76 to 100 of 202 Threat Modelling Jobs in the UK

with IaC tools and automating security controls and processes. The role requires the applicant to hold and maintain Developed Vetting (DV) UK Security Clearance. Preferred qualifications: Experience leading comprehensive threat modeling exercises and conducting detailed risk assessments to identify and prioritize security vulnerabilities across the platform. Experience securing modern cloud-native architectures, including containerization technologies (e.g., Kubernetes, Docker) and More ❯

RAG pipelines, agentic workflows and document intelligence systems Embed cybersecurity and data privacy controls across all AI workflows (e.g., encryption, anonymisation, access logging) Collaborate with the CISO function on threat modeling, security reviews, and AI-specific control design. Integrate with enterprise IAM systems, enforcing RBAC, least privilege Conduct vulnerability scans, pen-test remediation, and support internal and regulatory audits More ❯

RAG pipelines, agentic workflows and document intelligence systems Embed cybersecurity and data privacy controls across all AI workflows (e.g., encryption, anonymisation, access logging) Collaborate with the CISO function on threat modeling, security reviews, and AI-specific control design. Integrate with enterprise IAM systems, enforcing RBAC, least privilege Conduct vulnerability scans, pen-test remediation, and support internal and regulatory audits More ❯

emerging threats associated with the product line you are managing and any dependencies; Act as the interface between CSIRT and Product teams as part of security incident activities; Deliver threat modelling and hunting to identify vulnerabilities in product design and provide control recommendations to mitigate those risks; Engage in architecture and design reviews to ensure product alignment with … and regulatory standards that may impact product implementations; Support the engineering of control solutions where existing offerings are not available; Provide security expertise during incident and problem management. Produce threat intelligence briefings and other work products to share information across the organisation Respond to ad-hoc requests for platform security related guidance This role may require some overnight, weekend More ❯

work across architecture, engineering, and compliance teams to ensure secure-by-design principles are embedded throughout the Azure environment. Key Responsibilities: Design and implement secure Azure cloud architectures Lead threat modelling, risk assessments, and security reviews Define and enforce cloud security policies and governance Integrate security into CI/CD pipelines and DevOps practices Provide guidance on Azure More ❯

Please be aware that RRP is non contractual and subject to review. Main duties of the job As a Senior Cyber Security Advisor, you will: Conduct security assessments and threat modelling, articulate cyber risk and recommend mitigating controls to ensure systems are designed securely. Provide specialist cyber security guidance aligned to NHSE security policy and industry best practice More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations, including technical understanding. Scoping and managing security verification and validation activities and remedial action plans. Coordinating with product engineers, system architects More ❯

guidelines. Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines (e.g., IaC scanning, secrets detection). Perform regular cloud security assessments, misconfiguration checks, and threat modeling. Monitor infrastructure for vulnerabilities, misconfigurations, and anomalous activity. Lead incident response planning and contribute to business continuity efforts. Work closely with AppSec, GRC, and IoT teams to ensure More ❯

develop creative network solutions to address security challenges. Security and Firewall Management: Manage firewall configurations for the CyberEnergianetwork based on operational requirements. Develop and implement network security tools, produce threat models, and assess risks around existing configurations. Provide subject matter expertise on network security, firewalls, and industry best practices. Document and formalize security processes. Automation and Infrastructure Management: Drive More ❯

security controls across architecture, infrastructure and code (AWS Serverless, CDK/SST, React/TypeScript). Shift security left. Embed SAST/DAST, IaC scanning, secure coding standards and threat-modeling into every stage of our CI/CD pipeline. Own compliance & audits. Run our Vanta instance end-to-end (SOC 2 Type II, ISO 27001, GDPR, etc.) and More ❯

are fundamental to providing industry-leading customer service. About the Cyber Security Engineer role. The role of our Cyber Security Engineer involves discovering system vulnerabilities via penetration testing or threat modelling, working with DevOps, IT and compliance teams to enforce policies, responding to security incidents, and evolving defences to meet shifting risks. Key responsibilities include: Monitor Networks and … Systems: Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits to ensure that systems and networks are operating securely. Security Tools Implementation: Recommend and implement security tools to enhance More ❯

and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills Expertise in detection engineering, threat hunting, or a related Cyber Security field. Proficiency in Sentinel, KQL, XDR and Splunk is required. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and/or cloud-native security services (e.g. AWS GuardDuty … GCP Chronicle). Ability to create and iterate on detection content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

glance Do you have an overview over cybersecurity and can you translate this in practical solutions? As a security strategist for ICS you have the overview of both the threat landscape and the implementation of the current security. You work with many different teams such as the MT IT, the CISO teams (Security Governance, Security Operations &Card Security), IT … Identity and Access Management, Network Security Design, Application. Security, Security Monitoring, Cloud (Azure/AWS/GCP) and hybrid environments). Experience in implementing Zero Trust principles. Experience in threat modelling and conducting risk assessments. Deep knowledge of encryption, key management. Certified in TOGAF/SABSA We are offering We offer you the opportunity to be the best More ❯

securing cloud-first strategies, ensuring robust architecture and compliance across a complex digital estate. Key Responsibilities Design and implement secure Azure architectures aligned with business and regulatory requirements. Lead threat modelling, risk assessments, and security reviews across cloud and hybrid environments. Collaborate with engineering, DevOps, and compliance teams to embed security best practices. Define and enforce security policies More ❯

SLAs and KPIs Drive secure architecture standards and embed security controls into DevOps pipelines Oversee implementation and optimisation of security tooling (SAST, DAST, SCA, container security) Champion secure coding, threat modelling, and DevSecOps maturity improvements Manage budgets, profitability, and resource utilisation for your function Mentor and develop high-performing engineering and testing teams Key Responsibilities Support sales with More ❯

SLAs and KPIs Drive secure architecture standards and embed security controls into DevOps pipelines Oversee implementation and optimisation of security tooling (SAST, DAST, SCA, container security) Champion secure coding, threat modelling, and DevSecOps maturity improvements Manage budgets, profitability, and resource utilisation for your function Mentor and develop high-performing engineering and testing teams Key Responsibilities Support sales with More ❯

NIST. Implement third-party security tools and assist in incident response, working with the CSOC team on Cloud threats and events. Build and enforce Cloud-native security tools, conduct threat modelling, and architectural reviews to improve security practices. Support risk, compliance, and governance initiatives, promote Cloud security, and identify platform improvements. Map attack paths and lead the implementation More ❯

cybersecurity and data privacy controls across all AI workflows, including encryption, anonymisation, and access logging. Collaborate with CISO: Work closely with the Chief Information Security Officer (CISO) function on threat modelling, security reviews, and AI-specific control design. Enterprise Integration: Integrate with enterprise Identity and Access Management (IAM) systems, enforcing Role-Based Access Control (RBAC) and least privilege More ❯

cybersecurity and data privacy controls across all AI workflows, including encryption, anonymisation, and access logging. Collaborate with CISO: Work closely with the Chief Information Security Officer (CISO) function on threat modelling, security reviews, and AI-specific control design. Enterprise Integration: Integrate with enterprise Identity and Access Management (IAM) systems, enforcing Role-Based Access Control (RBAC) and least privilege More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

succeed in this role Deep experience in Azure infrastructure (with IaC using Bicep, ARM, or Terraform) Hands-on knowledge of DevSecOps tooling and techniques (CI/CD, secrets management, threat modelling) Experience implementing security standards across cloud and hybrid environments Familiarity with container security ( e.g. Docker, Kubernetes) A strong understanding of compliance frameworks such as ISO 27001 and More ❯

of experience in cloud or information security. Proven experience securing Google Cloud Platform (GCP) environments. Strong understanding of cloud security principles and native controls. Experience with incident response and threat modelling. Relevant certifications such as: Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) Key Attributes Strong verbal and written communication skills. More ❯

of experience in cloud or information security. Proven experience securing Google Cloud Platform (GCP) environments. Strong understanding of cloud security principles and native controls. Experience with incident response and threat modelling. Relevant certifications such as: Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) Key Attributes Strong verbal and written communication skills. More ❯

scale, with a strong focus on SCA and SAST; Contribute to the selection, evaluation, and implementation of other application security tools and processes as needed; Participate in security reviews, threat modeling, and architecture discussions to identify and mitigate security risks early in the development process; Advise on secure coding guidelines and standards. Operational Excellence: Establish and report on key More ❯

security controls across architecture, infrastructure and code (AWS Serverless, CDK/SST, React/TypeScript). Shift security left. Embed SAST/DAST, IaC scanning, secure coding standards and threat-modeling into every stage of our CI/CD pipeline. Own compliance & audits. Run our Vanta instance end-to-end (SOC 2 Type II, ISO 27001, GDPR, etc.) and More ❯