26 to 50 of 100 Threat Modelling Jobs in the UK excluding London

of experience in security architecture to shape and secure cloud environments at scale. Key Responsibilities Architect secure, scalable cloud solutions on AWS aligned with business and compliance needs. Conduct threat modelling, risk assessments, and security reviews across cloud-native platforms. Collaborate with DevOps, engineering, and compliance teams to embed security best practices. Define and maintain security policies, standards More ❯

effectiveness. Deliver security architecture for cloud deployments (private/public). Design and scope IT Health Checks and interpret outcomes. Identify and mitigate security risks in solution architectures. Conduct threat modelling and risk analysis. Design proportional security controls using native cloud technologies. Produce security architecture artefacts including standards and blueprints. What You'll Bring Prior and proven experience More ❯

Significant experience in Financial Services or Insurance, including PCI-compliant environments. Expert knowledge of network and cloud security using Azure, Hands-on experience with application security, data protection, and threat modelling. Confident communicator, able to influence across technical and business functions. Track record in risk assessment, vulnerability management and secure architecture delivery. Knowledge of DevSecOps, SIEM, IAM, DLP, and More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and drive remediation. - Communicate technical findings clearly to both technical and executive audiences. - Influence security architecture and product design through early More ❯

advancing purple team maturity, the ideal candidate will bring deep technical acumen, a transformation mindset, and a proven ability to lead and inspire high-performing teams in a dynamic, threat-informed environment. RESPONSIBILITIES Technical Leadership & Execution - Personally lead and execute advanced penetration tests, red/purple team exercises, and adversary emulation campaigns across cloud, application, and infrastructure layers. - Identify … vulnerabilities to simulate real-world attack scenarios, validate detection and response capabilities, and uncover control gaps. - Develop and maintain a Purple Team playbook tailored to business-specific technologies and threat models. - Integrate offensive findings into SOC tuning, detection engineering, and control validation workflows. Program Ownership - Own and evolve the offensive security roadmap, including internal testing services, external bug bounty … engineers and red teamers. - Lead the transformation from traditional pentesting to intelligence-driven, continuous offensive security. - Foster a culture of innovation, experimentation, and continuous learning. Collaboration & Influence - Partner with Threat Intelligence, SOC, and Engineering teams to contextualize findings and drive remediation. - Communicate technical findings clearly to both technical and executive audiences. - Influence security architecture and product design through early More ❯

and respond to evolving cyber threats. What You'll Do Design and implement secure software solutions, applying security-by-design principles and recognised standards (ISO 27001, NIST). Conduct threat modelling, code reviews, vulnerability assessments, and penetration tests to identify and mitigate risks. Respond to security incidents, perform root cause analysis, and enhance incident response capabilities and documentation. … Skilled in using vulnerability assessment and penetration testing tools (e.g. Nessus, Burp Suite) Familiarity with security frameworks (ISM, PSPF, ISO 27001) and tools like SIEM, IDS/IPS, and threat intelligence platforms Excellent problem-solving, communication, and collaboration skills, with strong attention to detail and a proactive mindset We welcome applications from candidates with entry-level experience or recent More ❯

development and testing offerings. o Represent the function in client engagements, pre-sales discussions, and technical assessments. o Design and present tailored solutions based on customer-specific challenges and threat landscapes. o Collaborate on statements of work (SOWs) and influence product roadmaps. * Service Delivery Assurance o Oversee performance and quality of services delivered, ensuring SLA and KPI compliance. o … exposure, and accelerate secure delivery. o Collaborate with enterprise architects, engineering leads, and product owners to ensure security is embedded from ideation through to deployment and maintenance. o Champion threat modelling and secure design practices, ensuring development teams proactively identify and mitigate risks during the design phase. o Mentor and upskill engineering teams on secure coding, architectural risk More ❯

stakeholders to implement during early in system development life cycle Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals. Provide security recommendations including automated controls, configurations on projects, processes, risk exceptions, corrective action … Additional technical certifications are preferred Demonstrated ability to research and apply current information regarding the IS field Consistently demonstrates clear and concise written and verbal communication Proven analytical skills Threat modelling using industry standard methodologies (e.g. STRIDE/DREAD) Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls Security architecture assessments for one More ❯

best practices, and support enterprise-wide Azure security initiatives. Key Responsibilities Design and implement secure architectures within Microsoft Azure, ensuring alignment with business and compliance requirements. Conduct Azure-specific threat modelling, risk assessments, and security reviews across infrastructure and applications. Collaborate with cloud engineering, DevOps, and compliance teams to embed security into the Azure development lifecycle. Define and More ❯

DevSecOps integration into CI/CD pipelines, embedding SAST, DAST, SCA and container security tools Own the security testing process, improving automation, coverage, and remediation velocity Champion secure design, threat modelling and coding best practices across engineering teams Partner with sales and business development for pre-sales, client proposals, and solution design Drive financial oversight of the function More ❯

/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre-sales, delivery and review phases Managing financials, resource planning, and service maturity across the Secure SDLC portfolio Acting as escalation More ❯

security into solution designs. Monitor compliance with internal policies, external regulations and industry good practice. (e.g., GDPR, ISO27001, CIS, ISF, NIST). Provide expert guidance on security best practices, threat modelling, and mitigation strategies. Support incident response and post-incident reviews from an architectural perspective. Skills and experience you need asInformation Security & Assurance Specialist: Strong understanding of all More ❯

RAG pipelines, agentic workflows and document intelligence systems Embed cybersecurity and data privacy controls across all AI workflows (e.g., encryption, anonymisation, access logging) Collaborate with the CISO function on threat modeling, security reviews, and AI-specific control design. Integrate with enterprise IAM systems, enforcing RBAC, least privilege Conduct vulnerability scans, pen-test remediation, and support internal and regulatory audits More ❯

work across architecture, engineering, and compliance teams to ensure secure-by-design principles are embedded throughout the Azure environment. Key Responsibilities: Design and implement secure Azure cloud architectures Lead threat modelling, risk assessments, and security reviews Define and enforce cloud security policies and governance Integrate security into CI/CD pipelines and DevOps practices Provide guidance on Azure More ❯

Please be aware that RRP is non contractual and subject to review. Main duties of the job As a Senior Cyber Security Advisor, you will: Conduct security assessments and threat modelling, articulate cyber risk and recommend mitigating controls to ensure systems are designed securely. Provide specialist cyber security guidance aligned to NHSE security policy and industry best practice More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations, including technical understanding. Scoping and managing security verification and validation activities and remedial action plans. Coordinating with product engineers, system architects More ❯

are fundamental to providing industry-leading customer service. About the Cyber Security Engineer role. The role of our Cyber Security Engineer involves discovering system vulnerabilities via penetration testing or threat modelling, working with DevOps, IT and compliance teams to enforce policies, responding to security incidents, and evolving defences to meet shifting risks. Key responsibilities include: Monitor Networks and … Systems: Continuously monitor the organisation's networks and systems for security breaches or intrusions. Threat Detection and Response: Detect and respond to threats or security incidents by analysing data from various incident reports and alerts. Security Audits: Perform regular audits to ensure that systems and networks are operating securely. Security Tools Implementation: Recommend and implement security tools to enhance More ❯

securing cloud-first strategies, ensuring robust architecture and compliance across a complex digital estate. Key Responsibilities Design and implement secure Azure architectures aligned with business and regulatory requirements. Lead threat modelling, risk assessments, and security reviews across cloud and hybrid environments. Collaborate with engineering, DevOps, and compliance teams to embed security best practices. Define and enforce security policies More ❯

cybersecurity and data privacy controls across all AI workflows, including encryption, anonymisation, and access logging. Collaborate with CISO: Work closely with the Chief Information Security Officer (CISO) function on threat modelling, security reviews, and AI-specific control design. Enterprise Integration: Integrate with enterprise Identity and Access Management (IAM) systems, enforcing Role-Based Access Control (RBAC) and least privilege More ❯

security designs as they pertain to the cyber domain. Decomposing cyber and security requirements down to the system control level. Conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Coordinating with product engineers, system architects, and developers to provide More ❯

succeed in this role Deep experience in Azure infrastructure (with IaC using Bicep, ARM, or Terraform) Hands-on knowledge of DevSecOps tooling and techniques (CI/CD, secrets management, threat modelling) Experience implementing security standards across cloud and hybrid environments Familiarity with container security ( e.g. Docker, Kubernetes) A strong understanding of compliance frameworks such as ISO 27001 and More ❯

of experience in cloud or information security. Proven experience securing Google Cloud Platform (GCP) environments. Strong understanding of cloud security principles and native controls. Experience with incident response and threat modelling. Relevant certifications such as: Google Professional Cloud Security Engineer Azure Security Engineer Associate (AZ-500) Certified Cloud Security Professional (CCSP) Key Attributes Strong verbal and written communication skills. More ❯

threats are evolving, and our team is at the heart of protecting critical infrastructure and data. As a Cyber Security Engineer, you'll help lead our proactive efforts in threat detection, response, and mitigation. This role is vital to safeguarding the confidentiality, integrity, and availability of systems and services. What you'll be doing Act on security alerts, incidents … ensure timely responses. Diagnose and investigate security incidents following agreed procedures. Escalate and document unresolved incidents and support recovery efforts. Operate within our enterprise-level SOC and collaborate on threat intelligence. Utilise tools like Microsoft E5, Sentinel, and Darktrace to monitor and prevent threats. Analyse malware and respond to high-priority incidents. Support vulnerability management and threat analysis … equivalent function. Proficiency with Microsoft Security Suite (including Sentinel) and Darktrace or similar. Must have an understanding of cyber threats including malware, ransomware, DDoS, insider threats. Strong knowledge of threat modelling, security monitoring, and cloud environments. Familiarity with GDPR, data protection, and privacy impact assessments. Excellent communication and collaboration skills with a proactive mindset. Industry certifications (e.g., CISSP More ❯

they pertain to the cyber domain. Experience working with cyber and security requirements down to the system control level. Experience conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Experience working with product engineers, system architects, and developers to More ❯

developers and data scientists to establish service-level quality metrics and observability hooks. Validate services against AI regulatory frameworks and ensure traceability, fairness, and robustness in outcomes. Participate in threat modelling and security validation of exposed APIs and AI services. Provide feedback early in the lifecycle to reduce defects and improve design. Mentor junior testers, encourage continuous learning More ❯