Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join a dynamic team to enhance security through threat modelling and architecture reviews.
- Company: Be part of a forward-thinking company driving digital transformation in cybersecurity.
- Benefits: Enjoy flexible work options, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact by safeguarding cloud services and collaborating with top tech professionals.
- Qualifications: 8+ years in cybersecurity, strong GCP knowledge, and experience with threat modelling methodologies required.
- Other info: Ideal for those passionate about continuous learning and working in an agile environment.
The predicted salary is between 43200 - 72000 £ per year.
As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies.
Your Impact
- Conduct thorough threat modeling exercises utilizing established methodologies and frameworks.
- Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls.
- Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary.
- Deliver comprehensive threat models and related tasks within specified timeframes.
- Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process.
- Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders.
Qualifications
- 8+ years of experience in a range of technologies and processes.
- Proficiency in GCP - essential.
- Strong knowledge of security architecture principles, frameworks, and best practices.
- Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.
- Overall experience in Cybersecurity: 5+ years.
- Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation.
- Knowledge of cloud security frameworks.
- Knowledge of Rest API.
- Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation).
- Familiarity with Jira or other ticketing systems – essential.
- Technical architecture design and review skills – essential.
- Ability to identify vulnerabilities using CWE or OWASP.
- Knowledge of operating systems and their hardening techniques.
- Understanding of development concepts such as CICD, Pipelines, and SDLC.
- Penetration testing knowledge is also super useful.
- Familiarity with Cloud Development Kit (CDK) and GitOps.
- Experience operating in a DevOps/agile team environment.
- Understanding of docker, Kubernetes, serverless architecture, and Helm.
- Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks.
- Strong analytical skills, diligence, and attention to detail.
- Willingness to conduct research using vendor documentation.
- Capability to create and maintain high-quality documentation.
- Possession of an adversary mindset.
- Continuous learning attitude towards new technologies and methodologies.
- Strong problem-solving skills.
- Excellent communication and collaboration abilities.
- Ability to build and nurture relationships across cross-functional teams.
Contact Detail:
ApTask Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Engineer
✨Tip Number 1
Familiarise yourself with the specific threat modelling methodologies mentioned in the job description, such as MITRE ATT&CK and STRIDE. Being able to discuss these frameworks confidently during interviews will demonstrate your expertise and understanding of the role.
✨Tip Number 2
Showcase your experience with GCP by preparing examples of past projects where you implemented security architecture principles. Highlighting your hands-on experience with cloud security frameworks will make you stand out as a candidate.
✨Tip Number 3
Brush up on your knowledge of scripting languages and Infrastructure as Code tools like Terraform and CloudFormation. Being able to discuss how you've used these technologies to enhance security measures will be a big plus.
✨Tip Number 4
Prepare to discuss your experience working in cross-functional teams, especially in a DevOps or agile environment. Emphasising your collaboration skills and ability to build relationships will resonate well with the hiring team.
We think you need these skills to ace Cyber Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Cyber Security, particularly focusing on GCP and threat modelling methodologies. Use keywords from the job description to demonstrate your fit for the role.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for Cyber Security and your understanding of the specific challenges faced in threat modelling. Mention your experience with frameworks like MITRE ATT&CK and how you can contribute to the team.
Showcase Relevant Projects: Include specific examples of past projects where you conducted threat modelling or security architecture reviews. Highlight any successful mitigation strategies you implemented and the impact they had on the organisation.
Prepare for Technical Questions: Anticipate technical questions related to security architecture principles and threat modelling methodologies. Be ready to discuss your experience with tools and frameworks, as well as your approach to identifying and mitigating threats.
How to prepare for a job interview at ApTask
✨Showcase Your GCP Expertise
Make sure to highlight your proficiency in Google Cloud Platform during the interview. Be prepared to discuss specific projects where you've implemented security measures in GCP, as this is essential for the role.
✨Familiarise Yourself with Threat Modelling Methodologies
Brush up on threat modelling methodologies like MITRE ATT&CK, STRIDE, and PASTA. Be ready to explain how you've applied these frameworks in past roles and how they can be beneficial in identifying and mitigating threats.
✨Demonstrate Your Collaboration Skills
Since the role requires working closely with various teams, prepare examples of how you've successfully collaborated with engineering, information security, and development teams in previous positions. Highlight your communication skills and ability to build relationships.
✨Prepare for Technical Architecture Discussions
Expect to discuss technical architecture reviews and your approach to identifying vulnerabilities. Be ready to share your experience with security architecture principles and how you've conducted reviews to pinpoint security opportunities.
