51 to 75 of 311 Threat Modelling Jobs in the UK

IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

IR35: Inside Work structure: Remote Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective security … years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and cryptography Nice to have: Certifications (CISSP More ❯

data pipelines to model deployment. Key Responsibilities Architect and implement security controls for AI/ML systems, data pipelines, and CI/CD processes. Conduct security risk assessments and threat modelling on AI/ML workflows. Drive secure coding practices and integrate security into MLOps/DevOps pipelines. Address challenges such as adversarial attacks, data poisoning, and prompt … Essential Experience & Skills Proven experience as a Security Architect with direct focus on AI/ML security. Strong knowledge of AI/ML technologies, frameworks (e.g. TensorFlow, PyTorch), and threat landscapes. Background in development or data science is highly advantageous. Expertise in secure development practices and cloud-native architectures. Hands-on experience with threat modelling, adversarial testing … . Excellent stakeholder communication and collaboration skills. Desirable Experience working on large-scale data or AI projects in regulated sectors. Exposure to the MITRE ATLAS framework or similar AI threat knowledge bases. Esther Urtecho Senior Delivery Consultant London | Bristol | Amsterdam More ❯

customers go about their daily job of protecting their communities and saving lives. You will refine our application design and protection using offensive security techniques like design assessment, research, threat intelligence, threat modelling, and controls optimization. You will conduct security assessments of our applications, identify issues, and help address them early in the development cycle. You'll … systems and applications. Conduct internal security assessments of APIs and Cloud infrastructure, validate controls, design across our estate, and lead remediation activities prioritization. Enhance Secure Development by contributing to threat modelling, risk assessment, evolving Secure Coding Guidelines, and maintaining core security controls like SAST and DAST deployments. Provide technical support with risk assessments on PHI, and steering improvements … our environment in line with common standards such as NIST. Support External Penetration Testing and application vulnerability efforts, delivering assessments and prioritizing remediation activities across the organization. Be across Threat Intelligence relevant to our industry and geographic regions, and translating that to real world defenses for us as an organization. Work collaboratively cross-team, to impart your expertise across More ❯

applications and cloud-native services within AWS. Develop and enforce DevSecOps principles by integrating security into CI/CD pipelines. Lead efforts in application security, including secure coding practices, threat modelling, and vulnerability assessments. Architect and manage IAM policies, roles, and permissions across AWS resources. Guide development teams on security best practices related to AWS security services such … in AWS security services, including IAM, KMS, GuardDuty, Security Hub, and AWS WAF. Strong understanding of Terraform, AWS CloudFormation, or similar. Hands-on experience with cloud security monitoring and threat detection. Familiarity with Kubernetes, AWS EKS, Docker. More ❯

applications and cloud-native services within AWS. Develop and enforce DevSecOps principles by integrating security into CI/CD pipelines. Lead efforts in application security, including secure coding practices, threat modelling, and vulnerability assessments. Architect and manage IAM policies, roles, and permissions across AWS resources. Guide development teams on security best practices related to AWS security services such … in AWS security services, including IAM, KMS, GuardDuty, Security Hub, and AWS WAF. Strong understanding of Terraform, AWS CloudFormation, or similar. Hands-on experience with cloud security monitoring and threat detection. Familiarity with Kubernetes, AWS EKS, Docker. More ❯

development teams to apply secure-by-design principles, ensuring security is embedded throughout the product lifecycle. Key Responsibilities Define and integrate security requirements into the product development lifecycle. Perform threat modelling, risk assessments, and implement appropriate mitigation strategies. Advise on solution architecture to minimise security risks and ensure compliance with security standards. Collaborate with product teams to ensure … Secure by Design principles, and MOD-specific guidelines (e.g., JSP, Def Stan 05-138/139). Familiarity with HMG security principles and assurance frameworks is advantageous. Comfortable using threat modelling tools and implementing mitigation strategies. Experience with NIST standards. (this is an absolute must) Key Competencies Strong communicator with the ability to present complex information clearly and More ❯

company’s information security strategy and operations. You’ll play a key role in ensuring the organisation’s hybrid cloud environment is secure, compliant, and resilient against an evolving threat landscape. Key Responsibilities Strategic Leadership Develop and maintain the Information Security Strategy aligned with IT and wider business goals Build and implement policies, procedures, and board-level metrics to … organisation’s Cyber Risk Management Framework Drive a security-aware culture across departments through training, communication, and engagement Operational Security Oversight Support architectural decisions and strengthen the company’s threat modelling approach Lead incident response efforts and run simulations, red team exercises, and readiness activities Conduct proactive assessments of emerging threats and implement mitigation strategies Oversee vulnerability management More ❯

and recommend security tools, services and configurations to strengthen cloud security posture. Ensure compliance with security standards and frameworks such as ISO 27001, NIST, CIS, GDPR and others. Lead threat modelling, risk assessments, and security reviews for GCP infrastructure and applications. Define and enforce Identity and Access Management (IAM) policies, including roles, permissions and service accounts. Implement and More ❯

Conduct risk assessments, identify vulnerabilities, and implement mitigation measures. Integrate secure coding practices into the software development lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence More ❯

Conduct risk assessments, identify vulnerabilities, and implement mitigation measures. Integrate secure coding practices into the software development lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence More ❯

and recommend security tools, services and configurations to strengthen cloud security posture. Ensure compliance with security standards and frameworks such as ISO 27001, NIST, CIS, GDPR and others. Lead threat modelling, risk assessments, and security reviews for GCP infrastructure and applications. Define and enforce Identity and Access Management (IAM) policies, including roles, permissions and service accounts. Implement and More ❯

AZ-305, AZ-104, AZ-900 or corresponding AWS certifications). Comprehensive experience with databases (in the cloud and on-premises) and practical programming skills. Experience in master data modelling and classification of data. Knowledge of SAP Business Warehouse and Master Data Management. Experience with integration patterns and methods like REST, JSON, XML or SOAP web services. Knowledge of … SSO, RBAC, MFA in Azure AD and other modern authentication concepts. Up-to-date knowledge of cybersecurity threats, current best security practices, threat modelling and risk mitigation techniques. Ability to define Minimum Viable Products (MVPs) and experience delivering them rapidly and with a high rate of IT consumer adoption. Be an advocate of the DevOps & Agile culture and More ❯

and maintaining non-containerised solutions Proficient in a common programming language (Python or PHP is a bonus) Oracle of security concepts such as best configuration practices, risk mitigation techniques , threat modelling, incident reporting, Infosec and ISO27001 Cool as a cucumber with Linux and Command-Line Interfaces Extraordinary understanding of networking Shiny DevOps/Cloud certifications as an added More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations, including technical understanding. Scoping and managing security verification and validation activities and remedial action plans. Coordinating with product engineers, system architects More ❯

is a technical, hands-on role that will work with a variety of security tools and technologies protecting our whole enterprise. You will be responsible for managing our Cyber Threat Intelligence (CTI) research and Threat Hunting activities, the entire lifecycle of our detection rules repository and SOC automation stack. You will be responsible for the technical evolution of … a team who live and breathe cyber security and to work for a company with great products and technologies around the globe. HOW YOU WILL CONTRIBUTE TO THE TEAM * Threat Analysis - Leverage the organization’s CTI provider as a strategic asset , not just a data source-integrating external intel with internal context to assess real impact and relevance. Conduct … in-depth analysis of cyber threats (APT groups, malware campaigns, zero-days, etc.) and assess their relevance to Airbus operations, especially the aerospace and defense-related. Translate complex threat data into clear, actionable intelligence for technical and non-technical stakeholders. Produce regular and ad hoc threat intelligence reports , briefings, and dashboards tailored to specific business units or leadership More ❯

Technical Leadership: Design, develop, and optimize scalable, secure, and compliant software solutions for medical devices and connected health applications. Ensure adherence to IEC 62304, FDA, and cybersecurity regulations, addressing threat modeling, secure coding practices, and risk management. Work with cross-functional teams to architect cloud solutions, ensuring performance, scalability, security, and compliance. Implement cloud-native architecture, microservices, and containerization … ensuring seamless data flow. Cybersecurity & Compliance Ensure secure software development practices in compliance with FDA, IEC 62304, and ISO 27001. Implement identity management, authentication, and data encryption strategies. Conduct threat modeling, vulnerability assessments, and penetration testing. Address cybersecurity challenges in connected medical devices and healthcare IoT. Unit Testing, Quality Assurance & Documentation Implement automated testing frameworks for backend, frontend, and More ❯

environment. Develop Custom Security Tooling: Contribute to the creation and maintenance of in-house tools that enhance our security capabilities and automation. Product Security Support: Assist in security assessments, threat modeling, and penetration testing, working closely with the Product Security team. Secure Development Lifecycle: Help implement and improve security gates within the SDLC. Adapt & Collaborate: Be prepared to dive … into any emerging security challenges. We're a small team with big responsibilities, and flexibility is key. Investigate and triage security alerts, manage security incidents. Gather, curate and communicate threat intelligence. Support and advise business stakeholders in relation to cyber security issues. Generate reports for both technical and non-technical staff and stakeholders. What you bring: At least More ❯

leads our Technical Assurance team. easyJet is overseen by 3 Aviation Regulators, each with their own cyber security control expectations, along with legal compliance requirements and a changing cyber threat landscape. The Technical Assurance team is responsible for overseeing easyJet’s strong cyber security posture. We help functions adopt and improve control adoption as required and set the guardrails … and systems, working with Digital Safety, Data Teams, IT operations and our IT teams to minimise data breaches or data leaks. Working with the Cyber Architecture to validate the threat models produced as part of the project design process. Conduct security assessments and work with Digital Safety Risk function to raise identified cyber risk into the risk management process. More ❯

guidelines. Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines (e.g., IaC scanning, secrets detection). Perform regular cloud security assessments, misconfiguration checks, and threat modeling. Monitor infrastructure for vulnerabilities, misconfigurations, and anomalous activity. Lead incident response planning and contribute to business continuity efforts. Work closely with AppSec, GRC, and IoT teams to ensure More ❯

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud … Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and … associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience More ❯

Threat Modelling Engineer - GCP (Senior Associate, Technology) Job Description As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud … Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact •Conduct thorough threat modeling exercises utilizing established methodologies and frameworks •Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. •Manage the lifecycle of identified threats and … associated controls, ensuring timely updates and adjustments as necessary. •Deliver comprehensive threat models and related tasks within specified timeframes. •Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. •Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience More ❯

I am hiring a Lead DevSecOps Consultant on behalf of an exciting consultancy specialising in specialising in cyber security solutions. Their expertise includes risk and threat assessments, ensuring robust security measures for existing and new technologies. They promote a security-focused mindset within DevOps teams, coordinate penetration testing, and document security risks. They foster effective teamwork and manage client … Guide your team in creating forward-thinking approaches to security for various projects, integrating cutting-edge technologies to establish resilient and efficient practices. Proactive Risk Management -Perform assessments and modelling to identify potential threats and implement tailored safeguards for projects and clients. Collaborative Engagement and Leadership - Enhance security awareness and help to develop both the technical and soft skills … Essential: Minimum of 3 years experience in team leadership within cyber security Minimum 5 years experience in DevSecOps or a similar technically focused role Strong leadership skills Expertise in Threat Modelling Strong knowledge of Cloud and Infrastructure Security Experience with compliance of Frameworks and Standards such as ISO 27001, NIST, GDPR etc. Solution oriented mindset Strong interpersonal skills More ❯

is embedded throughout the SDLC. Main Responsibilities: Define and enforce secure architecture standards and frameworks across web, mobile, and cloud-native applications. Provide security guidance throughout product development, including threat modeling, secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static … for this role, you should have: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. More ❯