76 to 100 of 147 Threat Modelling Jobs in the UK

apps, APIs, and cloud infrastructure. Support penetration testing and help document findings and recommendations. Work closely with developers to learn how to identify and remediate security issues. Contribute to threat modeling and risk assessments under the guidance of senior engineers. Gain practical experience with security testing tools and automation. Stay up to date with emerging application and cloud security More ❯

Risk Treatment Plan, Risk Business Case & Security Management Plan). Experience of implementing vulnerability management processes. Experience of security assurance and the measurement of controls. Experience in risk and threat modelling within a high-threat government environment. More ❯

they expand, theyre seeking a Head of Cyber Security to lead from the front, shaping security strategy across legal, IT, and client-facing systems. Youll define security architecture, lead threat assessments, manage incident response, and ensure compliance with regulatory standards relevant to legal practice. This role offers you a unique opportunity to build a security function in a high … firm. Required Skills: Proven track record in senior security roles (e.g. Head of Security, CISO, or equivalent) Strong technical foundation in cloud security, identity & access management, network security, encryption, threat modelling Hands-on knowledge securing hybrid and cloud infrastructure (AWS/Azure/GCP) Experience building and managing security teams, setting processes (incident response, SOC, vulnerability management) Familiarity More ❯

Knowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS). Familiarity with security technologies such as firewalls, web proxies/remote access solutions. Experience with ZTNA, CTI, threat modelling is beneficial. Bachelor’s degree in information security, Computer Science, or a related field, or relevant industry experience. Relevant security certifications (e.g., CISSP, CISM, CEH) are highly More ❯

developers and data scientists to establish service-level quality metrics and observability hooks. ? Validate services against AI regulatory frameworks and ensure traceability, fairness, and robustness in outcomes. ? Participate in threat modelling and security validation of exposed APIs and AI services. ? Provide feedback early in the lifecycle to reduce defects and improve design. ? Mentor junior testers, encourage continuous learning More ❯

implementation of security solutions, such us SIEM, SOC, IAM, DLP, endpoint protection, and cloud security. Ensure secure architecture design and alignment with enterprise IT strategies. Drive remediation of vulnerabilities, threat modelling, and incident response readiness. Ensure compliance with frameworks and regulations such as ISO 27001, NIST, GDPR, NIS2 and EU Cybersecurity Act. Evaluate and manage third-party vendors More ❯

of multi-disciplinary teams in complex infrastructure environments A strong technical background across Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies Experience with cyber security concepts, such as Threat Modelling, Incident Response, Penetration Testing (external/internal) Advanced knowledge of cloud products and services e.g. Azure, Microsoft 365 Emotionally intelligent and able to recognise and manage the More ❯

Application Insights, Datadog/Grafana) and alerting/response workflows. Understanding of the Microsoft Cloud Adoption Framework, Azure Landing Zones and the Well-Architected Framework. Familiarity with DevSecOps practices: threat modelling, dependency and container scanning, SBOM management, and shift-left security. Comfortable collaborating with software engineers and SREs; able to translate platform capabilities into simple self-service experiences. More ❯

Sign-off on application security prior to live implementation. Collaborate with the architecture and development teams to review the design and code for security vulnerabilities. Embed/improve security threat modeling and secure coding in the development lifecycle. Provide technical specialist advice to ensure that security standards are understood and can be complied with. Monitor and proactively report on More ❯

technology and digital transformation organisation delivering critical projects across energy, water, renewables, and manufacturing. The Senior ICS OT Cyber Security Engineer will secure and optimise industrial control systems, conduct threat assessments, penetration testing, and design technical solutions to mitigate cyber risks. The role involves mentoring junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone … office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT/ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team members and support project delivery. Maintain strong client and stakeholder relationships. Key Requirements More ❯

technology and digital transformation organisation delivering critical projects across energy, water, renewables, and manufacturing. The Senior ICS OT Cyber Security Engineer will secure and optimise industrial control systems, conduct threat assessments, penetration testing, and design technical solutions to mitigate cyber risks. The role involves mentoring junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone … office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT/ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team members and support project delivery. Maintain strong client and stakeholder relationships. Key Requirements More ❯

technology and digital transformation organisation delivering critical projects across energy, water, renewables, and manufacturing. The Senior ICS OT Cyber Security Engineer will secure and optimise industrial control systems, conduct threat assessments, penetration testing, and design technical solutions to mitigate cyber risks. The role involves mentoring junior engineers, collaborating with stakeholders, with occasional travel to client sites and the Stone … office. Key Responsibilities of the Senior ICS OT Cyber Security Engineer: Design and secure OT/ICS networks and cross-domain communications. Conduct threat modelling, vulnerability assessments, and red team exercises. Implement cybersecurity solutions, audit systems, and ensure compliance with relevant frameworks. Mentor junior team members and support project delivery. Maintain strong client and stakeholder relationships. Key Requirements More ❯

Please be aware that RRP is non contractual and subject to review. Main duties of the job As a Senior Cyber Security Advisor, you will: Conduct security assessments and threat modelling, articulate cyber risk and recommend mitigating controls to ensure systems are designed securely. Provide specialist cyber security guidance aligned to NHSE security policy and industry best practice More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

standards (e.g., GDPR, PCI-DSS, SOX). Lead integration efforts with identity providers (IdPs), service providers (SPs), and third-party systems using SAML, OAuth2, OpenID Connect. Conduct security assessments, threat modeling, and performance tuning of ForgeRock AM components. Enable and support product upgrade and engineering aspects for Authentication platform and associated components Provide technical leadership and mentoring to IAM More ❯

other security product like Trivy Experience with cloud computing platforms such as Microsoft Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery More ❯

years of experience in cloud security, particularly with AWS, and at least 2+ years in software development. Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, API gateways, and API Security (authentication and authorization). Proficiency in programming languages such as Python More ❯

solutions that meet client requirements and implement the appropriate tools, technologies & processes to mitigate critical security risks (e.g., system and mobile antivirus software, encryption modules, patch management programs, insider threat protection, incident response plans, forensic capabilities, and regulation compliance). You'll conduct comprehensive attack path analysis and threat modelling, mapping adversary tactics and techniques to industrial … You'll lead and execute advanced penetration testing, red teaming, and adversary simulation exercises within OT/ICS environments, leveraging frameworks such as MITRE ATT&CK for ICS and modelling using Bow-Tie Analysis to proactively identify and exploit vulnerabilities. You'll conduct vulnerability assessments and administrative audits on client computer systems and network devices considering the sensitivity of More ❯

and Design team , working with product and engineering teams to embed security-by-design principles across cloud, DevSecOps, and enterprise technology landscapes. General Responsibilities (Applicable to All Roles) Perform threat modelling , risk assessments, and design reviews across infrastructure and applications. Provide security guidance and governance during project design and delivery phases. Define and document security requirements, controls, and … modern security design for emerging technologies Hands-on experience in Cloud Security Architecture and Design Familiarity with modern software engineering tooling and practices Proven experience producing security designs and threat models Nice to Have: Experience with GCP Security 4. Security Consultant – Payments Platform (Start Date: November) Key Skills Required: Proven experience migrating systems from on-premise to cloud Background More ❯

and Design team , working with product and engineering teams to embed security-by-design principles across cloud, DevSecOps, and enterprise technology landscapes. General Responsibilities (Applicable to All Roles) Perform threat modelling , risk assessments, and design reviews across infrastructure and applications. Provide security guidance and governance during project design and delivery phases. Define and document security requirements, controls, and … modern security design for emerging technologies Hands-on experience in Cloud Security Architecture and Design Familiarity with modern software engineering tooling and practices Proven experience producing security designs and threat models Nice to Have: Experience with GCP Security 4. Security Consultant – Payments Platform (Start Date: November) Key Skills Required: Proven experience migrating systems from on-premise to cloud Background More ❯

have a solid background in Cyber Security, with the following skills and experience: Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners. Experience in SOC operations, incident response, and forensic analysis. Ability to perform triage of security More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯