51 to 75 of 205 Threat Modelling Jobs in the UK

from the ground up. Strategy Formulation: Develop and update the security architecture strategy, ensuring alignment with business goals and compliance with industry standards. Risk Management: Perform detailed risk assessments, threat modeling, and vulnerability analyses to guide security architecture decisions. Implementation Oversight: Oversee the implementation of security controls, ensuring they are effective and scalable across our infrastructure. Technology Leadership: Lead More ❯

proactive Detection and Response Engineer and play a pivotal role in safeguarding our organisation against cyber threats! What you'll do Design, code and operationalise detection rules based on threat models and intelligence Fine-tune detection rules and monitor their performance Support detection automation and playbook editing Conduct proactive threat hunting and threat modelling Perform cyber … our journey and you will too. What you'll need Previous experience of working in a cyber security operations context Ability to analyse security logs and events Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs) An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence More ❯

an ad-hoc basis until the move has been completed Maintain Nessus vulnerability management, update systems, run scans and provide reports Cover email security using Mimecast Enterprise Real world threat modelling and incident response (mainly L3/L4 when required) Make suggestions and influence various areas of the business/group from a security perspective Automate tasks and … ideal) Microsoft Defender for EDR/XDR/MDR Nessus for vulnerability management Mimecast for email security SCCM/Intune for patch management L3/L4 Incident Response experience Threat Intelligence/modelling experience Automating tasks using PowerShell, Python etc What’s in it for you? In return you’ll be joining a well established organisation at an More ❯

of experience in security architecture to shape and secure cloud environments at scale. Key Responsibilities Architect secure, scalable cloud solutions on AWS aligned with business and compliance needs. Conduct threat modelling, risk assessments, and security reviews across cloud-native platforms. Collaborate with DevOps, engineering, and compliance teams to embed security best practices. Define and maintain security policies, standards More ❯

effectiveness. Deliver security architecture for cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What You'll Bring Prior and proven experience More ❯

effectiveness. Deliver security architecture for cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What You'll Bring Prior and proven experience More ❯

should have at least 3 years of experience in system, network or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement More ❯

with architecture frameworks like TOGAF or SABSA. Excellent problem-solving and communication skills - you can talk tech with techies and translate for everyone else. Experience leading risk assessments and threat modelling. A collaborative spirit and a proactive approach to security. Why PPG? Join a collaborative, supportive environment where your work makes a meaningful difference. We tackle exciting projects and More ❯

Significant experience in Financial Services or Insurance, including PCI-compliant environments. Expert knowledge of network and cloud security using Azure, Hands-on experience with application security, data protection, and threat modelling. Confident communicator, able to influence across technical and business functions. Track record in risk assessment, vulnerability management and secure architecture delivery. Knowledge of DevSecOps, SIEM, IAM, DLP, and More ❯

The Role We are seeking a seasoned Senior Cyber Security Consultant with a background in SOC engineering tools plus one of Cloud Security, Identity and Access Management (IAM) or Threat Modelling. In this role, you will work with cross-functional teams to deliver cutting-edge security solutions that address the evolving threat landscape, helping organisations to safeguard their … and other monitoring tools. Provide technical guidance to engineering teams on secure design and implementation. Develop playbooks and automation scripts to enhance SOC efficiency and incident response capabilities. Integrate threat intelligence feeds into SOC workflows for real-time monitoring and response. Conduct regular tool performance reviews and implement upgrades or replacements as necessary. Skills Extensive experience in SOC tools … engineering plus one of Cloud Security, Identity & Access Management (IAM) or threat modelling. Hands-on experience with SOC tools, including SIEM, SOAR and EDR solutions. Strong experience in securing cloud platforms (AWS, Azure, GCP) and understanding of their native security services (preferred). Knowledge of IAM principles, tools (e.g., Okta, Azure AD, CyberArk), and frameworks (preferred). Proficiency in More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and drive remediation. - Communicate technical findings clearly to both technical and executive audiences. - Influence security architecture and product design through early More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and drive remediation. - Communicate technical findings clearly to both technical and executive audiences. - Influence security architecture and product design through early More ❯

and respond to evolving cyber threats. What You'll Do Design and implement secure software solutions, applying security-by-design principles and recognised standards (ISO 27001, NIST). Conduct threat modelling, code reviews, vulnerability assessments, and penetration tests to identify and mitigate risks. Respond to security incidents, perform root cause analysis, and enhance incident response capabilities and documentation. … Skilled in using vulnerability assessment and penetration testing tools (e.g. Nessus, Burp Suite) Familiarity with security frameworks (ISM, PSPF, ISO 27001) and tools like SIEM, IDS/IPS, and threat intelligence platforms Excellent problem-solving, communication, and collaboration skills, with strong attention to detail and a proactive mindset We welcome applications from candidates with entry-level experience or recent More ❯

development and testing offerings. o Represent the function in client engagements, pre-sales discussions, and technical assessments. o Design and present tailored solutions based on customer-specific challenges and threat landscapes. o Collaborate on statements of work (SOWs) and influence product roadmaps. * Service Delivery Assurance o Oversee performance and quality of services delivered, ensuring SLA and KPI compliance. o … exposure, and accelerate secure delivery. o Collaborate with enterprise architects, engineering leads, and product owners to ensure security is embedded from ideation through to deployment and maintenance. o Champion threat modelling and secure design practices, ensuring development teams proactively identify and mitigate risks during the design phase. o Mentor and upskill engineering teams on secure coding, architectural risk More ❯

of Azure and Microsoft 365 cloud security controls and best practices. Deep understanding of cloud security architecture , the shared responsibility model, and infrastructure-as-code security principles. Experience with threat modelling, incident response, and forensic analysis in cloud environments. Familiarity with container security, Kubernetes, and hybrid or multi-cloud deployments is advantageous. Preferred certifications: Google Professional Cloud Security More ❯

and services. Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS). Knowledge of security technologies such as firewalls and web proxies; experience with ZTNA, CTI, and threat modelling is beneficial. Excellent communication and interpersonal skills. Ability to work effectively in a team-oriented environment. Strong problem-solving and analytical skills. Capacity to manage multiple projects More ❯

network security, cryptography, firewalls, VPNs, and security protocols ️ Familiarity with cloud security solutions (AWS, Azure, GCP) and security technologies (IDS/IPS, SIEM, DLP) ️ Strong experience with risk management, threat modeling, and security architecture frameworks ️ Certifications such as CISSP, CISM, TOGAF, or equivalent are highly preferred More ❯

including hiring, mentoring and performance management Defining and delivering the security engineering roadmap aligned to technology strategy and enterprise risk appetite Developing talent in line with G-Research values, modelling leadership behaviours, coaching teams to their strengths and fostering a supportive environment Security architecture and engineering Driving secure design and implementation across on-premises and cloud environments Overseeing advanced … security capabilities such as endpoint protection, identity and access management, encryption, network and application security Leading threat modelling and vulnerability management efforts Governance, risk and compliance Aligning security engineering with internal controls, regulatory obligations and industry best practice Supporting audits, assessments and compliance initiatives in collaboration with the CTO, operations and engineering teams Incident response and resilience Contributing … and care for others Preferred Professional certifications such as CISSP, CISM or GIAC. Exposure to privacy regulations, such as GDPR and CCPA, and financial compliance requirements Experience with insider threat programs, data loss prevention (DLP) and zero-trust security models Behavioural Competencies Strategic mindset with a hands-on approach to execution Strong interpersonal and stakeholder engagement skills High level More ❯

the enterprise-wide security architecture blueprint across corporate and product domains. Drive the Trainline Zero Trust initiative, spanning identity, device, network, and application layers. Lead secure design reviews and threat modelling for key product and infrastructure initiatives. Develop reference architectures and reusable security design patterns. Collaborate with the IAM Engineer to architect enterprise identity and access management Enforce … secure configurations across SaaS, endpoint, and MDM platforms (e.g., CrowdStrike, Jamf, Intune). Evaluate and guide SaaS tool usage, integrations, and risk mitigation. Design and maintain DLP, insider threat, and device posture enforcement capabilities. Collaborate with product and platform engineering teams to embed security into the SDLC and CI/CD. Define security controls for cloud-native services in More ❯

stakeholders to implement during early in system development life cycle Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals. Provide security recommendations including automated controls, configurations on projects, processes, risk exceptions, corrective action … Additional technical certifications are preferred Demonstrated ability to research and apply current information regarding the IS field Consistently demonstrates clear and concise written and verbal communication Proven analytical skills Threat modelling using industry standard methodologies (e.g. STRIDE/DREAD) Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls Security architecture assessments for one More ❯

and data teams. Collaborating with Cloud and Application Security Engineers to embed security throughout system lifecycles. Partnering with technical and data architects to ensure architectural alignment and integration. Leading threat modelling activities and ensuring outputs are reflected in system designs. Ensuring our security architecture, and the controls that implement it, align to the threats we face and our … Kubernetes Service) and data platforms (e.g. Databricks, Snowflake, Dagster). Proven understanding of security risk management. Excellent understanding of common security controls, in particular cloud security controls. Understanding of threat modelling. Knowledge of ISO 27001 and other commonly used security standards. Understanding of modern cloud technologies. Exposure to Agile working. Ability to translate between technical and non-technical teams. More ❯

best practices, and support enterprise-wide Azure security initiatives. Key Responsibilities Design and implement secure architectures within Microsoft Azure, ensuring alignment with business and compliance requirements. Conduct Azure-specific threat modelling, risk assessments, and security reviews across infrastructure and applications. Collaborate with cloud engineering, DevOps, and compliance teams to embed security into the Azure development lifecycle. Define and More ❯

DevSecOps integration into CI/CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity Champion secure design, threat modelling and coding best practices across engineering teams Partner with sales and business development for pre-sales, client proposals, and solution design Drive financial oversight of the function More ❯

/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre-sales, delivery and review phases Managing financials, resource planning, and service maturity across the Secure SDLC portfolio Acting as escalation More ❯

/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre-sales, delivery and review phases Managing financials, resource planning, and service maturity across the Secure SDLC portfolio Acting as escalation More ❯