1 to 25 of 29 Threat Modelling Jobs with Hybrid or WFH Options

all product teams, dealing with complex projects daily and serving as the escalation point for the Product Security Specialist (PSS). You will lead threat modelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists … a team of Product Security Specialist (PSS). Providing leadership, technical guidance, and support to the Product Security Specialists. You will lead/facilitate threat modelling workshops with SMEs. Engaging with key stakeholders to identify threats and recommend countermeasures. Collaborating with strategy, transformation, and digital engineering parts of … such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a more »

Our client is an engineering software company looking for a Senior Security Programmer who is skilled in threat modelling software systems to join their team. This role is offered fully remote. What you will be doing: Enhance and contribute to threat modelling procedures. Establish the best … and develop applications. Who you are: 8+ years’ experience in Software Engineering and 4+ years of experience with security architecture designing. Extensive comprehension of threat modelling software systems. Expertise in interpreting, composing, and auditing code, and the ability to adopt new technologies. Proficiency with OWASP Top 10 or more »

Join Police Digital Service in a NMC Cyber Threat Intelligence (CTI) role (Hybrid/Lancashire) Police Digital Service are looking to hire CTI roles at the following levels: Cyber Threat Intelligence Specialist - Mid-Tier Threat Intelligence Role; Recommended for those with experience in cyber threat intelligence … or associated fields. Veterans with an intelligence background and an interest in cyber are encouraged to apply Senior Cyber Threat Intelligence Specialist - Senior Threat Intelligence Role; Recommended for those with significant cyber threat intelligence experience As a member of the Threat Intelligence team, you'll be … involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - Threat Modelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

respond promptly to mitigate security threats. Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. Participate in threat modelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. Stay up-to-date with the latest security trends … controls and NIST Guidelines. Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. Experience with security incident response and handling, including log analysis and forensics. Strong communication … Workflow Within 3 months: Security Incident Handling and Remediation Security Automation and Tooling Security Compliance and Auditing Collaboration with Development Teams Within 6 months: Threat Modelling and Risk Assessment Continuous Improvement Initiatives Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »

Develop and implement security design standards and frameworks Collaborate with engineering and product teams to incorporate security considerations into product design and development Conduct threat modelling, vulnerability assessments, and security code reviews to identify potential security issues Develop and maintain a secure software development lifecycle (SDLC) to ensure … security is integrated at every stage Educate and train engineering and product teams on security awareness and best practices Experience with threat modelling, risk assessment, and the development of mitigation strategies The Senior Product Security Engineer is a high-profile role with significant business and technology engagement. This more »

Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As … a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the … impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable more »

Knowledge/experience of cloud security (AWS/Azure), e.g. web components integration, containerisation (such Docker, Kubernetes, OpenShift) and APIs; Knowledge/experience of threat modelling and threat assessment; Experience working in an Agile or DevSecOps methodology/tools e.g GIT, Maven/Gradle, Jenkins, Nexus, Terraform more »

collaboration with the wider information security community within the ICO and across strategic partners, such as NCSC, NCA, CPNI, you will ensure that the threat landscape across the regulatory sector and at national levels are understood; that priorities and direction reflect the changing credible threats to the ICO and … that our key systems and assets are appropriately secured, assessed, monitored. As Digital Security Consultant your main responsibilities will be: Vulnerability and remediation management Threat modelling and Threat intelligence Project and Change engagement Creation and updating of threat models for the core ICO services. Aligning these … threat models and delivering appropriate workstreams to ensure clear oversight of the controls in place for each service. Co-ordinating with relevant ICO departments to provide input and direction into areas such as physical and personnel security, and the ongoing review of credible threats to both staff and the more »

office, 4 days remote working, work from home Key Skills: Continuous Integration (CI), Continuous Deployment (CD), Infrastructure as Code (IaC), Security Automation, Vulnerability Management, Threat Intelligence, Secure Software Development Lifecycle (SSDLC), Compliance as Code, Security Orchestration, Container Security, Microservices Security, Threat Modelling, Secure Configuration Management, Secure DevOps more »

We are seeking a strong Cybersecurity Architect with a robust understanding of Identity and Access Management (IAM) and Privileged Access Management (PAM), experienced in threat modeling, and implementing/enforcing security controls and guardrails. While in-depth SAP knowledge is a plus, the primary requirement is to have a … solid grasp of the architecture and vulnerabilities associated with migrating legacy systems to SAP. Key Responsibilities: Produce detailed threat models after reviewing technical design documents. Review and input security into solution architecture and high-level designs. Advise and consult with development teams on security matters. Ensure compliance with internal …/Experience: Relevant professional qualifications such as Security+, Network+, CISM, CISSP, or working towards certification. Strong concepts of IAM and PAM. Extensive experience in threat modeling and implementing/enforcing security controls and guardrails. Experience working with developers, understanding their challenges, and providing support. Ability to assess and constructively more »

lakes, data warehouses, and data pipelines. Implement encryption, access controls, and auditing for Kafka topics and data streams & monitor anomalies in clusters. Produce Detailed Threat models after reviewing technical design documents. Design and implement authentication mechanisms (e.g., OAuth, JWT) for APIs and services. Key skills: Should have proven experience more »

factor authentication (MFA) More than 10 years proven ability working with an IAM platforms or in related field, including any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security, cloud computing Salary potential 00 Posting End Date more »

the Governance, Risk, and Compliance (GRC) team to inform on risk, compliance, and assurance matters related to the portfolio of change initiatives. Ensure that Threat Modeling is implemented for identified programs, projects, and engineering initiatives within the portfolio. Work closely with the Security Culture team to ensure alignment and more »

level executives. Complementary Technical Skills: Hands-on experience with programming languages, databases, and IoT. Knowledge of containerisation technologies such as Docker. Experience with Attack & Threat Modelling. Familiarity with Red Team testing and social engineering attack methodologies. Working knowledge of CobaltStrike. Experience with bug bounty programs and vulnerability disclosure policies. more »

Consultant (Pen Tester) Complementary Technical Skills: Hands-on experience with programming languages, databases, and IoT Knowledge of containerization technologies (e.g., Docker) Experience with Attack & Threat Modeling Red Team testing and social engineering methodologies Working knowledge of CobaltStrike Experience with bug bounty programs and vulnerability disclosure policies Security Testing Consultant more »

Collaborate with development, operations, and product teams to embed security into agile development cycles. Provide expert guidance on security best practices, including secure coding, threat modelling, vulnerability management, and incident response. Develop and implement security policies, standards, and procedures tailored to agile and DevSecOps environments. Conduct security training more »

Ideally this person would have Vulnerability management experience. System Admin background desired but not essential, this includes experience across Unix, Windows, Cisco, Networking, etc. Threat Modelling exposure flexible This is a permanent position that operates on a hybrid work setup of 2 days in the office, 3 days more »

side encryption for data stored in Amazon S3 buckets. Ensure data at rest and data in transit are encrypted using appropriate mechanisms. Produce Detailed Threat models after reviewing technical design documents. Design and implement authentication mechanisms (e.g., OAuth, JWT) for APIs and services. Key skills: Should have proven experience more »

Skills & Qualifications: Proven experience in API development and integration technologies such as REST and SOAP. Extensive knowledge of secure coding principles, including OWASP and Threat Modelling. Excellent hands-on coding skills using ASP.NET, the .NET ecosystem, and tools like C#, Visual Studio, and dotnet CLI. A deep understanding of more »

processes. Core skills & experience for this Security Analyst role: Security review methodologies: SAST, DAST, SBOM, SCA Implementing security tooling in CI/CD pipelines Threat modeling Code review (Java or C#) Familiarity with security frameworks like PCI, ISO 27001, Cyber Essentials This company offers structured training, career development opportunities … details, call 0161 438 1177 or follow us on Twitter @erinassociates for similar roles. Key words: Security Reviews, ISO Standards, SBOM, SCA, SAST, DAST, Threat Modelling, Security Tooling, Code Review, Manchester, North West, Java C#, Infosec, IT Security analyst Please get in touch on 0161 438 1177 if more »

activities for projects, services, and third party suppliers. Leading the evaluation of business-supporting cyber security needs, undertake cyber security related risk assessments, conduct threat modelling, and ensure activities are consistent with applicable regulations and legislation. Providing advice to a range of stakeholders on how to remedy identified more »

cloud platforms and be well-versed in security protocols, including SSH and HTTP. Complementary skills that will enhance your role include programming, containerisation, and threat modelling, enabling you to provide a holistic approach to cybersecurity challenges. To qualify for this role, it is essential to hold one of more »