26 to 50 of 147 Threat Modelling Jobs in the UK

Cyber Security Threat Hunter Edinburgh/Hybrid Working £75,000 - £85,000 + benefits Fantastic new permanent opportunity for an experienced Security Engineer with strong Threat Engineering/Hunting experience required to join this specialist financial services business to help them deliver a range of proactive threat hunting cyber security projects. As a specialist Threat Hunter … you will be responsible for proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and … as part of a team to enhance their security posture. Skills Required: A strong proven background within Cyber Security engineering and at least 2-3 years' experience dedicated to Threat Hunting, Threat Intelligence and Threat Modelling. Proven experience in a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux, macOS More ❯

Cyber Security Threat Hunter Peterborough/Hybrid Working £75,000 - £85,000 + benefits Fantastic new permanent opportunity for an experienced Security Engineer with strong Threat Engineering/Hunting experience required to join this specialist financial services business to help them deliver a range of proactive threat hunting cyber security projects. As a specialist Threat Hunter … you will be responsible for proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and … as part of a team to enhance their security posture. Skills Required: A strong proven background within Cyber Security engineering and at least 2-3 years' experience dedicated to Threat Hunting, Threat Intelligence and Threat Modelling. Proven experience in a SOC, CIRT, or similar security operations environment. Deep understanding of network protocols, operating systems (Windows, Linux, macOS More ❯

UK-based organisations. Advise on compliance with UK regulations (e.g. GDPR, NCSC Cloud Security Principles, ISO 27001). Develop and enforce cloud security policies, procedures, and governance models. Lead threat modelling, risk assessments, and vulnerability management initiatives. Configure and manage security tools such as Google SecOps tooling, Security Command Center, Cloud Armour, and VPC Service Controls. Collaborate with More ❯

and enterprise architecture Work closely with Security Monitoring teams to provide insight and recommendations for operational use cases Provide support and guidance through secure by design competencies (Attack mapping, threat modelling) Conduct vulnerability assessments and coordinate remediation efforts. Collaborate with DevOps and IT teams to integrate security into infrastructure and application design and development lifecycles. Support compliance efforts More ❯

across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct threat modelling, risk assessments, and incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance More ❯

security engineer, you will: Secure CI/CD pipelines and infrastructure-as-code (IaC) deployments across Azure. Lead container, API, and web application security initiatives, including code reviews. Support threat modelling, vulnerability management, and penetration testing activities. Drive logging integration with SIEM tools, enabling SOC monitoring and incident response. Coach engineering teams on cloud security principles and manage More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

and commercial awareness alongside deep technical expertise. Key areas of focus Define and implement enterprise-level AI/ML security strategies, policies, and architectures. Lead on AI risk assessment, threat modelling, and mitigation planning. Ensure compliance with GDPR, the EU AI Act, and international security frameworks (ISO 27001, NIST, TOGAF, SABSA). Build and maintain secure AI architectures More ❯

security into agile development environments Hands-on with cloud platforms and CI/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able More ❯

security into agile development environments Hands-on with cloud platforms and CI/CD pipelines, plus scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able More ❯

with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers and More ❯

strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from data poisoning, model theft, or adversarial More ❯

pentest providers, auditors, and assessors. Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and guide on secure coding practices, threat modeling, and architectural reviews. Instrument automated tooling for CI/CD pipelines to improve visibility of security signals and enforcement. Customer & External Engagement Represent the company’s security, privacy More ❯

and practices into DevOps workflows (SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement secure coding and deployment practices. Provide practical guidance on threat modelling, risk assessments, and vulnerability management. Advise on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes) with a hands-on delivery mindset. Develop, implement, and enforce More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

security tools and practices into CI/CD pipelines (GitHub Actions, Jenkins, GitLab) Automate vulnerability scanning, code analysis, and container hardening Collaborate with developers to design secure architectures and threat models Monitor cloud infrastructure (AWS, Azure, GCP) for misconfigurations and anomalies Lead incident response drills and postmortems Champion DevSecOps culture across engineering and product teams Requirements: 3+ years experience More ❯

you’ll be doing Guiding teams on security best practices, compliance, and secure coding. Collaborating with architects and developers to review designs and code for vulnerabilities. Embedding/improving threat modelling and secure development practices into the SDLC. Designing and integrating security testing plans. Performing and overseeing application security testing and driving remediation. Managing end-to-end vulnerability More ❯

you'll be doing Guiding teams on security best practices, compliance, and secure coding. Collaborating with architects and developers to review designs and code for vulnerabilities. Embedding/improving threat modelling and secure development practices into the SDLC. Designing and integrating security testing plans. Performing and overseeing application security testing and driving remediation. Managing end-to-end vulnerability More ❯