13 of 13 Threat Modelling Jobs in the South West

product team/squad and will support the implementation of secure solutions throughout the application and software development life-cycle. You will also facilitate threat modelling workshops assisting product teams in identifying and mitigating threats. What you will be doing: Oversee security related issues across multiple product teams … Cloud serverless transformation projects. You will have the ability to work with infrastructure as code and understand complex architectures. You will Lead/facilitate threat modelling workshops with SMEs. Engage with key stakeholders to identify threats and recommend countermeasures. Participate in architectural reviews of Product cloud implementations against … such as OWASP, NIST, and ISO. Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threat modelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a More ❯

manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance requirements for secure communications, supply chain security, platform integration, and physical … engineering context. Ability to interpret and apply security requirements across the engineering lifecycle, ensuring traceability and alignment with delivery controls. Capable of contributing to threat modelling, risk assessments, and technical reviews with clear, structured input. Confident working independently in complex, multi-stakeholder environments while managing priorities and deadlines More ❯

manage stakeholder expectations. Support the preparation for and participation in technical reviews, audits, and risk acceptance activities. Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments. Provide subject matter expertise on assurance requirements for secure communications, supply chain security, platform integration, and physical … engineering context. Ability to interpret and apply security requirements across the engineering lifecycle, ensuring traceability and alignment with delivery controls. Capable of contributing to threat modelling, risk assessments, and technical reviews with clear, structured input. Confident working independently in complex, multi-stakeholder environments while managing priorities and deadlines More ❯

draw upon Enterprise Security Architecture or Security Solutions Architecture to: Identify business objectives, user needs, risk appetite and cyber security obligations Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/… of established patterns, principles and guidelines Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than … practice within Cloud platforms (AWS and/or Microsoft Azure) In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence. A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE) Experience working with security More ❯

and implement mitigation measures. Integrate secure coding practices into the software development lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/ More ❯

and implement mitigation measures. Integrate secure coding practices into the software development lifecycle. Perform security code reviews and ensure secure-by-design principles. Conduct threat modelling exercises to identify and mitigate potential risks. Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/ More ❯

as microservices, containers, and serverless architecture. Develop and maintain CI/CD pipelines for efficient, secure, and automated deployments. Security by design Vulnerability management Threat modelling Cloud Security Ensure compliance with industry security standards and best practices, such as ISO 27001, SOC 2, and GDPR. Experience with DevSecOps More ❯

security strategy and ensure security is embedded at every stage of development. Key Responsibilities: Perform in-depth security reviews, including secure code reviews and threat modelling. Develop and implement security controls to align with frameworks such as ISO 27001, NIST, and CIS benchmarks. Collaborate with development teams to enhance More ❯

of modern technology practices such as test-driven development (TDD), continuous integration, continuous delivery and DevOps a good knowledge of cloud security architecture, including threat modelling, analysis and operations experience developing and implementing technical strategy and standards experience defining and refining technical governance in multidisciplinary agile environments If More ❯

continuously improve the security posture. Responsibilities Implement security controls for cloud infrastructures (AWS and Azure). Develop and engineer cloud security policies, ensuring proactive threat prevention, detection, and forensic analysis. Implement security solutions for containerised environments and microservices (e.g., Kubernetes, Docker). Build and maintain security at every point … in the CI/CD pipeline. Build and integrate security solutions into DevSecOps pipelines, collaborating with UKRI teams. Perform cloud threat modelling and implement countermeasures. Assess third-party cloud and on-premises solutions for security risks and recommend mitigations. Design and enforce cloud security policies, standards, and best More ❯

practices, ensuring products meet regulatory and industry standards. The Role Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure … Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and More ❯

practices, ensuring products meet regulatory and industry standards. The Role Key Responsibilities: Identify security requirements and integrate controls into product development. Conduct risk assessments, threat modeling, and vulnerability analysis. Develop and implement risk management strategies using security frameworks. Collaborate with development teams to ensure security best practices and secure … Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and More ❯

Strong knowledge of EW systems and their use cases. Experience in designing and architecting complex systems within defence or security domains. Experience with system modelling, simulation tools and design software. Good understanding of enterprise-scale architectures and how to structure solutions for scalability, maintainability and performance. Strong knowledge of … designs and deployment strategies. Knowledge of security best practices such as secure software design principles, encryption, identity management and secure communication protocols. Understanding of threat modelling to identify potential vulnerabilities and risks in the system and devise mitigation strategies. The ability to bring knowledge of customers and end More ❯