51 to 75 of 119 Threat Modelling Jobs in the UK excluding London

drive remediation with development and operations teams. Secure Development Practices Partner with software and hardware engineers to integrate secure coding and design principles (e.g., threat modelling, secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and More ❯

in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure More ❯

Expertise in IT infrastructure architecture (e.g. networks, servers, storage, virtualisation), application architecture (e.g. integration, APIs, data), and cyber security architecture (e.g. identity & access management, threat modelling, security controls). · Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. · Proven experience leading More ❯

Expertise in IT infrastructure architecture (e.g. networks, servers, storage, virtualisation), application architecture (e.g. integration, APIs, data), and cyber security architecture (e.g. identity & access management, threat modelling, security controls). Strong working knowledge and application of NIST Risk Management Framework, Secure by Design, and architecture standards. Proven experience leading More ❯

Responsibilities Lead cyber risk assessment activities across IT and OT environments, correlating outputs into strategic risk tracking. Manage the cyber security risk toolkit , including threat modelling, attack trees, and scenario-based exercises. Develop and implement cyber security policies, processes, and staff training aligned with Secure by Design principles. … Oversee first-line security operations , including outsourced 24/7 SOC management . Define and manage cyber threat intelligence requirements . Provide cyber risk consultancy for business development projects, ensuring regulatory compliance. Contribute to supply chain risk management , assessing supplier security risks. Act as Deputy NIS Reporting Officer (NRO More ❯

tools. Excellent understanding and experience with manual security testing to find vulnerabilities and logical issues. Knowledge and understanding of OWASP and its utilisation within threat modelling. Experience of software development and languages. Working knowledge of CI and CD pipelines and associated security tooling. Use of planned structured methodologies for … considered throughout the lifecycle. Identifying and managing any security flaws within our software through appropriately liaising with external bodies where necessary. Performing risk assessments, threat modelling and design reviews to ensure effective security controls. Identifying opportunities for converting manual tasks into automated processes and identify tooling to support More ❯

tools. Excellent understanding and experience with manual security testing to find vulnerabilities and logical issues. Knowledge and understanding of OWASP and its utilisation within threat modelling. Experience of software development and languages. Working knowledge of CI and CD pipelines and associated security tooling. Use of planned structured methodologies for … considered throughout the lifecycle. Identifying and managing any security flaws within our software through appropriately liaising with external bodies where necessary. Performing risk assessments, threat modelling and design reviews to ensure effective security controls. Identifying opportunities for converting manual tasks into automated processes and identify tooling to support More ❯

tools. Excellent understanding and experience with manual security testing to find vulnerabilities and logical issues. Knowledge and understanding of OWASP and its utilisation within threat modelling. Experience of software development and languages. Working knowledge of CI and CD pipelines and associated security tooling. Use of planned structured methodologies for … considered throughout the lifecycle. Identifying and managing any security flaws within our software through appropriately liaising with external bodies where necessary. Performing risk assessments, threat modelling and design reviews to ensure effective security controls. Identifying opportunities for converting manual tasks into automated processes and identify tooling to support More ❯

systems.Define cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms.Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards.Provide expertise on OT protocols, SCADA systems, field devices, and network architecture relevant to the client's … of operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures.Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures.Demonstrated ability to define, implement, and assure security controls across complex OT/IT More ❯

cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Provide expertise on OT protocols, SCADA systems, field devices, and network architecture relevant to the client … operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/ More ❯

cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Provide expertise on OT protocols, SCADA systems, field devices, and network architecture relevant to the client … operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/ More ❯

cybersecurity requirements within the client's environment, including rail-specific systems, legacy OT, and modern industrial platforms. Support developing and delivering security risk assessments, threat models, and control frameworks following the relevant standards. Provide expertise on OT protocols, SCADA systems, field devices, and network architecture relevant to the client … operational technology (OT) environments, including SCADA systems, field devices, industrial protocols, and control network architectures. Firm grounding in cybersecurity principles for critical infrastructure, including threat modelling, risk analysis, defence-in-depth, and zero-trust architectures. Demonstrated ability to define, implement, and assure security controls across complex OT/ More ❯

of data sources from cloud, on-prem, endpoint, network and application layers Create and maintain detection rules, correlation logic and alerts tailored to specific threat scenarios Provide technical leadership and mentorship to team members Work closely with SOC teams to align SIEM capabilities with business objectives Conduct SIEM health … more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring (AWS CloudTrail, Azure Monitor, GCP … etc.) Experience with threat modelling, cloud security or Identity and Access Management is desirable More ❯

design and cloud-native architecture Acting as a key escalation point for vulnerability triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation More ❯

the Blockchain space as a DevSecOps Engineer or Platform Engineer Expertise in AWS and experience with Infrastructure-as-Code Understanding of risk assessment and threat modelling to identify threats within the digital trading space across the public cloud Security awareness with the ability to understand requirements from the More ❯

Azure, hybrid infrastructures across Python, C++, and Kotlin/Java environments, ensuring robust protection that supports high-speed, data-driven operations. You will conduct threat modelling, vulnerability assessments and security code reviews across different platforms, ensuring security is embedded at every stage of the development lifecycle and provide More ❯

complex infrastructure environments A strong technical background across Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies Experience with cyber security concepts, such as Threat Modelling, Incident Response, Penetration Testing (external/internal) Advanced knowledge of cloud products and services e.g. Azure, Microsoft 365 Emotionally intelligent and able More ❯

customer experience. Understanding of mobile app vulnerabilities. Provide challenge and assessment of potential technology risks including information and cyber security control weaknesses by performing threat modelling exercises. Provide technology risk subject matter expertise and communicate the risk environment to management and other key stakeholders. Build solid professional relationships More ❯

collaborate with diverse teams, we want to hear from you! Key Skills: Strong understanding of cloud and application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Azure, Kubernetes, Service Mesh, API gateways, and API security (authentication and authorization). Proficiency More ❯

scalable GCP environments using Terraform Ensure GCP security best practices and perform compliance checks Key Requirements: Expertise in GCP and Terraform Proficiency in GCP Threat Modelling, CSP, and REGO policies Excellent communication skills This position is an urgent hire, and our client prefers candidates available immediately or nearing More ❯

through formal tender process, feasibilities phases, design phases, implementation, and validation phases, including risk assessments Security Architecture and Design- Review of design documents, performing threat modelling and risk assessments, incorporating security non-functional requirements and be a standing member of Technical Design Authority Be the Security touchpoint for More ❯

through formal tender process, feasibilities phases, design phases, implementation, and validation phases, including risk assessments Security Architecture and Design- Review of design documents, performing threat modelling and risk assessments, incorporating security non-functional requirements and be a standing member of Technical Design Authority Be the Security touchpoint for More ❯

practice to assist with baking security into architectural standards. Essential Skills & Experience: Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services At least one of: CISSP, CISA, CISM, TOGAF, relevant SANS/GIAC certifications or similar. Direct More ❯

throughout the software development lifecycle Perform security code reviews and provide security guidance during product design and development to ensure Secure by Design Conduct threat modelling exercises to prioritise potential risks and develop mitigation strategies to reduce risks Ensure products meet regulatory standards such as ISO27001, NIST More ❯

Shape, create or own cloud security strategy, policies, tools and services. Evaluate and shape responses to cloud alerts and events from security tools. Conduct threat modelling and develop cloud security incident response plans. Provide security consultation as a cloud security SME in forums and to other teams. Provide More ❯