26 to 50 of 210 Threat Modelling Jobs in the UK

this domain. What You'll Do Lead and shape AI security team, providing direction, mentorship, and support. Develop and implement comprehensive security strategies for AI systems, including risk assessments, threat modelling, and mitigation plans. Develop and implement a strategy for securing AI systems and applications, ensuring they are resilient against evolving threats. Build strategy to use AI to … enhance security measures, including threat detection, incident response, and anomaly detection. Collaborate with AI development teams to integrate security best practices throughout the AI lifecycle, from design to deployment. Ensure compliance with industry standards, regulations, related to AI security. Defining and implement approach to assessing AI security in the group, to include continuous assessment, detection model, and commissioning adversarial … cybersecurity principles, including encryption, authentication, access control, and network security. Experience with security frameworks and standards such as ISO 27001, NIST, and GDPR. Demonstrated experience in conducting risk assessments, threat modelling, and security audits. Excellent leadership, communication, and project management skills. Ability to work cross-functionally with multi-functional teams and manage multiple priorities in a fast-paced More ❯

this domain. What You'll Do Lead and shape AI security team, providing direction, mentorship, and support. Develop and implement comprehensive security strategies for AI systems, including risk assessments, threat modelling, and mitigation plans. Develop and implement a strategy for securing AI systems and applications, ensuring they are resilient against evolving threats. Build strategy to use AI to … enhance security measures, including threat detection, incident response, and anomaly detection. Collaborate with AI development teams to integrate security best practices throughout the AI lifecycle, from design to deployment. Ensure compliance with industry standards, regulations, related to AI security. Defining and implement approach to assessing AI security in the group, to include continuous assessment, detection model, and commissioning adversarial … cybersecurity principles, including encryption, authentication, access control, and network security. Experience with security frameworks and standards such as ISO 27001, NIST, and GDPR. Demonstrated experience in conducting risk assessments, threat modelling, and security audits. Excellent leadership, communication, and project management skills. Ability to work cross-functionally with multi-functional teams and manage multiple priorities in a fast-paced More ❯

to be the engineer that can dissect designs, model attack paths, and give hands-on examples to teams of what good looks like. On any given engagement you might threat model, assess pipelines, learn a DSL from a security vendor so that you can complete a proof of concept, or build toolkit to help your team. We don't … expect you to know it all. Responsibilities: Threat modelling & architecture reviews - break down new AWS-backed services, map trust boundaries, build attack trees, and define security requirements before a single line of code is merged. Security automation - write and maintain IaC-driven checks, custom Lambda/Step-Functions, CI/CD gates, and CSPM rules so that secure … About the candidate: Must-haves A minimum Bachelor's degree (2.1 or higher) is required in Computer Science, or in a Technology-related field Deep AWS internals knowledge Proven threat-modelling chops (STRIDE, attack-trees, or other methodologies ). Strong coding ability in at least one language (Python, Go, Rust, etc.). CI/CD security automation (GitHub More ❯

of applications. Collaborate with empowered teams to ensure secure design, development, implementation, and verification of applications. Provide remediation guidance and recommendations to developers and administrators. Participate in and advance threat modelling practices across the division. Help stakeholders make risk-based decisions. Train developers and create educational presentations. Develop tools and automation supporting responsibilities. What You Bring to The … identify threats. Excellent ability to communicate, verbally and in writing, complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management. Strong experience in threat modelling software systems. Certification in CISSP or CCSP, it's a plus. Strong problem-solving capabilities using various technologies. Capability to research a new topic and to learn More ❯

our continual information security strategy, joining us on our journey and developing yourself along the way. Why Join Us? Work with a talented team of security professionals in a threat-driven environment. Ability to help shape the future of our cyber defence capabilities across a wide and diverse range of businesses. Competitive compensation and benefits package. Flexible work environment … with opportunities for remote work and professional development. Key responsibilities: Reporting to the Director of Information Security & Information Technology, you will be responsible for: - Build and own Seniors threat intelligence strategy. Develop and own the threat management program with regular assessments, threat modelling, risk prioritisation and remediation activities. The individual will serve as a subject matter … expert incyber threat management, advising our various businesses on adversary activities, situational awareness and defensive actions. Designing tactical and strategic responses to emerging security threats Define, implement and manage our cyber threat capability working with our local IT teams, MSSP partners, vendors and other key stakeholders. Provide our IT teams with guidance on adversary intentions, objectives and potential More ❯

PAM) for enhanced access control. Define RBAC models, identity life cycle processes, and access governance standards. 3. Security Architecture & Compliance Lead security-by-design for all SailPoint deployments. Conduct threat modelling, risk assessments, and security impact analyses for IAM solutions. Establish and enforce IAM security policies, authentication and authorization models, and encryption standards. Ensure solutions comply with applicable … integration with Azure AD and MFA tools (eg, DUO Security). Strong understanding of IAM security architecture, governance, and compliance frameworks (GDPR, ISO 27001, WCAG 2.2). Skilled in threat modelling, risk assessment, and vulnerability management for IAM systems. Good-to-Have Skills Experience in higher education or public sector environments. Familiarity with other IAM platforms, directory services More ❯

implement scalable security mechanisms and tooling across diverse customer environments and architectures. • Engage directly with CISOs, enterprise architects, and security executives to co-develop secure-by-design solutions. • Lead threat modelling, posture review, and detection design efforts targeting systemic risk. • Build automation and detection systems directly or in collaboration with engineering teams to reduce manual effort and accelerate … regulated or high-trust environments such as finance, energy, or government • Prior experience designing or contributing to security automation mechanisms at scale • Strong understanding of cloud-native security principles, threat modelling, and secure design patterns • Demonstrated ability to collaborate and deliver results across organisational and technical boundaries Amazon is an equal opportunities employer. We believe passionately that employing More ❯

Our Needs Fluent in English - both written and spoken Demonstrable experience as a Security Architect or similar role Strong knowledge of security standards, protocols, and best practices Experience with threat modelling, risk assessment, and incident response Familiarity with security tools (e.g., Snyk, OWASP ZAP) Excellent communication and collaboration skills Self-learner and ability to execute tasks without supervision … Ability to maintain the highest level of professionalism Activities Assess and design secure system architectures Define and enforce security policies and best practices Conduct threat modelling and risk assessments Collaborate with development teams to ensure secure coding practices Review and recommend security tools and technologies Respond to security incidents and perform root cause analysis Acquired Experiences and Demonstrable More ❯

drive awareness of security from the earliest stages of design through to deployment. You'll help integrate automated security tooling and checks into our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and … in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with engineers and promotes secure-by-default practices We might not be right for you if: You More ❯

that requires a higher level of resolution. Assist with Problem and Change management support for the resolution of incidents. Proactively identify opportunities of improvement from a technical perspective. Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Pre-requisites: Experience of 9-12 years in advanced security technologies Strong security More ❯

organisation is seeking a VP-level DFIR Manager to lead its Digital Forensics and Incident Response (DFIR) team. This is a hands-on leadership role focused on incident response, threat detection, and forensics within a complex, regulated environment. You'll be responsible for advancing the organisation's incident response capabilities, leading investigations, and driving threat detection maturity through … development of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response activities. Develop and implement IR methodologies (MITRE ATT&CK, Kill Chain, Threat Modelling, Diamond Model). Conduct forensic investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature … security monitoring use cases (SIEM, packet inspection, IOCs). Coordinate cross-functional security incident response with SOC, Threat Intelligence, and Red/Blue teams. Engage with technical and business teams on cyber risk reduction strategies. Contribute to vulnerability management and remediation plans. Required Skills & Experience Proven experience managing DFIR or cyber incident response teams. Deep technical knowledge of IR More ❯

development lifecycle and CI/CD processes and working with the IT Infrastructure team on the security elements of migrating on-premise Windows estate to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling More ❯

development lifecycle and CI/CD processes and working with the IT Infrastructure team on the security elements of migrating on-premise Windows estate to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling More ❯

development lifecycle and CI/CD processes and working with the IT Infrastructure team on the security elements of migrating on-premise Windows estate to Azure. You'll lead threat modelling and threat hunting activities to proactively discover potential compromises, work with external teams on penetration tests and red team engagements and manage SIEM and XDR tooling More ❯

part in developing our vulnerability management program, working closely with our operational support, infrastructure, and development teams. Plus, you'll be right in the thick of security event monitoring, threat intelligence, and incident management - keeping us one step ahead! What you'll be doing: Delivering SOC Capabilities: You'll be a key team member in delivering ongoing Security Operations … possible and play a big part in evolving our security tooling and services. Policy & Standards: You'll champion the adoption and adherence to our InfoSec policy, standards, and guidelines. Threat Intelligence: You'll monitor and apply current and emerging threat intelligence, using tools like Google Threat Intelligence to proactively spot and tackle digital threats. Incident Response: You … CSPM) tools. Knowledge of Cloud Workload Protection Platforms (CWPP) for securing containers, serverless workloads, and virtual machines. Working knowledge of DevSecOps methodologies . Ability to contribute to cloud solution threat modelling and secure design reviews. A bit about you: Passion! You're genuinely passionate about your career path and love what you do. Communication skills. You can express More ❯

NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and threat-based approaches to evaluate and recommend appropriate and proportionate security technologies and solutions (e.g., SIEM, IAM, CASB, container security). Outline key security components, interfaces, and dependencies. Develop architectural … Document security design principles and provide rationale. Ensure designs align with business objectives, security policies, and industry best practices, with a focus on cloud-native security considerations. Risk and Threat Management: Conduct comprehensive risk assessments and threat modelling, providing detailed analysis and actionable recommendations. Advises clients on risk mitigation strategies and security best practices, and support the More ❯

security and customer-facing security services. It will lead the design and evolution of secure architecture across telecom networks, data centres, and cloud environments, embedding zero-trust principles and threat mitigation strategies. The position also drives the development of secure products for customers, such as managed firewalls and SD-WAN, while ensuring compliance with industry standards and mentoring junior … infrastructure including IP core networks, MPLS, SDN, optical transport, data centres, and cloud workloads. Provide guidance on zero-trust network design, micro-segmentation, DDoS mitigation, identity-based access, and threat detection. Conduct threat modelling and risk assessments across backbone and edge infrastructure, OSS/BSS systems, and service platforms. Partner with engineering and operations to embed security … refreshes, and automation initiatives. Security Product Architecture (Customer-Facing Focus) Lead architecture of customer-facing security services such as managed firewalls, SD-WAN, SASE, DDoS mitigation, endpoint protection, and threat intelligence. Work closely with product management to define secure architecture for new security products and evolve existing offerings. Evaluate and integrate third-party platforms into customer solutions, balancing security More ❯

security into everything we dofrom infrastructure to application design. Key Responsibilities Design and implement security controls across cloud platforms (AWS, Azure, or GCP) Develop and maintain security tooling for threat detection, vulnerability management, and incident response Lead threat modelling and risk assessments for critical systems and services Collaborate with engineering teams to integrate security best practices into More ❯

privileged-access workflows. Monitoring, Detection & Response - Define audit logging, metrics, and telemetry requirements; integrate with SIEM/SOAR to deliver actionable alerts and playbooks for engineering-led incident response. Threat Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to leadership. Tooling & Automation - Evaluate, select, and integrate security tooling (SAST, DAST … Compliance & Audits - Partner with InfoSec and Legal to prepare evidence, manage technical controls, and remediate audit findings. InfoSec Partnership - Collaborate proactively with the Information Security team on policy development, threat intelligence sharing, incident response, and compliance initiatives, ensuring organisation-wide alignment. Engineering Partnership & Enablement - Work hand-in-hand with engineering squads to raise security awareness, improve secure coding practices … Experience working within high-sensitivity data environments Strong awareness of compliance standards and the requirements on software teams, especially for ISO27001 and SOC2. FedRAMP experience advantageous. Demonstrated experience performing threat modelling, penetration test scoping, and vulnerability management. Deep understanding of IAM concepts, encryption/key-management, and secure network design. Excellent communication skills with ability to translate technical More ❯

scanning (e.g. Qualys, Sonar Cloud, Tenable or Azure-native scanners) into CI/CD pipelines. Security Analysis & Incident Response Perform root-cause analysis of security incidents and vulnerabilities. Conduct threat modelling, code and infrastructure reviews. Develop and execute incident response procedures, leveraging Sentinel playbooks and Logic Apps when required. CI/CD & Automation Integrate automated security testing (SAST More ❯

Management: Develop and maintain a comprehensive security posture management program to proactively identify and address vulnerabilities. Continuously assess the organization's security posture through vulnerability assessments, penetration testing, and threat modelling. Collaborate with cross-functional teams to implement security best practices and ensure compliance with industry standards and regulations. Cyber Exposure Risk Management: Identify, analyse, and prioritize cyber exposure … configuration management, and secure coding practices. Monitor and respond to emerging threats, ensuring the organization remains resilient against evolving attack vectors. Collaborate with external partners and stakeholders to share threat intelligence and improve the organization's defences. Policy and Compliance: Establish and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry frameworks (e.g., ISO … for improvement. What You'll Bring: Experience: A depth of experience in cybersecurity, with at least 3 years in a leadership or management role. Proven experience in vulnerability management, threat modelling, and incident response. Strong understanding of security frameworks, compliance standards, and best practices. Education:Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. More ❯

security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share and gain intel from the … an access management perspective. Ensure adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure teams to implement IAM design More ❯

architecture strategy. Act as a trusted security advisor to senior leadership and engineering teams. Guide the design and integration of secure solutions across applications, infrastructure, and data platforms. Perform threat modelling, architecture reviews, and propose mitigation strategies. Ensure alignment with European regulatory standards (e.g., GDPR, PSD2, DORA, NIS2). Embed DevSecOps into SDLC and CI/CD pipelines More ❯

proactive Detection and Response Engineer and play a pivotal role in safeguarding our organisation against cyber threats! What you'll do Design, code and operationalise detection rules based on threat models and intelligence Fine-tune detection rules and monitor their performance Support detection automation and playbook editing Conduct proactive threat hunting and threat modelling Perform cyber … our journey and you will too. What you'll need Previous experience of working in a cyber security operations context Ability to analyse security logs and events Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence More ❯

ensuring their SIEM and wider technologies are operating as effectively as possible whilst ensuring People and Process are similarly proficient. Main tasks and responsibilities: Help customers implement or improve threat modelling and provide valuable new use cases to ensure their SIEM is capable of detecting the real-world tactics used by adversaries. Undertake assessments and gap analysis including … technical health checks and use case coverage mapped to control frameworks and business services. Implement and develop threat monitoring use cases taken from threat intelligence sources Produce clear technical documentation Assess existing threat monitoring rules with a focus on changing threat landscape and technologies Document appropriate detection, containment and response strategies to meet business needs Pre More ❯