Bristol, Avon, South West, United Kingdom Hybrid / WFH Options
Hargreaves Lansdown Asset Management Limited
all product teams, dealing with complex projects daily and serving as the escalation point for the Product Security Specialist (PSS). You will lead threatmodelling workshops and engage with key stakeholders to identify threats and recommend countermeasures. Additionally, you will lead a team of Product Security Specialists … a team of Product Security Specialist (PSS). Providing leadership, technical guidance, and support to the Product Security Specialists. You will lead/facilitate threatmodelling workshops with SMEs. Engaging with key stakeholders to identify threats and recommend countermeasures. Collaborating with strategy, transformation, and digital engineering parts of … such as OWASP, NIST, and ISO Awareness of security tools and technologies, such as SAST, DAST, IAST, SCA, WAF, IDS, IPS. Experience in conducting threatmodelling and risk assessments. Interview process The interview process for this role is two stages including a technical competency-based questions and a more »
Our client is an engineering software company looking for a Senior Security Programmer who is skilled in threatmodelling software systems to join their team. This role is offered fully remote. What you will be doing: Enhance and contribute to threatmodelling procedures. Establish the best … and develop applications. Who you are: 8+ years’ experience in Software Engineering and 4+ years of experience with security architecture designing. Extensive comprehension of threatmodelling software systems. Expertise in interpreting, composing, and auditing code, and the ability to adopt new technologies. Proficiency with OWASP Top 10 or more »
Wigan, Greater Manchester, North West, United Kingdom Hybrid / WFH Options
Police Digital Services
Join Police Digital Service in a NMC Cyber Threat Intelligence (CTI) role (Hybrid/Lancashire) Police Digital Service are looking to hire CTI roles at the following levels: Cyber Threat Intelligence Specialist - Mid-Tier Threat Intelligence Role; Recommended for those with experience in cyber threat intelligence … or associated fields. Veterans with an intelligence background and an interest in cyber are encouraged to apply Senior Cyber Threat Intelligence Specialist - Senior Threat Intelligence Role; Recommended for those with significant cyber threat intelligence experience As a member of the Threat Intelligence team, you'll be … involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the impact of known cyber risks by engaging forces in pre-incident more »
inherently secure. - Ideally you will have worked across the system lifecycle, undertaking the security risk management activities required to support each phase, from initial threat and risks assessments and specification of security requirements, through to overseeing implementation and testing of socio-technical security architectures. You will also have experience … assurance workstreams for projects delivering secure systems and services within a government context. Undertaking and producing socio-technical security risk assessments, ideally including technical threatmodelling (e.g. using STRIDE). Development and implementation of risk management strategies and plans. Specification, development and technical assurance of security policies and … Knowledge and understanding of core cyber security risk management areas, including but not limited to: Security governance and risk management approaches, tools, and techniques. Threatmodelling (e.g. STRIDE) and socio-technical risk assessment (e.g. NIST 800-30) methodologies. Attack classification and characterisation frameworks (e.g. MITRE ATT&CK) Computer more »
overseeing application security testing, prioritising the resolution of security vulnerabilities, and increasing automation Show experience identifying potential threats and attacks to applications systems through threatmodelling (PASTA and STRIDE) Demonstrate experience with threatmodelling theories and application architecture reviews Have experience of monitoring security systems for more »
overseeing application security testing, prioritising the resolution of security vulnerabilities, and increasing automation Show experience identifying potential threats and attacks to applications systems through threatmodelling (PASTA and STRIDE) Demonstrate experience with threatmodelling theories and application architecture reviews Have experience of monitoring security systems for more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threatmodelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - ThreatModelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Indotronix Avani UK Ltd
respond promptly to mitigate security threats. - Develop and implement security automation scripts and tools to streamline security tasks in the DevOps pipeline. - Participate in threatmodelling exercises and risk assessments to proactively identify security weaknesses and prioritize remediation efforts. - Stay up-to-date with the latest security trends … controls and NIST Guidelines. - Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools. - Ability to perform security threat modeling and risk assessments to identify and prioritize security risks. - Experience with security incident response and handling, including log analysis and forensics. - Strong communication … Workflow Within 3 months: - Security Incident Handling and Remediation - Security Automation and Tooling - Security Compliance and Auditing - Collaboration with Development Teams Within 6 months: - ThreatModelling and Risk Assessment - Continuous Improvement Initiatives - Security Incident Management Whats in it for you? We operate a Flexible Working Policy and this more »
Security Consultant with extensive experience in providing end-to-end security assurance for business projects. The ideal candidate will have a strong background in threat assessments, architectural design reviews, third-party risk assessments, RFP security requirements, network security, IDAM projects, ransomware remediation, pen test scoping, and HLD/LLD … reviews. Responsibilities: Perform threatmodelling to identify potential security vulnerabilities and risks. Assess high and low-level architectural designs to identify security risks and provide recommendations for mitigation. Provide security requirements for RFPs and score RFPs based on security criteria. Conduct assessments of third-party security posture to … role with a focus on end-to-end security assurance for business projects. Strong understanding of security principles, standards, and best practices. Experience with threatmodelling, architectural design reviews, RFP security requirements, third-party risk assessments, network security, IDAM projects, ransomware remediation, pen test scoping, and HLD/ more »
Security Consultant with extensive experience in providing end-to-end security assurance for business projects. The ideal candidate will have a strong background in threat assessments, architectural design reviews, third-party risk assessments, RFP security requirements, network security, IDAM projects, ransomware remediation, pen test scoping, and HLD/LLD … reviews. Responsibilities: Perform threatmodelling to identify potential security vulnerabilities and risks. Assess high and low-level architectural designs to identify security risks and provide recommendations for mitigation. Provide security requirements for RFPs and score RFPs based on security criteria. Conduct assessments of third-party security posture to … role with a focus on end-to-end security assurance for business projects. Strong understanding of security principles, standards, and best practices. Experience with threatmodelling, architectural design reviews, RFP security requirements, third-party risk assessments, network security, IDAM projects, ransomware remediation, pen test scoping, and HLD/ more »
will engineering teams to create solutions that solve or remediate security problems. This will involve a range of activities, including (but not limited to) threatmodelling, selection and configuration of DevSecOps tools, high-level and detailed security designs. About you We are looking for a Senior Security Engineer … with experience in design and implementing cloud native applications in the cloud. You should have demonstrable experience in Threatmodelling, design and implementing security controls in the cloud environment (AWS or Azure) Design and implementing cloud native and hybrid solutions in major public cloud platforms. Understanding of cryptographic more »
london, south east england, United Kingdom Hybrid / WFH Options
Nationwide Building Society
will engineering teams to create solutions that solve or remediate security problems. This will involve a range of activities, including (but not limited to) threatmodelling, selection and configuration of DevSecOps tools, high-level and detailed security designs. About you We are looking for a Senior Security Engineer … with experience in design and implementing cloud native applications in the cloud. You should have demonstrable experience in Threatmodelling, design and implementing security controls in the cloud environment (AWS or Azure) Design and implementing cloud native and hybrid solutions in major public cloud platforms. Understanding of cryptographic more »
and will be responsible for embedding security, including into projects and change programmes. This is a varied role which will see you carrying out threatmodelling, reviewing solution designs and challenging everything to uncover security issues. The role will require you to regularly engage and challenge key senior … have a good understanding of cloud (ideally AWS) and will have worked in a technical security role across different domains. You should have previous threatmodelling experience. There will be the opportunity to manage up to 3 junior product security specialists. The role is offered as remote with more »
Boofuzz/AddressSanitizer) Web Application assessment (e.g. BurpSuite ) Experience of creating new tools and scripts for novel assessment targets and vulnerability classes Experience with threatmodelling and architecture analysis of complex applications. Extensive knowledge of common vulnerabilities in different types of software and programming languages, including: How to … Boofuzz/AddressSanitizer) Web Application assessment (e.g. BurpSuite ) Experience of creating new tools and scripts for novel assessment targets and vulnerability classes Experience with threatmodelling and architecture analysis of complex applications. Extensive knowledge of common vulnerabilities in different types of software and programming languages, including: How to more »
Skelmersdale, Lancashire, North West, United Kingdom Hybrid / WFH Options
Police Digital Services
Join Police Digital Service in a NMC Senior Cyber Threat Intelligence Specialist role (Hybrid/Lancashire) £55,000-£60,000 Police Digital Service are looking to hire a Senior Cyber Threat Intelligence (CTI) Specialist. This role is recommended for those with significant cyber threat intelligence experience As … a member of the Threat Intelligence team, you'll be involved with: Developing awareness for the policing community of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. Reporting cyber risks to service, executive, and operational stakeholders for mitigation decisions. Limiting the … impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. Constraining attack surfaces through proactive threat intelligence working directly alongside the threat hunting and malware service. About Police Digital Service We exist to harness the power of digital, data and technology to enable more »
varied role where you'll lead and manage the day to day operations of the Security Operations Centre (SOC); this includes security event monitoring, threat monitoring and response activities. You'll also provide guidance in the event of escalations to help ensure Legal and General’s cyber threats are … process adherence and identifying continuous improvement activities needed to achieve operational performance and risk management objectives related to the SOC Driving the development of threat management, threatmodelling and identification of new threat vectors by keeping up to date with industry activity and methodology, to help … revising and re-defining SOC service catalogue and the associated technologies, processes, talent (people) and data requirements to ensure it meets the continually evolving threat and business landscapes Managing, motivating and developing employees at all levels to maximise the performance of the area Qualifications Naturally you will come from more »
varied role where you'll lead and manage the day to day operations of the Security Operations Centre (SOC); this includes security event monitoring, threat monitoring and response activities. You'll also provide guidance in the event of escalations to help ensure Legal and General’s cyber threats are … process adherence and identifying continuous improvement activities needed to achieve operational performance and risk management objectives related to the SOC Driving the development of threat management, threatmodelling and identification of new threat vectors by keeping up to date with industry activity and methodology, to help … revising and re-defining SOC service catalogue and the associated technologies, processes, talent (people) and data requirements to ensure it meets the continually evolving threat and business landscapes Managing, motivating and developing employees at all levels to maximise the performance of the area Qualifications Naturally you will come from more »
Knowledge/experience of cloud security (AWS/Azure), e.g. web components integration, containerisation (such Docker, Kubernetes, OpenShift) and APIs; Knowledge/experience of threatmodelling and threat assessment; Experience working in an Agile or DevSecOps methodology/tools e.g GIT, Maven/Gradle, Jenkins, Nexus, Terraform more »
with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incident response and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will advise on … 7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incident response and security monitoring Understanding of threatmodelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM, IAM, DLP, LAN/ more »
london, south east england, United Kingdom Hybrid / WFH Options
Hunter Bond
with various other Security personnel Mitigating Information and Cyber based risks Identifying potential threats and risks Assisting with resolution of incidents Incident response and threat hunting Working with threat management frameworks Threat intelligence and continuous improvement Security monitoring and traffic analysis Vulnerability management You will advise on … 7pm on a shift basis to ensure that full coverage is achieved. The ideal candidate will have: Incident response and security monitoring Understanding of threatmodelling Investigation experience into Information and Cyber security incidents Broad technical understanding covering Windows, Linux, Unix, Networking, Cisco, SIEM, IAM, DLP, LAN/ more »
risks. Act as a subject matter expert on security-related matters, collaborating with stakeholders to address security concerns and implement effective solutions. Participate in threat hunting and threatmodelling activities. To be considered for this role, you should have: Must have a strong background in a security more »
risks. Act as a subject matter expert on security-related matters, collaborating with stakeholders to address security concerns and implement effective solutions. Participate in threat hunting and threatmodelling activities. To be considered for this role, you should have: Must have a strong background in a security more »
Leeds, England, United Kingdom Hybrid / WFH Options
MUFG Pension & Market Services
across Cloud and infrastructure components (service, storage, network, data and applications), to deliver end to end Cloud Infrastructure architectures and designs • Strong experience performing threatmodelling and value assessment techniques to assess controls and provide architectural decisions • An ability to identify critical and high priority issues and resolve … to organisational strategy and industry best practice • Providing guidance to key stakeholders on architecture best practice • Maintaining awareness of security trends and the global threat landscape • Continually developing your subject matter expertise in designated areas of specialisation, including performing research and keeping abreast of trend and best practice techniques more »
development and continuous improvement of security processes, policies, standards and other governing documents and ensure compliance. Participate in and support delivery of security audits, threatmodelling and assessments and remediation of findings. Perform in-depth analysis of application code and infrastructure, architecture, and configurations to ensure compliance with more »