51 to 75 of 113 Threat Modelling Jobs in the UK excluding London

security strategy and ensure security is embedded at every stage of development. Key Responsibilities: Perform in-depth security reviews, including secure code reviews and threat modelling. Develop and implement security controls to align with frameworks such as ISO 27001, NIST, and CIS benchmarks. Collaborate with development teams to enhance More ❯

and existing products meet the highest security standards. Develop architectural solutions that prioritize security, working closely with the Solution Architecture team. Create and maintain threat models in collaboration with engineering teams, identifying risks and ensuring secure system deployment. Support engineering teams with security assurance, helping to align testing regimes … What You Will Bring: A strong background in software engineering or cyber security, with a keen understanding of DevSecOps. Experience in application security and threat modelling, with the ability to translate technical vulnerabilities into business risks. Proficiency in implementing SDLC processes, technology, and automation within a DevOps environment. More ❯

of modern technology practices such as test-driven development (TDD), continuous integration, continuous delivery and DevOps a good knowledge of cloud security architecture, including threat modelling, analysis and operations experience developing and implementing technical strategy and standards experience defining and refining technical governance in multidisciplinary agile environments If More ❯

of modern technology practices such as test-driven development (TDD), continuous integration, continuous delivery and DevOps a good knowledge of cloud security architecture, including threat modelling, analysis and operations experience developing and implementing technical strategy and standards experience defining and refining technical governance in multidisciplinary agile environments If More ❯

or equivalent. The candidate should be well-versed in Information security principles at an Intermediate level. Exposure to application security testing (source code review, threat modeling, security testing). Understanding of OWASP, CVSS, the MITRE ATT&CK framework, and the software development lifecycle (SLDC). What is it like More ❯

conjunction with solution architects, product owners, technical leads and embedded security champions to identify the security risks associated with our products using application security threat modelling. You will collaborate with stakeholders to identify secure architectures, best practices and requirements that enable us to deploy secure systems at scale. You … conjunction with solution architects, product owners, technical leads and embedded security champions to identify the security risks associated with our products using application security threat modelling. You will collaborate with stakeholders to identify secure architectures, best practices and requirements that enable us to deploy secure systems at scale. You … aligned with our products. Candidates will have a background in software engineering or cyber security, with knowledge of DevSecOps, familiarity of application security and threat modelling, experience implementing SDLC process, technology, and automation in a DevOps environment; ideally making use of OWASP best practice, experience within agile delivery More ❯

continuously improve the security posture. Responsibilities Implement security controls for cloud infrastructures (AWS and Azure). Develop and engineer cloud security policies, ensuring proactive threat prevention, detection, and forensic analysis. Implement security solutions for containerised environments and microservices (e.g., Kubernetes, Docker). Build and maintain security at every point … in the CI/CD pipeline. Build and integrate security solutions into DevSecOps pipelines, collaborating with UKRI teams. Perform cloud threat modelling and implement countermeasures. Assess third-party cloud and on-premises solutions for security risks and recommend mitigations. Design and enforce cloud security policies, standards, and best More ❯

/Cyber Security background Previous experience developing architecture blueprints, strategies, and roadmaps Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services Practical knowledge of the information security standards domain Experience of working with external audit and certification More ❯

/Cyber Security background Previous experience developing architecture blueprints, strategies, and roadmaps Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services Practical knowledge of the information security standards domain Experience of working with external audit and certification More ❯

compliance. Cloud & Software Development: Experience in security/compliance for cloud environments (AWS, Azure, GCP) and software development. SDLC Knowledge: Understanding of secure coding, threat modelling, and vulnerability management within CI/CD pipelines. Communication: Convey information clearly and effectively to stakeholders. Ensure alignment across teams through regular More ❯

relationships with peers with a strong sense of accountability and ownership. Knowledge of ISO27001, CE, CE+ Key Tasks Create and perform security assessments and threat models Develop, implement & maintain security standards and plans Research weaknesses and find ways to counter them Respond to attack vectors and security incidents, and More ❯

As a Senior Security Penetration Tester , you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate. … actions. Liaise and coordinate with technology and business stakeholders in relation to cyber security patching and vulnerability management issues/actions. Maintain a cyber threat assessment methodology, align to evolving industry standards and integrate into BAU and project-based business processes. Support with proactive threat hunting for new … and emerging cyber threats. Develop and maintain dashboards with cyber security threat and vulnerability metrics. Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001. Base location – Hybrid – Clearwater Court Reading. Working pattern – 36 hours Monday to Friday. What you should bring More ❯

As a Senior Security Penetration Tester , you will be responsible for supporting the design, implementation, and maintenance of TVM (Threat & Vulnerability Management) solutions, controls and processes across the organisation. You will be liaising with Digital teams to ensure appropriate mitigation and remediation of vulnerabilities detected across our IT estate. … actions. Liaise and coordinate with technology and business stakeholders in relation to cyber security patching and vulnerability management issues/actions. Maintain a cyber threat assessment methodology, align to evolving industry standards and integrate into BAU and project-based business processes. Support with proactive threat hunting for new … and emerging cyber threats. Develop and maintain dashboards with cyber security threat and vulnerability metrics. Support compliance with relevant industry standards, regulations, and best practices, such as GDPR, NIS and ISO 27001. Base location - Hybrid - Clearwater Court Reading. Working pattern - 36 hours Monday to Friday. What you should bring More ❯

Responsibilities Lead cyber risk assessment activities across IT and OT environments, correlating outputs into strategic risk tracking. Manage the cyber security risk toolkit , including threat modelling, attack trees, and scenario-based exercises. Develop and implement cyber security policies, processes, and staff training aligned with Secure by Design principles. … Oversee first-line security operations , including outsourced 24/7 SOC management . Define and manage cyber threat intelligence requirements . Provide cyber risk consultancy for business development projects, ensuring regulatory compliance. Contribute to supply chain risk management , assessing supplier security risks. Act as Deputy NIS Reporting Officer (NRO More ❯

tools. Excellent understanding and experience with manual security testing to find vulnerabilities and logical issues. Knowledge and understanding of OWASP and its utilisation within threat modelling. Experience of software development and languages. Working knowledge of CI and CD pipelines and associated security tooling. Use of planned structured methodologies for … considered throughout the lifecycle. Identifying and managing any security flaws within our software through appropriately liaising with external bodies where necessary. Performing risk assessments, threat modelling and design reviews to ensure effective security controls. Identifying opportunities for converting manual tasks into automated processes and identify tooling to support More ❯

design and cloud-native architecture Acting as a key escalation point for vulnerability triage and remediation Delivering developer enablement through workshops and hands-on threat modelling What you’ll bring: 3+ years in application or product security roles Strong grasp of application-level threats, secure design, and remediation More ❯

complex infrastructure environments A strong technical background across Networks, Security, Firewall, Vulnerability Management, SIEM and EDR technologies Experience with cyber security concepts, such as Threat Modelling, Incident Response, Penetration Testing (external/internal) Advanced knowledge of cloud products and services e.g. Azure, Microsoft 365 Emotionally intelligent and able More ❯

customer experience Understanding of mobile app vulnerabilities Provide challenge and assessment of potential technology risks including information and cyber security control weaknesses by performing threat modelling exercises Provide technology risk subject matter expertise and communicate the risk environment to management and other key stakeholders Build solid professional relationships More ❯

customer experience. Understanding of mobile app vulnerabilities. Provide challenge and assessment of potential technology risks including information and cyber security control weaknesses by performing threat modelling exercises. Provide technology risk subject matter expertise and communicate the risk environment to management and other key stakeholders. Build solid professional relationships More ❯

Maintaining a clear delivery matrix and reporting regularly on progress What we’re looking for: Strong knowledge of enterprise security services (e.g., Pen Testing, Threat Modelling, Logging & Monitoring, Incident Response, etc.) Excellent stakeholder management and communication skills Solid documentation and service governance abilities Confident working autonomously and juggling More ❯

Shape, create or own cloud security strategy, policies, tools and services. Evaluate and shape responses to cloud alerts and events from security tools. Conduct threat modelling and develop cloud security incident response plans. Provide security consultation as a cloud security SME in forums and to other teams. Provide More ❯

Python scripting and automation experience for security tasks. Strong cloud experience - preference for AWS. Exposure to CI/CD and pipeline security. Exposure to threat modelling and pen testing. This is an engineering-first technology company, so we're specifically looking to connect with engineers with passion-projects More ❯

all industries. The purpose of this role is to deliver our offensive security services including digital footprint reconnaissance, social engineering, vulnerability assessments, penetration testing, threat modelling, cyber-attack simulation exercises, and more to high profile clients across all industries. You'll benefit from ongoing coaching, career mentoring, and More ❯

trends, cyber threats, and industry issues. Excellent written and oral communication, report writing, and presentation skills. Experience of executing security testing techniques such as threat modelling, reconnaissance, social engineering, enumeration, attack path mapping, exploitation, and clean up from a variety of adversarial perspectives (white/grey/black More ❯

all industries. The purpose of this role is to deliver our offensive security services including digital footprint reconnaissance, social engineering, vulnerability assessments, penetration testing, threat modelling, cyber-attack simulation exercises, and more to high profile clients across all industries. You'll benefit from ongoing coaching, career mentoring, and More ❯