1 to 25 of 57 Permanent Threat Modelling Jobs in the UK

a disability or special need that requires accommodation, please let us know at the earliest opportunity. Job Description As a Security Engineer within the Threat Informed Defense (TID) Team, you'll play a pivotal role in securing our critical business applications. You'll be tasked with conducting thorough threat modelling exercises, identifying potential vulnerabilities, and enumerating relevant threat scenarios. Leveraging this information, you'll design and implement effective detection strategies that bolster our defense mechanisms against evolving cyber threats. Your work will directly contribute to the continuous improvement of our security posture, ensuring the integrity and … resilience of our digital assets. Key Responsibilities: Conduct comprehensive threat modelling of business-critical applications to identify potential security vulnerabilities and risks. Enumerate relevant threat scenarios based on structured threat intelligence, industry trends, and the evolving cyber threat landscape. Design and implement effective detection strategies more »

all product teams, dealing with complex projects daily and serving as the escalation point for the Product Security Specialist (PSS). You will lead threat modelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists … a team of Product Security Specialist (PSS). Providing leadership, technical guidance, and support to the Product Security Specialists. You will lead/facilitate threat modelling workshops with SMEs. Engaging with key stakeholders to identify threats and recommend countermeasures. Collaborating with strategy, transformation, and digital engineering parts of … such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a more »

Our client is an engineering software company looking for a Senior Security Programmer who is skilled in threat modelling software systems to join their team. This role is offered fully remote. What you will be doing: Enhance and contribute to threat modelling procedures. Establish the best … and develop applications. Who you are: 8+ years’ experience in Software Engineering and 4+ years of experience with security architecture designing. Extensive comprehension of threat modelling software systems. Expertise in interpreting, composing, and auditing code, and the ability to adopt new technologies. Proficiency with OWASP Top 10 or more »

patterns for security architecture Design effective application security solutions aligned to the Information Security and business strategy. Act as Subject Matter Expert for Application threat modelling, secure coding practices in Java and C++, and DevSecOps practices. Contribute to the security technology roadmap, policies and standards. Support development teams … in implementing threat modelling, secure development practices and use of application security assurance tools. Ensuring that architecture and solution designs are secure by design Developing Application based security policies and standards Experience Required: Strong professional background in Financial Services Outstanding understanding of Application Security Strong experience developing patterns … for application security architecture Subject Matter Expertise in application threat modeling Strong understanding of secure coding practices in Java and C++, and DevSecOps practices Experience of automated build and deployment pipelines Experience of operating one or more of SAST, SCA, DAST, IAST, MAST Relevant qualifications or certifications To be more »

overseeing application security testing, prioritising the resolution of security vulnerabilities, and increasing automation Show experience identifying potential threats and attacks to applications systems through threat modelling (PASTA and STRIDE) Demonstrate experience with threat modelling theories and application architecture reviews Have experience of monitoring security systems for more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. Stay up-to-date with the latest security trends … controls and NIST Guidelines. Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. Experience with security incident response and handling, including log analysis and forensics. Strong communication … Workflow Within 3 months: Security Incident Handling and Remediation Security Automation and Tooling Security Compliance and Auditing Collaboration with Development Teams Within 6 months: Threat Modelling and Risk Assessment Continuous Improvement Initiatives Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

Develop and implement security design standards and frameworks Collaborate with engineering and product teams to incorporate security considerations into product design and development Conduct threat modelling, vulnerability assessments, and security code reviews to identify potential security issues Develop and maintain a secure software development lifecycle (SDLC) to ensure … security is integrated at every stage Educate and train engineering and product teams on security awareness and best practices Experience with threat modelling, risk assessment, and the development of mitigation strategies The Senior Product Security Engineer is a high-profile role with significant business and technology engagement. This more »

with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incident response and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will advise on … 7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incident response and security monitoring Understanding of threat modelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM, IAM, DLP, LAN/ more »

Line of Service Assurance Industry/Sector Not Applicable Specialism Assurance Management Level Senior Associate Job Description & Summary PwC’s Global Threat Intelligence team is seeking strategic intelligence analysts who have a passion and aptitude for helping consumers understand the who, what and why of organised crime and espionage … activity, and applying critical thinking concepts to distil non-technical and technical information into robust assessments. PwC’s Global Threat Intelligence practice focuses on the identification of novel intrusion techniques and tracking of several hundred threat actors, ranging from organised crime groups to state affiliated espionage actors, originating … from more than 25 countries. The practice is responsible for the development and delivery of technical and strategic threat research and intelligence services and provides: Subscription and bespoke research services to public and private sector intelligence clients globally; Intelligence support to, and collection from incident response and managed threat more »

risks. Act as a subject matter expert on security-related matters, collaborating with stakeholders to address security concerns and implement effective solutions. Participate in threat hunting and threat modelling activities. To be considered for this role, you should have: Must have a strong background in a security more »

risks. Act as a subject matter expert on security-related matters, collaborating with stakeholders to address security concerns and implement effective solutions. Participate in threat hunting and threat modelling activities. To be considered for this role, you should have: Must have a strong background in a security more »

like network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and other general IT knowledge. Fundamental knowledge in IT-Security threat modelling, vulnerability assessments and pen-testing. Experienced in the use of tools for incident investigations, simulation, and forensics - GxP regulations. Ability to present more »

office, 4 days remote working, work from home Key Skills: Continuous Integration (CI), Continuous Deployment (CD), Infrastructure as Code (IaC), Security Automation, Vulnerability Management, Threat Intelligence, Secure Software Development Lifecycle (SSDLC), Compliance as Code, Security Orchestration, Container Security, Microservices Security, Threat Modelling, Secure Configuration Management, Secure DevOps more »

security procedures and standards to be reviewed and approved by executive management and/or formally authorised by the chief information security officer (CISO) Threat modelling of services and applications that tie to the risk and data associated with the service or application Key Qualifications: Vast experience in … leading/mentoring teams in “secure by design” including a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services, identity management, as well as securing CI/CD pipelines. Direct, hands-on experience or a solid working knowledge of relevant security patterns more »

they are looking for experienced Cyber Security Engineers to hit the ground running on various projects across Security Architecture, DevSecOps, Application Security, Cloud Security, Threat Modelling, and more. This role will be ideal for someone who has experience in the security engineering space and is ready to take … and operations teams to promote a culture of security throughout our client. Implement and maintain security tools and technologies in the DevOps environment. Conduct threat modeling exercises to identify potential security threats and risks. Develop and maintain threat models for applications, systems, and infrastructure. To be considered for … prior experience in cyber security engineering, with a focus on any or multiple of the following: application security, security architecture, cloud security, DevSecOps, and threat modeling. Strong understanding of security principles, protocols, and technologies. Experience with security assessment tools and techniques. Excellent communication and collaboration skills, with the ability more »

SSO and integrating other services with security tools. • Support the organization in achieving and maintaining Cyber Essentials Plus and ISO 27001 certification and conducting threat modeling activities. • Collaborate with external third-party suppliers to enhance cybersecurity capabilities, enabling 24x7 SOC capability. Skills and Experience We welcome applicants with diverse … or similar platforms. • Ideally, experience in securing data platforms (e.g., Databricks, Snowflake). • Experience in securing Kubernetes (ideally AKS) and container security. • Knowledge of Threat Modelling and relevant frameworks such as ISO 27001, Cyber Essentials Plus, and CIS. • Proficiency in scripting languages such as Python, PowerShell, and KQL. more »

the CI/CD pipeline and automate security testing and compliance checks. Provide guidance and support to development teams on secure coding practices and threat modelling techniques. Collaborate with cloud architects to design and implement secure cloud environments. To be considered for this role, you should have: Must more »

Azure - A solid understanding of cloud computing and its security concerns - Ability to articulate complex security concepts to a non-technical audience - Experience in threat modelling and risk assessment - Strong analytical skills and attention to detail - Excellent communication and stakeholder management abilities Requirements: - Security clearance is essential for more »

Ideally experience of securing Github and Github actions (or similar). Ideally experience in securing data platforms (e.g. Databricks, Dagster, Snowflake). Experience in Threat Modelling. Exposure to Agile working and DevSecOps. Knowledge of ISO 27001. Relevant certifications, such as: Microsoft certifications (MS-500, AZ-500, AZ-700, SC more »

doing: Identify security vulnerabilities from a wide pool of technological solutions Perform risk analysis to triage and manage the remediation or mitigation activity Perform threat modeling activities across a variety of applications and environments Perform security assessments of existing architecture and make security recommendations for new deployments or changes more »

controls and NIST Guidelines Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding more »

controls and NIST Guidelines Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools Ability to perform security threat modelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding more »