Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join a dynamic team to enhance security through threat modelling and architecture reviews.
- Company: Be part of a leading firm driving digital transformation for clients in a collaborative environment.
- Benefits: Enjoy hybrid work flexibility, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact on security while working with cutting-edge technologies and methodologies.
- Qualifications: 8+ years in tech, strong GCP knowledge, and experience with threat modelling frameworks required.
- Other info: Ideal for those passionate about cybersecurity and eager to learn in a fast-paced setting.
The predicted salary is between 48000 - 72000 £ per year.
As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies.
Your Impact
- Conduct thorough threat modeling exercises utilizing established methodologies and frameworks.
- Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls.
- Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary.
- Deliver comprehensive threat models and related tasks within specified timeframes.
- Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process.
- Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders.
Qualifications
- 8+ years of experience in a range of technologies and processes including proficiency in GCP - essential.
- Strong knowledge of security architecture principles, frameworks, and best practices.
- Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.
- Overall experience in Cybersecurity: 5+ years.
- Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation.
- Knowledge of cloud security frameworks.
- Knowledge of Rest API.
- Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation).
- Familiarity with Jira or other ticketing systems – essential.
- Technical architecture design and review skills – essential.
- Ability to identify vulnerabilities using CWE or OWASP.
- Knowledge of operating systems and their hardening techniques.
- Understanding of development concepts such as CICD, Pipelines, and SDLC.
- Penetration testing knowledge is also super useful.
- Familiarity with Cloud Development Kit (CDK) and GitOps.
- Experience operating in a DevOps/agile team environment.
- Understanding of docker, Kubernetes, serverless architecture, and Helm.
- Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks.
- Strong analytical skills, diligence, and attention to detail.
- Willingness to conduct research using vendor documentation.
- Capability to create and maintain high-quality documentation.
- Possession of an adversary mindset.
- Continuous learning attitude towards new technologies and methodologies.
- Strong problem-solving skills.
- Excellent communication and collaboration abilities.
- Ability to build and nurture relationships across cross-functional teams.
Contact Detail:
ApTask Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Threat Modelling
✨Tip Number 1
Familiarise yourself with the specific threat modelling methodologies mentioned in the job description, such as MITRE ATT&CK and STRIDE. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and commitment to the role.
✨Tip Number 2
Showcase your experience with GCP by preparing examples of past projects where you implemented security architecture principles. Be ready to explain how you identified threats and proposed mitigation strategies in those scenarios.
✨Tip Number 3
Highlight your collaboration skills by preparing anecdotes that illustrate how you've successfully worked with cross-functional teams in the past. This will be crucial, as the role requires strong partnerships with various departments.
✨Tip Number 4
Stay updated on the latest trends and technologies in cybersecurity and cloud security frameworks. Being knowledgeable about current developments will not only help you in interviews but also show your continuous learning attitude, which is highly valued in this role.
We think you need these skills to ace Threat Modelling
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with GCP and threat modelling methodologies like MITRE ATT&CK and STRIDE. Use specific examples from your past roles to demonstrate your expertise in security architecture and cloud security frameworks.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cybersecurity and how your skills align with the job requirements. Mention your experience in conducting technical architecture reviews and your ability to collaborate with cross-functional teams.
Showcase Relevant Projects: If you have worked on projects involving threat modelling or security architecture, include them in your application. Describe your role, the challenges faced, and the outcomes achieved to illustrate your problem-solving skills.
Highlight Continuous Learning: Emphasise your commitment to continuous learning in the field of cybersecurity. Mention any recent certifications, courses, or self-study initiatives that showcase your dedication to staying updated with new technologies and methodologies.
How to prepare for a job interview at ApTask
✨Showcase Your GCP Proficiency
Make sure to highlight your experience with Google Cloud Platform during the interview. Be prepared to discuss specific projects where you've implemented security measures and how you utilised GCP's features to enhance security architecture.
✨Familiarise Yourself with Threat Modelling Methodologies
Brush up on methodologies like MITRE ATT&CK, STRIDE, and PASTA. Be ready to explain how you've applied these frameworks in past roles and how they can be beneficial in identifying and mitigating threats.
✨Demonstrate Your Analytical Skills
Prepare to discuss examples where your analytical skills helped identify vulnerabilities or improve security processes. Use specific instances to illustrate your problem-solving abilities and attention to detail.
✨Emphasise Collaboration and Communication
Since this role involves working with cross-functional teams, be sure to share experiences that showcase your collaboration and communication skills. Highlight how you've successfully partnered with engineering, security, and development teams to achieve common goals.
