responsible for overseeing easyJet’s strong cyber security posture. We help functions adopt and improve control adoption as … Safety, Data Teams, IT operations and our IT teams to minimise data breaches or data leaks. Working with the Cyber Architecture to validate the threat models produced as part of the project design process. Conduct security assessments and work with Digital Safety Risk function to raise identified cyber risk More ❯

easyJet is overseen by 3 Aviation Regulators, each with their own cyber security control expectations, along with legal compliance requirements and a changing cyber threat landscape. The Technical Assurance team is responsible for overseeing easyJet’s strong cyber security posture. We help functions adopt and improve control adoption as … Safety, Data Teams, IT operations and our IT teams to minimise data breaches or data leaks. Working with the Cyber Architecture to validate the threat models produced as part of the project design process. Conduct security assessments and work with Digital Safety Risk function to raise identified cyber risk More ❯

easyJet is overseen by 3 Aviation Regulators, each with their own cyber security control expectations, along with legal compliance requirements and a changing cyber threat landscape. The Technical Assurance team is responsible for overseeing easyJet’s strong cyber security posture. We help functions adopt and improve control adoption as … Safety, Data Teams, IT operations and our IT teams to minimise data breaches or data leaks. Working with the Cyber Architecture to validate the threat models produced as part of the project design process. Conduct security assessments and work with Digital Safety Risk function to raise identified cyber risk More ❯

easyJet is overseen by 3 Aviation Regulators, each with their own cyber security control expectations, along with legal compliance requirements and a changing cyber threat landscape. The Technical Assurance team is responsible for overseeing easyJet’s strong cyber security posture. We help functions adopt and improve control adoption as … Safety, Data Teams, IT operations and our IT teams to minimise data breaches or data leaks. Working with the Cyber Architecture to validate the threat models produced as part of the project design process. Conduct security assessments and work with Digital Safety Risk function to raise identified cyber risk More ❯

Vulnerability and Threat Hunting Manager Location: Hybrid - London, Blackfriars Join us at Merlin Entertainments as we transform the future of digital guest experiences across our iconic global attractions. Merlin is embarking on an exciting Digital and Data Transformation focused on enhancing the end-to-end guest journey in our … attractions. The Vulnerability and Threat Hunting Manager is responsible for identifying, assessing, and mitigating security vulnerabilities and threats across the organisation’s digital infrastructure. About the Role This role is critical in maintaining the organisation’s security posture by leading the vulnerability management programme, conducting threat assessments, and … business units to ensure proactive defence measures are in place to protect critical systems and data. Responsibilities Develop and implement Vulnerability Management Strategy. Lead Threat Intelligence and Threat Modelling. Oversee Vulnerability Assessments and Penetration Testing. Collaborate on Security Incident Response. Ensure Compliance with Security Standards. Stakeholder Communication and More ❯

Vulnerability and Threat Hunting Manager Location: Hybrid - London, Blackfriars Join us at Merlin Entertainments as we transform the future of digital guest experiences across our iconic global attractions. Merlin is embarking on an exciting Digital and Data Transformation focused on enhancing the end-to-end guest journey in our … attractions. The Vulnerability and Threat Hunting Manager is responsible for identifying, assessing, and mitigating security vulnerabilities and threats across the organisation’s digital infrastructure. About the Role This role is critical in maintaining the organisation’s security posture by leading the vulnerability management programme, conducting threat assessments, and … business units to ensure proactive defence measures are in place to protect critical systems and data. Responsibilities Develop and implement Vulnerability Management Strategy. Lead Threat Intelligence and Threat Modelling. Oversee Vulnerability Assessments and Penetration Testing. Collaborate on Security Incident Response. Ensure Compliance with Security Standards. Stakeholder Communication and More ❯

that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. Job Title: STARA(R) - Enterprise Security Threat and Risk Consultant Location: London - Guildford, Gloucester, London, Manchester, Leeds (Hybrid working) Grade: GG10-GG13 Referral Bonus: £5000 What You'll Be Doing As … an Enterprise Security Threat and Risk Consultant, you will lead and deliver advanced threat and risk assessments across physical, personnel, cyber, and governance domains. Working on mission-critical programmes in government, financial, CNI, and defence, your role will shape how organisations understand and manage threats in the context … of a hybrid threat environment and evolving adversary tactics. You'll collaborate with internal and external stakeholders, advise on strategic risk posture, and ensure delivery of high-impact STARA® engagements. Responsibilities Lead, deliver and support Security Threat and Risk Assessments (STARA®) across ICT, Operational Technology, physical, and personnel More ❯

watchTowr's alignment to numerous industry standards, including ISO27001 and SOC2 Type 2, while going steps further where relevant due to watchTowr's unique threat model. You will oversee security monitoring, threat analysis, threat hunting, penetration testing, and vulnerability management to align cyber risk management with the More ❯

architectures, ensuring compliance with security, performance, and industry standards. Develop and implement a comprehensive cloud security strategy aligned with best practices and frameworks. Conduct threat modeling and risk assessments for new projects, identifying and mitigating security risks. Define and enforce security policies for IAM, encryption, network segmentation, and threat … S3, IAM, Lambda, RDS). Proven experience in designing secure, scalable cloud architectures with a focus on security at every layer. Experience in conducting threat modeling, vulnerability assessments, and developing risk mitigation strategies. In-depth knowledge of AWS security best practices for IAM, encryption, and data protection. Familiarity with … or AWS CDK for automating security and infrastructure provisioning. Hands-on experience with AWS security services (GuardDuty, Inspector, WAF) and third-party tools for threat detection. Proficiency in scripting languages (Python, Bash, PowerShell) to automate security tasks. Experience designing incident response plans and managing security events in cloud environments. More ❯

people, process and technology within the TransUnion Monevo portfolio. Day to Day You’ll Be: Guides and advises technology teams on infrastructure vulnerability and threat management principles, secure coding practices, secure software development methodologies, and secure development lifecycle (SDLC) processes Works with engineering and development team to ensure in … and partners with functional areas and leadership across the business and Global Technology to raise awareness and support for Product Security When necessary, conducts Threat Modeling of products and applications within the organization to identify potential threats and vulnerabilities Provides periodic updates, education and presentations to staff and management … on compliance with policies, standard, regulations and best practices 3+ years of information security experience in cloud environments. In depth experience secure coding practices, threat modeling, secure architecture design, and secure SDLC/CICD pipelines In-depth technical experience with identifying and advising on the remediation of application security More ❯

must be an individual who understands modern software development trends, understands engineering-led software security practices, and keeps up with the evolving cyber security threat landscape. The successful candidate will liaise with internal groups and our regional partners to ensure that program deliverables are met. Success in the role … make strategic recommendations to senior manager on standards and policy changes Qualifications Experience or deep knowledge of key activities within software security group such Threat Modeling/Application Risk Assessment, Vulnerability Assessments, Governance and Metrics, Training, etc. Pre-requisites for this position are a Bachelor's Degree with More ❯

Assist with security awareness training and internal audits as needed/Managing our phishing platform, training and related reporting/Stay current on evolving threat landscape, vulnerabilities and compliance requirements Qualifications and experience/Relevant Information Security certification such as CISSP, CISA, CISM, GSEC is advantageous/Familiar with … years experience working as an information security professional within a medium to large sized global organisation/Solid understanding of security principles, frameworks, and threat models/Background in working with organizations that provide 24x7x365 operations/Familiar with networking fundamentals, protocols and network components/Experience with cloud More ❯

optimize scalable, secure, and compliant software solutions for medical devices and connected health applications. Ensure adherence to IEC 62304, FDA, and cybersecurity regulations, addressing threat modeling, secure coding practices, and risk management. Work with cross-functional teams to architect cloud solutions, ensuring performance, scalability, security, and compliance. Implement cloud … Compliance Ensure secure software development practices in compliance with FDA, IEC 62304, and ISO 27001. Implement identity management, authentication, and data encryption strategies. Conduct threat modeling, vulnerability assessments, and penetration testing. Address cybersecurity challenges in connected medical devices and healthcare IoT. Unit Testing, Quality Assurance & Documentation Implement automated testing More ❯

London, England, United Kingdom Corporate Functions Add to Favorites Incident Response Engineer - Threat Analysis Description Apple is seeking a security professional to join its Information Security Response Organization, as part of the Threat Analysis and Incident Response function. A successful candidate will possess a proven technical background, relevant … Response, Security Engineering, and/or Intrusion Detection Proficient understanding of incident response automation strategies, with demonstrated ability to implement them Proficient understanding of threat modeling, operational threat intelligence, and common attack vectors Knowledge of web application vulnerabilities with ability to triage/verify OWASP Top 10 issues More ❯

OT security monitoring, alerting, and investigations. Collaborate with diverse stakeholders and functions to address cybersecurity incidents, alerts, and the implementation of security technologies. Conduct threat hunting, develop threat models, identify threat vectors, and create use cases for effective security monitoring. What do you need to thrive in More ❯

OT security monitoring, alerting, and investigations. Collaborate with diverse stakeholders and functions to address cybersecurity incidents, alerts, and the implementation of security technologies. Conduct threat hunting, develop threat models, identify threat vectors, and create use cases for effective security monitoring. What do you need to thrive in More ❯

as a part of the broader KLA AI Security program. The ideal candidate will be able to demonstrate a breadth of knowledge across cybersecurity, threat intelligence, and artificial intelligence. Responsibilities: Conduct in-depth technical assessments of AI systems to identify security risks. Develop threat models for AI systems … mitigation strategies for identified risks, and coordinate with business partners to deploy countermeasures to reduce risk to systems and applications. Partner with the cyber threat intelligence team to research and remain current on threats and vulnerabilities to proactively find opportunities to amend our AI security strategy. Leverage research, industry More ❯

Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs and vendor performance. Build and mentor internal … Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive communication. Preferred Qualifications Degree in Computer Science, InfoSec, or related field. Certifications: CISSP, CISM, GIAC (e.g., GCFA, GNFA), or … OT certs (e.g., GICSP, ISA/IEC 62443). Familiarity with cloud security tools, IT/OT integration, and threat modeling. More ❯

Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs and vendor performance. Build and mentor internal … Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive communication. Preferred Qualifications Degree in Computer Science, InfoSec, or related field. Certifications: CISSP, CISM, GIAC (e.g., GCFA, GNFA), or … OT certs (e.g., GICSP, ISA/IEC 62443). Familiarity with cloud security tools, IT/OT integration, and threat modeling. More ❯

one of the following areas: IP networking & OT On-premises architecture and Virtualization Cloud platforms and Containerization Databases and LLMs Mobile Technologies & Application security Threat modeling techniques to identify security threats to systems, leading to the definition of Security requirements. Managing security requirements through the delivery and operational life … cycle of a system. Provision of authoritative specialist security advice in: Risk and threat-based mitigation to system designs. Control frameworks such as NIST, ISO, CIS. Protective monitoring, Authentication and authorization best practices. Develop excellent working relationships with key stakeholders, peers and subordinates. Communicating effectively verbally and in writing More ❯

Integration: Evaluate, select, and onboard security solutions (e.g., endpoint protection, SIEM, vulnerability scanners). Integrate security tools with existing systems and workflows, ensuring effective threat detection and response. Automation & Scripting: Develop and maintain scripts and automation tools to streamline IT operations and enhance security. Automate security tasks, such as … of a distributed workforce. Requirements: Proven experience as an IT Administrator, ideally in a startup environment with a globally distributed workforce. Strong understanding of threat models in blockchain environment. Proactive application of security principles, including Zero Trust architecture, and their application in a remote work context. Experience with MDM More ❯

and implement comprehensive security strategies for Payments System Upgrades. Conduct thorough risk assessments to identify potential security threats and develop mitigation strategies. Create comprehensive threat models aligning with MITRE ATTACK/STRIDE frameworks. Recommend the best controls & mitigations to potential vulnerabilities Ensure the design comply with relevant regulations and … would be within a financially regulated enterprise (e.g., PCI compliance). Proven experience working previously for financial organizations. Previous relevant experience in developing bespoke Threat Models leveraging frameworks like MITRE ATTACK & STRIDE. Proficiency in assessing the Identity & Access Management functions & associated risks during Acquisition process. Be able to understand More ❯