1 to 25 of 47 Permanent Threat Modelling Jobs in England

all product teams, dealing with complex projects daily and serving as the escalation point for the Product Security Specialist (PSS). You will lead threat modelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists … a team of Product Security Specialist (PSS). Providing leadership, technical guidance, and support to the Product Security Specialists. You will lead/facilitate threat modelling workshops with SMEs. Engaging with key stakeholders to identify threats and recommend countermeasures. Collaborating with strategy, transformation, and digital engineering parts of … such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a more »

Join Police Digital Service in a NMC Cyber Threat Intelligence (CTI) role (Hybrid/Lancashire) Police Digital Service are looking to hire CTI roles at the following levels: Cyber Threat Intelligence Specialist - Mid-Tier Threat Intelligence Role; Recommended for those with experience in cyber threat intelligence … or associated fields. Veterans with an intelligence background and an interest in cyber are encouraged to apply Senior Cyber Threat Intelligence Specialist - Senior Threat Intelligence Role; Recommended for those with significant cyber threat intelligence experience As a member of the Threat Intelligence team, you'll be … involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident more »

overseeing application security testing, prioritising the resolution of security vulnerabilities, and increasing automation Show experience identifying potential threats and attacks to applications systems through threat modelling (PASTA and STRIDE) Demonstrate experience with threat modelling theories and application architecture reviews Have experience of monitoring security systems for more »

inherently secure. - Ideally you will have worked across the system lifecycle, undertaking the security risk management activities required to support each phase, from initial threat and risks assessments and specification of security requirements, through to overseeing implementation and testing of socio-technical security architectures. You will also have experience … assurance workstreams for projects delivering secure systems and services within a government context. Undertaking and producing socio-technical security risk assessments, ideally including technical threat modelling (e.g. using STRIDE). Development and implementation of risk management strategies and plans. Specification, development and technical assurance of security policies and … Knowledge and understanding of core cyber security risk management areas, including but not limited to: Security governance and risk management approaches, tools, and techniques. Threat modelling (e.g. STRIDE) and socio-technical risk assessment (e.g. NIST 800-30) methodologies. Attack classification and characterisation frameworks (e.g. MITRE ATT&CK) Computer more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. Stay up-to-date with the latest security trends … controls and NIST Guidelines. Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. Experience with security incident response and handling, including log analysis and forensics. Strong communication … Workflow Within 3 months: Security Incident Handling and Remediation Security Automation and Tooling Security Compliance and Auditing Collaboration with Development Teams Within 6 months: Threat Modelling and Risk Assessment Continuous Improvement Initiatives Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

Security Consultant with extensive experience in providing end-to-end security assurance for business projects. The ideal candidate will have a strong background in threat assessments, architectural design reviews, third-party risk assessments, RFP security requirements, network security, IDAM projects, ransomware remediation, pen test scoping, and HLD/LLD … reviews. Responsibilities: Perform threat modelling to identify potential security vulnerabilities and risks. Assess high and low-level architectural designs to identify security risks and provide recommendations for mitigation. Provide security requirements for RFPs and score RFPs based on security criteria. Conduct assessments of third-party security posture to … role with a focus on end-to-end security assurance for business projects. Strong understanding of security principles, standards, and best practices. Experience with threat modelling, architectural design reviews, RFP security requirements, third-party risk assessments, network security, IDAM projects, ransomware remediation, pen test scoping, and HLD/ more »

Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As … a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the … impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable more »

Knowledge/experience of cloud security (AWS/Azure), e.g. web components integration, containerisation (such Docker, Kubernetes, OpenShift) and APIs; Knowledge/experience of threat modelling and threat assessment; Experience working in an Agile or DevSecOps methodology/tools e.g GIT, Maven/Gradle, Jenkins, Nexus, Terraform more »

with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incident response and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will advise on … 7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incident response and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM, IAM, DLP, LAN/ more »

risks. Act as a subject matter expert on security-related matters, collaborating with stakeholders to address security concerns and implement effective solutions. Participate in threat hunting and threat modelling activities. To be considered for this role, you should have: Must have a strong background in a security more »

office, 4 days remote working, work from home Key Skills: Continuous Integration (CI), Continuous Deployment (CD), Infrastructure as Code (IaC), Security Automation, Vulnerability Management, Threat Intelligence, Secure Software Development Lifecycle (SSDLC), Compliance as Code, Security Orchestration, Container Security, Microservices Security, Threat Modelling, Secure Configuration Management, Secure DevOps more »

SSO and integrating other services with security tools. • Support the organization in achieving and maintaining Cyber Essentials Plus and ISO 27001 certification and conducting threat modeling activities. • Collaborate with external third-party suppliers to enhance cybersecurity capabilities, enabling 24x7 SOC capability. Skills and Experience We welcome applicants with diverse … or similar platforms. • Ideally, experience in securing data platforms (e.g., Databricks, Snowflake). • Experience in securing Kubernetes (ideally AKS) and container security. • Knowledge of Threat Modelling and relevant frameworks such as ISO 27001, Cyber Essentials Plus, and CIS. • Proficiency in scripting languages such as Python, PowerShell, and KQL. more »

required projects Manage security risk for the whole project life cycle Perform security activities, including but not limited to, security design reviews, risk assessments, threat modelling, and vulnerability management and risk mitigation on internally & externally developed software Embedding security within DevOps (eg CI/CD pipelines), developing security more »

Azure - A solid understanding of cloud computing and its security concerns - Ability to articulate complex security concepts to a non-technical audience - Experience in threat modelling and risk assessment - Strong analytical skills and attention to detail - Excellent communication and stakeholder management abilities Requirements: - Security clearance is essential for more »

ability to design and implement complex security solutions in line with company policies and standards. • Familiarity with various security techniques and methodologies, such as threat modeling and vulnerability management. • Proficiency in automation and scripting using Python, Shell, Ansible, Jenkins, etc. • Industry certifications in information security or information technology preferred more »

doing: Identify security vulnerabilities from a wide pool of technological solutions Perform risk analysis to triage and manage the remediation or mitigation activity Perform threat modeling activities across a variety of applications and environments Perform security assessments of existing architecture and make security recommendations for new deployments or changes more »

IT Security Engineer role. preferably manufacturing but not essential. Key Responsibilities Responsible for educating the workforce on information security through training and building awareness. Threat modelling, mitigation, validation, including software and hardware penetration testing. Work with all functions of the IT department to design security into the system … and drive security reviews. Develop tools to assist in modelling, analysis, detection, and prevention of security threats. Secure the system while ensuring ease of use for the user and network operations. Stay current on industry developments affecting security and privacy policy. Implement security measures, plans and polices to resolve more »

controls and NIST Guidelines Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding more »

controls and NIST Guidelines Experience in implementing security automation using Scripting languages eg Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding more »

controls and NIST Guidelines Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding more »

ongoing security needs: Continuously assess the organization's security requirements and establish standard operating procedures to respond to inbound security issues. Develop and implement threat models: Stay informed about new threats and attack vectors, and proactively address them. Perform routine security assessments/audits: Evaluate networks, systems, code, controls more »

the Governance, Risk, and Compliance (GRC) team to inform on risk, compliance, and assurance matters related to the portfolio of change initiatives. Ensure that Threat Modeling is implemented for identified programs, projects, and engineering initiatives within the portfolio. Work closely with the Security Culture team to ensure alignment and more »