compliance in ISO 27001, GDPR, PCI DSS Have a strong understanding of network security principles and practices Be experienced in conducting risk assessments and threatmodelling Be generally proficient in Linux operating systems (e.g., Red Hat, CentOS, Alma, ubuntu) Have familiarity with security technologies, including firewalls, intrusion detection more »
Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Hargreaves Lansdown Asset Management Limited
for each assigned product team/squad, and will support the implementation of secure solutions throughout the development life-cycle. You will also facilitate threat modeling workshops assisting product teams in identifying and mitigating threats. What you will be doing Oversee security related issues across multiple product teams/… Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modeling workshops with SMEs Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against security … such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modeling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a task. more »
Bristol Area, South West, United Kingdom Hybrid / WFH Options
Electus Recruitment Solutions Limited
Develop cutting-edge technology to safeguard our nation's security as an Electromagnetic Warfare Modelling and System Engineer. This leading defence company that produces military weapons systems will reward your hard work significantly with bonuses, annual salary reviews and paid overtime among other benefits. You will play a vital … role in modelling EW Weapon Systems as well as supporting critical weapon systems and missile programmes. About the Role: Develop cutting-edge modelling techniques for EW Weapon Systems Collaborate with experts across the company on essential defence programmes Potential for travel within the UK and Europe (depending on … systems engineering principles It would be desirable for you to have one of the following as well: Knowledge of Integrated Air Defence Systems (IADS) Threat analysis experience Knowledge of EW techniques and tactics Experience working with relevant government agencies, such as DSTL Key Information: Role: Electromagnetic Warfare and System more »
Line of Service Assurance Industry/Sector Not Applicable Specialism Assurance Management Level Senior Associate Job Description & Summary PwC’s Global Threat Intelligence team is seeking strategic intelligence analysts who have a passion and aptitude for helping consumers understand the who, what and why of organised crime and espionage … activity, and applying critical thinking concepts to distil non-technical and technical information into robust assessments. PwC’s Global Threat Intelligence practice focuses on the identification of novel intrusion techniques and tracking of several hundred threat actors, ranging from organised crime groups to state affiliated espionage actors, originating … from more than 25 countries. The practice is responsible for the development and delivery of technical and strategic threat research and intelligence services and provides: Subscription and bespoke research services to public and private sector intelligence clients globally; Intelligence support to, and collection from incident response and managed threatmore »
West Norwood, England, United Kingdom Hybrid / WFH Options
Haleon
like network architectures, network protocols, industrial protocols, Active Directory, Backup processes, virtualization of applications and other general IT knowledge. Fundamental knowledge in IT-Security threatmodelling, vulnerability assessments and pen-testing. Experienced in the use of tools for incident investigations, simulation, and forensics - GxP regulations. Ability to present more »
SSO and integrating other services with security tools. • Support the organization in achieving and maintaining Cyber Essentials Plus and ISO 27001 certification and conducting threat modeling activities. • Collaborate with external third-party suppliers to enhance cybersecurity capabilities, enabling 24x7 SOC capability. Skills and Experience We welcome applicants with diverse … or similar platforms. • Ideally, experience in securing data platforms (e.g., Databricks, Snowflake). • Experience in securing Kubernetes (ideally AKS) and container security. • Knowledge of ThreatModelling and relevant frameworks such as ISO 27001, Cyber Essentials Plus, and CIS. • Proficiency in scripting languages such as Python, PowerShell, and KQL. more »
controls and NIST Guidelines Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools Ability to perform security threatmodelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding more »
App security. Ability in software development or programming/scripting Experience in applied security research, cryptography, mathematics, or computer science Skills in application security threatmodelling, source code review, reverse engineering, fuzzing, and cloud service testing (AWS/Azure) Benefits: Life Assurance at 4x Basic Annual Salary; Pension more »
Luton, England, United Kingdom Hybrid / WFH Options
Hays
the companies’ clients, who are mainly in the defence sector, but can include government and non-defence clients. Conducting cyber risk assessment activities including threatmodelling, vulnerability analysis and analysis of mitigation solutions. Coordinating with other product engineers, system architects, and developers to provide oversight in the development more »
securely and efficiently. Perform thorough security assessments on GCP environments, utilizing GCP-specific security tools and technologies, to identify and address potential vulnerabilities. Conduct threat modeling and risk assessments for GCP deployments, designing effective security solutions tailored to GCP services. Collaborate with cross-functional teams to respond to GCP more »
Response experience Security Monitoring experience Vulnerability Management experience Knowledge and understanding of technical Security tools: SIEM, EDR, DLP, Wireshark, Burp Suite etc. Understanding of threatmodelling advantageous Investigation experience into Information and Cyber security incidents Broad technical understanding – Windows, Linux, Networks, VMware etc. Appreciation of GCIA, GCIH, GCFA more »
all product teams, dealing with complex projects daily and serving as the escalation point for the Product Security Specialist (PSS). You will lead threatmodelling workshops and engag... APCT1_UKTJ more »
Reading, England, United Kingdom Hybrid / WFH Options
Oracle
of new TTPs (Tactics, Techniques & Procedures) of the attackers, mimic them in your technical security risk assessments and/or quickly react to new threat scenarios to provide continuous security assurance Collaborate with engineering teams to help them triage and fix security issues Mentor members of the team in …/exploit them, Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE) Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited What We’ll Give You A team of …/exploit them, Real world mitigations that can be applied Familiarity with vulnerability classification frameworks (e.g. OWASP Top 10, CVSS, MITRE CVE) Ability to threat model systems/applications/platforms to assess design and find flaws that can be exploited What We’ll Give You A team of more »
understanding of our customers, their risks and concerns and work collaboratively with them to create relevant SIEM content that supports agreed use-cases and threat models. The role will be play a pivotal part in supporting the BAU SOC team Produce/Enhance/Refine Monthly Reports for internal … and external audiences Configure/Tune SIEM content, Managed Firewalls and IPS systems Monitor Threat Intelligence – internal, open source and commercial feeds Writing custom IDS/IPS rules to improve detection capabilities or assisting with Vulnerability Scanning activities. Interact with other Cyber Defence, Security and Incident Response teams, within more »
Architecture Review, Threatmodelling, Residual Risk assessments Provide secure solutions and mitigation controls for the identified risk for the development of new features within product, customer implementation and development platform Support for SAST and DAST and provide requirements for penetration testing Monitor SAST and DAST report; good to more »
controls and NIST Guidelines Experience in implementing security automation using Scripting languages eg Python and infrastructure-as-code (IaC) tools Ability to perform security threatmodelling and risk assessments to identify and prioritize security risks Experience with security incident response and handling, including log analysis and forensics Outstanding more »
Develop and implement security design standards and frameworks Collaborate with engineering and product teams to incorporate security considerations into product design and development Conduct threatmodelling, vulnerability assessments, and security code reviews to identify potential security issues Develop and maintain a secure software development lifecycle (SDLC) to ensure … security is integrated at every stage Educate and train engineering and product teams on security awareness and best practices Experience with threatmodelling, risk assessment, and the development of mitigation strategies The Senior Product Security Engineer is a high-profile role with significant business and technology engagement. This more »
risks. Act as a subject matter expert on security-related matters, collaborating with stakeholders to address security concerns and implement effective solutions. Participate in threat hunting and threatmodelling activities. To be considered for this role, you should have: Must have a strong background in a security more »
security procedures and standards to be reviewed and approved by executive management and/or formally authorised by the chief information security officer (CISO) Threatmodelling of services and applications that tie to the risk and data associated with the service or application Key Qualifications: Vast experience in … leading/mentoring teams in “secure by design” including a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services, identity management, as well as securing CI/CD pipelines. Direct, hands-on experience or a solid working knowledge of relevant security patterns more »
the CI/CD pipeline and automate security testing and compliance checks. Provide guidance and support to development teams on secure coding practices and threatmodelling techniques. Collaborate with cloud architects to design and implement secure cloud environments. To be considered for this role, you should have: Must more »
/coach less experienced members of the team and fulfil this opportunity? Responsibilities: Provide support and consultation across all elements of Cyber Security including Threat intelligence, cyber risk management, security operations, data loss and fraud preventions, IDAM, vulnerability management and more. Arrange materials for the Cyber Risk and Information … threats, controls, gaps, and opportunities for improvement. Develop a Cyber risk and information security strategy. Oversee and manage the Security operations - KPIs/KRIs, threat analysis, ensuring quality of security control operations, develop security tooling etc. Responsible for the risk management and Governance Develop the NIST-based Cyber Security … the insurance/financial service industry. Security Frameworks - NIST Security standards - ISO 27001 Previous leadership experience - leading on teams and projects, assigning tasks etc. Threatmodelling - understand the threats to financial service businesses. Please get in touch - jenna@pioneer-search.com Cyber Security and Risk Consultant - 6-month contract more »
You will have the opportunity to foster the growth and advancement of team members within the Application Security domain. You will also lead on threat modeling and conducting comprehensive security reviews of system designs. Skills Previously worked as an Application Security Engineer or similar position. Experience in either C# … and standards, e.g. OWASP, PCI-DSS, ISO 27001, GDPR. Strong knowledge of GitLab pipelines and Akamai security software is a major advantage. Experience in threatmodelling and automated security testing. Senior Application Security Engineer - Hybrid - £500 Outside IR35 more »
Greater London, England, United Kingdom Hybrid / WFH Options
Oliver Bernard
strategies. Master the art of penetration testing with tools like Burp Suite, OWASP ZAP, and/or Kali Linux. Experience with secure coding practices, threat modeling, and API security is highly desirable. Are a skilled communicator and collaborator, able to bridge the gap between technical and non-technical audiences. more »
overseeing application security testing, prioritising the resolution of security vulnerabilities, and increasing automation Show experience identifying potential threats and attacks to applications systems through threatmodelling (PASTA and STRIDE) Demonstrate experience with threatmodelling theories and application architecture reviews Have experience of monitoring security systems for more »
with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incident response and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will advise on … 7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incident response and security monitoring Understanding of threatmodelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM, IAM, DLP, LAN/ more »