51 to 75 of 112 Threat Modelling Jobs in the UK excluding London

outside IR35 Start Date: 1st July Responsibilities: Provide expert security consultancy across the project lifecycle, with a focus on secure-by-design practices. Lead or support security risk assessments, threat modelling, and architectural reviews. Support the production and review of security documentation (RMADS, SyOps, Security Cases, etc.). Engage with technical and delivery teams to embed security requirements More ❯

deployment, and ongoing operations. Define cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Contribute to the production and review of assurance artefacts, including security cases, risk registers, control implementation evidence, and compliance documentation. Provide … skills In-depth understanding of operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/IT systems within large engineering More ❯

they pertain to the cyber domain. Experience working with cyber and security requirements down to the system control level. Experience conducting cyber and information security risk assessment activities including threat modelling, vulnerability analysis and analysis of mitigations. Scoping and managing security verification & validation activities and remedial action plans. Experience working with product engineers, system architects, and developers to More ❯

and scalable Work with the product owner to address user needs Develop secure and high-quality production code, perform code reviews and able to debug issues Participate in agile threat modelling and vulnerability management Ensure compliance with security and regulatory requirements for MOD and high Design assurance software Develop solutions for where data can bring value to our More ❯

/CI/CD workflows and secure SDLC methodologies. Experience securing cloud-native environments, including containerized services (e.g., Kubernetes) and CI/CD orchestration tools. Knowledge of AI-specific threat vectors like adversarial attacks, data poisoning, and prompt injection, and familiarity with the MITRE ATLAS framework. Proficiency in threat modeling and security assessment techniques for AI/ML … CI/CD pipelines, and data workflows. Participate in organizational architecture discussions to support the secure development and operation of AI/ML workloads. Lead security risk assessments and threat modeling for AI/ML applications—identifying vulnerabilities and recommending mitigation strategies. Contribute to testing and validation of AI models and LLMs with a focus on trust, safety, fairness More ❯

controls following formal governance mechanisms for IS Security processes. Assist IS Security in achieving regulatory and statutory compliance. Conduct cyber risk assessments, including evaluations of third-party suppliers. Apply threat modeling principles to system and solution designs to identify risks and mitigations. Support and improve cyber incident management processes. Contribute to operational cybersecurity projects. What to bring Experience working … Cyber Security KPIs (preferred). Experience engaging third-party security specialists (preferred). Understanding of data security, governance, and controls (essential). Experience with cloud security solutions and modern threat modeling (preferred). Knowledge of security frameworks like NIST CSF, Mitre ATT&CK (essential). What You'll Get in Return: We offer a competitive salary and benefits, including More ❯

for processes and functions performed by the IS Security team. Supporting IS Security to achieve regulatory and statutory compliance requirements. Completing cyber risk assessments, including third-party suppliers. Applying threat modeling principles to complex system and solution designs to identify security risks and mitigation strategies. Supporting, monitoring, and recommending improvements to cyber incident management processes. Providing input and support … third-party security specialists for assurance. Understanding of data security and governance requirements and control identification. Experience delivering cloud-focused security solutions and understanding of modern cyber threats and threat modeling techniques. Good understanding of security frameworks such as NIST CSF, Mitre ATT&CK. Benefits At Sword, our core values and culture focus on caring for our people, investing More ❯

of new technology. Your role and responsibilities As a Cybersecurity Architect, you will specialize in DevSecOps, integrating security into the software development lifecycle, automating security practices, and ensuring robust threat modeling and vulnerability management. Your primary focus will be on cloud-native and on-premises environments, with a strong emphasis on application security, infrastructure as code (IaC) security, and More ❯

a fast-growing FinTech that is reshaping the payments landscape. You will collaborate with engineering teams to build security into products from day one, focusing on secure cloud architecture, threat modelling, and risk management. This is not a hands-off role. You will be the go-to advisor for product teams, helping them understand risk, make informed security … assessments and drive a secure-by-design culture Collaborate with engineering teams on cloud-native architecture (GCP, AWS, Azure) Analyse vulnerabilities, prioritise risks, and manage remediation through Jira Lead threat modelling and architecture reviews Shape security tooling and process improvements What you will bring 3 to 5 years in Cyber Security, Product Security, or Secure Software Development Strong … knowledge of GCP (primary), AWS, Azure Experience with threat modelling, AppSec, and security in CI/CD pipelines Ability to communicate security concepts clearly and balance risk with business priorities A collaborative, pragmatic approach Why join Shape security at scale in a high-growth FinTech Work in a fast-paced, collaborative environment Salary £80,000 to More ❯

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities. Key Responsibilities Design, develop … and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection rules via version control, CI/CD … pipelines and automated testing frameworks. Reduce false positives through tuning, enrichment and contextual awareness. Skills 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field. Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar. Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security More ❯

Influence security policy and standards across the organisation - Drive secure design thinking in Agile and DevOps environment, ensuring consistency across cloud platforms - Design and review system architectures and embed threat modelling into development workflows Requirements You'll need to have experience delivering the security for a migration from on prem to the cloud. - Significant experience working in security More ❯

Influence security policy and standards across the organisation - Drive secure design thinking in Agile and DevOps environment, ensuring consistency across cloud platforms - Design and review system architectures and embed threat modelling into development workflows Requirements You'll need to have experience delivering the security for a migration from on prem to the cloud. - Significant experience working in security More ❯

and controls. Your work will directly impact our global user base Focusing on Automation. Developing automated, scalable security solutions. Efficiency is key Administering HashiCorp Vault for secrets management Performing threat modeling and analysis to identify and mitigate security risks Managing PKI, TLS, and GPG infrastructure Applying cryptography and security design principles to cloud environments Documenting playbooks, procedures, and architecture … of working with consumer products, web apps, and mobile apps Proficiency in understanding authentication, authorization, and cryptography, with familiarity around modern security standards and best practices. Proficiency in data modelling of roles, permissions, and capabilities Experience with OAuth 2.0 nuances, best practices, and shortcomings Experience securely running and operating web applications, web services, and service-oriented architecture in production More ❯

and controls. Your work will directly impact our global user base Focusing on Automation. Developing automated, scalable security solutions. Efficiency is key Administering HashiCorp Vault for secrets management Performing threat modeling and analysis to identify and mitigate security risks Managing PKI, TLS, and GPG infrastructure Applying cryptography and security design principles to cloud environments Documenting playbooks, procedures, and architecture … of working with consumer products, web apps, and mobile apps Proficiency in understanding authentication, authorization, and cryptography, with familiarity around modern security standards and best practices. Proficiency in data modelling of roles, permissions, and capabilities Experience with OAuth 2.0 nuances, best practices, and shortcomings Experience securely running and operating web applications, web services, and service-oriented architecture in production More ❯

domains as required across the business to continually improve the quality and potential of security solutions Demonstrable level of expertise of service management that may include compliance, standards, risk, threat modelling, metric implementation, and maturity model management Collaborates with both enterprise and solution architects, bringing managed security services to life, sharing knowledge and bringing specific expertise into decision More ❯

instrumental in driving SOC maturity, optimizing license consumption, and enhancing security visibility across the enterprise. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite Develop and fine-tune analytic rules, detection use-cases, and SOAR playbooks Monitor and optimise license consumption across Microsoft security tools … performance of Microsoft security tools Mentor junior SOC analysts and contribute to internal capability development Maintain and enhance incident response playbooks, processes, and documentation Produce regular performance metrics and threat intelligence summaries Required Skills & Experience 5+ years in cybersecurity, with at least 2+ years at SOC Level 3 or senior analyst level Strong expertise in Microsoft Azure , including security … understanding of log management (onboarding, parsing, retention strategies) Demonstrated ability to build and manage detection use cases aligned with evolving threats Familiarity with the MITRE ATT&CK framework and threat modeling Solid understanding of Windows, Linux, networking, and endpoint security Skilled in threat intelligence, digital forensics, and advanced incident handling Experience with SOAR platforms and security automation Excellent More ❯

instrumental in driving SOC maturity, optimizing license consumption, and enhancing security visibility across the enterprise. Key Responsibilities Lead the investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite Develop and fine-tune analytic rules, detection use-cases, and SOAR playbooks Monitor and optimise license consumption across Microsoft security tools … performance of Microsoft security tools Mentor junior SOC analysts and contribute to internal capability development Maintain and enhance incident response playbooks, processes, and documentation Produce regular performance metrics and threat intelligence summaries Required Skills & Experience 5+ years in cybersecurity, with at least 2+ years at SOC Level 3 or senior analyst level Strong expertise in Microsoft Azure , including security … understanding of log management (onboarding, parsing, retention strategies) Demonstrated ability to build and manage detection use cases aligned with evolving threats Familiarity with the MITRE ATT&CK framework and threat modeling Solid understanding of Windows, Linux, networking, and endpoint security Skilled in threat intelligence, digital forensics, and advanced incident handling Experience with SOAR platforms and security automation Excellent More ❯

industry regulations. Key responsibilities: Develop and implement comprehensive security strategies for Payments System Upgrades. Conduct thorough risk assessments to identify potential security threats and develop mitigation strategies. Create comprehensive threat models aligning with MITRE ATTACK/STRIDE frameworks. Recommend the best controls & mitigations to potential vulnerabilities Ensure the design comply with relevant regulations and standards, including GDPR, SOX, and … complex organization. Ideally, this experience would be within a financially regulated enterprise (e.g., PCI compliance). Proven experience working previously for financial organizations. Previous relevant experience in developing bespoke Threat Models leveraging frameworks like MITRE ATTACK & STRIDE. Proficiency in assessing the Identity & Access Management functions & associated risks during Acquisition process. Be able to understand and assess the security elements More ❯

scripting Experience with application security tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development and production release process, including CI/CD Experience with the application of threat modeling and other risk identification techniques Scripting (Perl, python, PowerShell, bash), RegEx and PCRE experience is desirable Purple Perks Medical, dental and vision coverage Generous PTO and observed holidays More ❯

setting with smart people and challenging problems? If yes, we want to hear from you! We are a Product Security SDL team consisting of a Security lead, SDL coach, threat model architects, a software pen tester and a hardware assessor. We work with development teams across Group Product to improve their security posture. What You'll Do Perform software More ❯