26 to 50 of 242 Threat Modelling Jobs in the UK

draw upon Enterprise Security Architecture or Security Solutions Architecture to: Identify business objectives, user needs, risk appetite and cyber security obligations Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/… of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than … practice within Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security More ❯

security strategies aligned with industry standards and best practices, ensuring all systems are secure by design. Risk Management: Assess risks, identify vulnerabilities, and create threat models for new and existing systems to prioritize security controls. Compliance and Governance: Ensure solutions comply with regulatory and organizational security standards (e.g., NIST More ❯

Key Responsibilities: Conduct external scans, assess public-facing infrastructure, and proactively identify vulnerabilities. Define and implement technical security controls aligned with governance policies. Support threat modelling and threat hunting initiatives within a largely AWS environment. Contribute to the design and development of a new SIEM product. Provide … no requirement to integrate with dev teams). Comfortable operating as a solo security engineer and working across multiple teams. Previous involvement in SIEM, threat hunting, or security design is a plus. Please apply for more information or reach out directly for a confidential chat. More ❯

and technical operations, ensuring resilient and secure environments. Cloud Security Operations : Securely manage Azure, M365 & AWS security operations, implementing comprehensive security policies and initiatives. Threat Detection & Response : Leverage CrowdStrike and other EDR/XDR solutions to monitor, analyse, and respond to security threats. Identity & Access Management (IAM) : Design and … Architecture: Proven track record in designing and implementing security architectures in complex environments. Risk Management: Ability to identify and mitigate security risks; knowledge of threat modelling and frameworks such as MITRE ATT&CK, CIS, and OWASP. Analytical Skills: Strong problem-solving abilities to translate business requirements into technical … security in cloud environments. Security tooling: experience in any of the following; (Wiz, CrowdStrike, Proofpoint, BitSight, Akamai, CATO) Experience with security engineering, incident response, threat hunting, or digital forensics. Preferred Qualifications: Relevant cybersecurity certifications such as CISSP, CISM, CEH, Microsoft Security Certifications, AWS Security Specialty. Knowledge of ITIL. What More ❯

and associated processes. Help drive a robust security posture for a large, complex organisation, trading globally within a constantly evolving IT and information security threat environment. Impact of Role Implement governance framework to enable enforcement and management of IT and cyber policies across all JD entities. Help drive good … understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and risk management methodologies. Experience with controls development and management tools, and familiarity with security controls, threat modelling, and vulnerability management. Experience of third-party risk management. Knowledge of regulatory requirements and compliance frameworks (e.g., GDPR, ITGC, PCI-DSS, etc More ❯

and vulnerability management to protect critical systems. Design, implement, and maintain security architectures and frameworks aligned with government standards. Lead and support risk assessments, threat modelling, and incident response initiatives. Work closely with stakeholders to ensure compliance with NCSC and other relevant security policies. Develop and deliver security … technical expertise in areas such as network security, endpoint security, cloud security, and secure system architecture. Experience in penetration testing, vulnerability management, and cyber threat intelligence. Solid knowledge of security technologies such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR). Strong understanding of risk More ❯

the first steps in engaging our clients, helping to influence the board and CxO with top-down buy-in and understanding. Providing insight for threat modelling, risk management and security overlay approaches by conducting security maturity assessments. Providing a business understanding of technical domains and tailoring these to More ❯

Produce clear documentation for templates, decisions, re-usable patterns, and security rationales. Technical Expertise Required: Strong understanding of enterprise security services including: Penetration testing Threat modelling Logging & monitoring Vulnerability management Incident response Excellent stakeholder engagement and communication skills. Solid documentation and governance capabilities. Proven ability to manage competing More ❯

Required Skills & Experience Proven experience in security testing for web applications, APIs, and cloud environments. Strong knowledge of OWASP Top Ten, CVE vulnerabilities, and threat modeling techniques . Hands-on experience with security testing tools such as OWASP ZAP, Burp Suite, Nessus, Metasploit, Nikto, or equivalent . Experience in More ❯

Expertise in IT infrastructure architecture (eg networks, servers, storage, virtualisation), application architecture (eg integration, APIs, data), and cyber security architecture (eg identity & access management, threat modelling, security controls). Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. Proven experience leading More ❯

not only protect our business objectives and regulatory requirements but also provide innovative solutions to stay ahead of emerging threats. Conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design. Implementation within a Service More ❯

ISO 42001, NIST 800-53, NIST 600-1 or PCI-DSS. Experience and/or certification in AWS products and services. Experience in threat modeling, secure coding, identity management and authentication, cryptography, Responsible AI and hands-on technical expertise in building security capabilities in code and deploying infrastructure as More ❯

of designing, developing, and maintaining secure Azure cloud architectures that meet stringent business and compliance requirements. Your role will involve leading security reviews and threat modeling activities for cloud-based solutions, implementing robust Azure-native security controls such as Microsoft Defender for Cloud, Sentinel, Key Vault, Azure Policy, and More ❯

and services, with a focus on ensuring the security of gas operations Define and document security architecture blueprints for new systems and applications, including threat modelling and risk assessments Establish security standards, best practices, and design patterns to support cloud, physical and operational technologies Collaborate with development teams … into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with More ❯

and services, with a focus on ensuring the security of gas operations Define and document security architecture blueprints for new systems and applications, including threat modelling and risk assessments Establish security standards, best practices, and design patterns to support cloud, physical and operational technologies Collaborate with development teams … into application design Lead security architecture reviews and provide expert technical guidance on complex security challenges Keep up-to date with the latest security threat assessment frameworks such as OWASP, MITRE ATT&CK Assess security posture against industry regulations and compliance requirements Identify and mitigate security risks associated with More ❯

with Cloud Platform Engineers, DevX and Product Engineering to ensure security requirements are integrated into system designs and technology choices from the outset. Perform threat modelling exercises for cloud-native applications, microservices, and infrastructure components. Manage internal and external penetration testing engagements for Funding Circle applications, services, and … security, providing guidance and mentorship to other engineers. Contribute to the incident response planning for complex cloud and application security events. Proactively monitor the threat landscape, evaluate emerging cloud security risks and trends, and translate them into actionable security improvements. What we're looking for Significant (3+ years) hands More ❯

security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous … Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can More ❯

of products and components. Examples of the tasks, include, but are not limited to; assessment to latest cybersecurity standards, penetration testing (IoT and WebApp), threat modelling, firmware investigation, code analysis etc. This service will be provided to external clients, who will predominantly be manufacturers of wired and wireless … related controls (encryption, digital signatures, secure boot, access control, password management). Understanding how to implement security activities such as vulnerability and patch management, threat intelligence etc. Hands-on practical knowledge with reverse engineering and/or vulnerability testing tools and techniques. Experience in common scripting languages such as More ❯

application landscapes. What you’ll need: 3+ years in a security architecture or cyber consulting role Deep knowledge of enterprise security services – Pen Testing, Threat Modelling, Logging, Vulnerability Mgmt, and Incident Response Proven ability to produce secure design templates and influence technical direction Excellent communication, stakeholder management, and More ❯

solutions, integrating security measures throughout the life cycle, from data ingestion to model deployment. Skills and Qualifications: Security Expertise: Strong understanding of cybersecurity principles, threat modelling, vulnerability assessment, and penetration testing. Cloud Computing: Familiarity with cloud platforms (AWS, Azure, GCP) and their security features. Data Privacy and Compliance More ❯

and implement mitigation measures. Integrate secure coding practices into the software development lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/ More ❯

and implement mitigation measures. Integrate secure coding practices into the software development lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/ More ❯

are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or More ❯

years of experience in system, network or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ) Experience with designing and administering identity management (authentication More ❯

Key Responsibilities: Overseeing, educating and assessing the implementation of Digital Safety policies and security standards. Safeguarding company data throughout all processes and systems. Validating threat models produced as part of the project design process. Conducting security assessments and raising identified cyber risks into the risk management process. Identifying control More ❯