26 to 50 of 144 Threat Modelling Jobs in the UK excluding London

strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from data poisoning, model theft, or adversarial More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

the business. What You’ll Do Policy & Frameworks: Define and maintain security policies, standards, and governance models aligned with ISO 27001, SOC2, and NIST. Risk Management: Lead risk assessments, threat modelling, and vendor security reviews; maintain the company risk register. Monitoring & Detection: Implement and oversee vulnerability management, SIEM, logging, and alerting capabilities. Incident Response: Build and test incident More ❯

you’ll be doing Guiding teams on security best practices, compliance, and secure coding. Collaborating with architects and developers to review designs and code for vulnerabilities. Embedding/improving threat modelling and secure development practices into the SDLC. Designing and integrating security testing plans. Performing and overseeing application security testing and driving remediation. Managing end-to-end vulnerability More ❯

you'll be doing Guiding teams on security best practices, compliance, and secure coding. Collaborating with architects and developers to review designs and code for vulnerabilities. Embedding/improving threat modelling and secure development practices into the SDLC. Designing and integrating security testing plans. Performing and overseeing application security testing and driving remediation. Managing end-to-end vulnerability More ❯

standards and guidelines. Developing organisational strategies that address information control requirements. Identifying and monitoring environmental and market trends and proactively assessing impact on business strategies, benefits and risks. Performing threat modelling and risk assessments to develop a holistic picture of threat. Developing new architectures that mitigate the risks posed by new technologies and business practices. Accurately delivering high More ❯

standards and guidelines. Developing organisational strategies that address information control requirements. Identifying and monitoring environmental and market trends and proactively assessing impact on business strategies, benefits and risks. Performing threat modelling and risk assessments to develop a holistic picture of threat. Developing new architectures that mitigate the risks posed by new technologies and business practices. Accurately delivering high More ❯

The Role As a SOC Detection Engineer, you will design, develop, and maintain high-quality detection content to improve threat visibility and reduce risk across customer environments. You apply expert knowledge of attacker tactics and telemetry sources to create and manage scalable, accurate, and resilient detection rules across SOC platforms. Operating as part of the SOC team, you support … operations by expanding detection coverage, improving rule performance, and collaborating with threat intelligence, incident response, and platform engineering teams to operationalise threat insights. You also contribute to internal process improvement, customer-facing engagements, and knowledge sharing across the wider SOC team. Key Responsibilities Detection Engineering and Delivery – You will develop, test, and deploy detection rules across SIEM, XDR … and other SOC platforms, supporting comprehensive, customer-aligned threat coverage. Lifecycle Management and Optimisation – You will monitor detection performance, tune rules to reduce false positives, and remediate logic or configuration issues caused by changing environments. Post-Incident Gap Analysis – You will perform detection reviews following incidents to identify missed coverage, determine root causes, and improve detection logic or supporting More ❯

assets. Collates, defines, and enforces secure configuration baselines and hardening standards in alignment with organisational security obligations and recognised industry frameworks (e.g., CIS Benchmarks, Microsoft Security Baselines). Conducts threat modelling and risk assessments to identify vulnerabilities or compliance gaps. Maintains and manages Software Bills of Materials (SBOMs). Assists with integrating security monitoring, logging, and alerting capabilities. … risk assessments, risk mitigation plans, and security operations procedures. Performs security validation, configuration assessments, and support user acceptance testing (UAT) for security-related features. Collates and analyses information for threat intelligence requirements from a variety of sources. Designs and executes complex vulnerability research activities. Provides guidance, support and mentoring to other IT Engineers as requested by the IT Leadership … . Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated More ❯

blue team skillsets Develop operating procedures and use cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/… Standards (NIST, CIS, ISO27001) Scripting & Automation (PowerShell, Azure CLI, Azure Logic Apps) MITRE ATT&CK, Threat Modelling Knowledge of CVEs and security vulnerabilities SIEM Tools, Cyber Hunting Techniques Operational threat intelligence and common attack vectors Security vulnerabilities, technical reports Cyber Defence Manager will pay a salary range of £70,000 to £85,000 plus benefits. This opportunity More ❯

blue team skillsets Develop operating procedures and use cases Triage of security events and third-party SOC management Monitor/Collate data from endpoints across estate OSINT experience for threat hunting, prepare reports Cyber Defence Manager - Experience Incident response, security engineering, intrusion detection Experience of SOC or Incident Response Team Analyse End Point, Network, Application Logs Security frameworks/… Standards (NIST, CIS, ISO27001) Scripting & Automation (PowerShell, Azure CLI, Azure Logic Apps) MITRE ATT&CK, Threat Modelling Knowledge of CVEs and security vulnerabilities SIEM Tools, Cyber Hunting Techniques Operational threat intelligence and common attack vectors Security vulnerabilities, technical reports Cyber Defence Manager will pay a salary range of £70,000 to £85,000 plus benefits. This opportunity More ❯

for the United Kingdom, currently residing in the UK. The position is located in Manchester. Responsibilities Evaluate and strengthen our overall security posture by performing continuous audits, risk assessments, threat modelling, and architecture reviews to ensure effective controls and adherence to regulatory standards. Consistently monitor and assess cloud environments for vulnerabilities and misconfigurations utilising tools like AWS Inspector … sensitive information with discretion, professionalism, and sound judgment. Relevant certifications such as AWS Certified Security - Speciality, CISSP, CCSP, or Terraform Associate (or equivalent experience). Preferred Qualifications Exposure to threat intelligence and security analytics , particularly within cloud environments. Bachelor's degree in Computer Science, Information Technology, or Information Security , or equivalent practical experience. Familiarity with key security frameworks and More ❯

You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. Contribute ideas, challenge assumptions, and More ❯

maintain platform security processes and plans within established frameworks Design and manage automated security tooling that prevents security issues before they occur Perform security-focused code reviews and support threat modelling exercises Champion cloud security principles across product engineering teams Incident Management & Monitoring: Lead incident response for security risks and issues raised by SOC teams Manage implementation of More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ll do Secure product & platform delivery (cloud‐native focus) • Provide hands‐on cyber consultancy across digital product lifecycles, championing Secure by Design and privacy‐by‐default. • Conduct and iterate threat models for new features and integrations; translate findings into actionable design and control decisions. • Advise on secure architecture for modern platforms (segmentation, identity/access, encryption, data protection, secrets More ❯

ie cyber security asset management, attack surface management, etc) Pragmatic application of zero-trust philosophies Cloud based security (GCP, AWS and Azure) Pentest scoping and analysis experience Application security Threat modelling To apply for this position please submit your CV. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this More ❯

Cloud Security, and DevSecOps. You have experience with security frameworks (NIST, ISO 27001) and a proven track record of securing large-scale, high-availability systems. You are adept at threat modelling, security architecture review, and penetration testing concepts. Prior experience in the O&G (Oil & Gas) sector, government projects, or other critical infrastructure is a significant advantage. You More ❯

lead high-impact security projects within complex OT environments. As a Senior ICS OT Cyber Security Engineer, you will take a lead role in securing operational technology networks, delivering threat modelling, penetration testing, and cyber risk mitigation strategies for industrial environments. You will work closely with key stakeholders to design secure architectures, provide technical leadership on live security More ❯

ensure Azure-based solutions meet enterprise security standards and compliance requirements, dealing with the following: Security Planning & Risk Assessment Analyze and define security requirements for Azure-based projects. Conduct threat modeling and risk assessments for cloud workloads. Support the secure configuration of Azure services (e.g., Azure AD, Key Vault, Defender for Cloud). Project Delivery Support Act as the More ❯