Information Security Review & Threat Modelling Engineer (ISRP Manifold)

Information Security Review & Threat Modelling Engineer (ISRP Manifold)

Full-Time 45000 - 60000 £ / year (est.) No working from home possible
Deloitte - Recruitment

At a Glance

  • Tasks: Conduct security reviews and threat modelling for cutting-edge infrastructure products.
  • Company: Join a leading global Tier 1 financial institution transforming its tech landscape.
  • Benefits: Competitive daily rate, hybrid work model, and potential contract extension.
  • Other info: Dynamic environment with opportunities for professional growth and development.
  • Why this job: Make a real impact in cyber security while working with top-tier professionals.
  • Qualifications: 6+ years IT experience, strong cloud security knowledge, and relevant certifications.

The predicted salary is between 45000 - 60000 £ per year.

  • Information Security Review & Threat Modelling Engineer (ISRP Manifold)
  • London, United Kingdom | Posted on 08/07/2026

Contract Role

Information Security Review & Threat Modelling Engineer (ISRP Manifold)

Contract Location

London/Belfast (Hybrid)

Contract Duration

6 months initially (with potential extension)

Contract Start Date

Immediate

Contract Classification

Inside IR35

Daily Rate breakdown

Traditional Daily Rate

£450

This is an exciting opportunity to join a leading global Tier 1 financial institution undergoing a major transformation of its technology landscape.

We are seeking experienced Information Security Review & Threat Modelling Engineers to join a high‑performing cyber security team.

The successful candidate will be responsible for conducting security reviews of infrastructure products before production deployment, ensuring compliance with enterprise security standards, identifying security risks, and recommending remediation activities.

Key Responsibilities

  • Perform end‑to‑end security reviews of infrastructure products and validate compliance with enterprise information security standards.
  • Work closely with engineering teams and third‑party vendors to obtain information required for security assessments.
  • Review technical documentation and perform hands‑on security testing of infrastructure products.
  • Identify security vulnerabilities, compliance gaps and non‑conformities.
  • Produce detailed security findings and recommend remediation or risk mitigation strategies.
  • Support Information Security teams throughout remediation activities.
  • Design and review secure technical architectures.
  • Embed quality control measures across security review processes.
  • Produce high‑quality technical documentation and maintain audit‑ready evidence.
  • Manage stakeholder expectations and communicate findings effectively.
  • Escalate risks and issues appropriately.
  • Support internal and external security audits.

Requirements

  • Minimum 6 years’ IT experience, including at least 4 years in Cyber Security/Information Security across cloud and on‑premises environments.
  • 3-5 years’ experience within Information Security or Information Technology.
  • Strong experience reviewing infrastructure security.
  • Hands‑on cloud security experience across AWS and/or GCP.
  • Demonstrated expertise in Threat Modelling methodologies such as STRIDE, PASTA or MITRE ATT&CK/ATLAS.
  • Strong understanding of authentication, authorisation, encryption, logging & monitoring, infrastructure security and network segmentation.
  • Ability to design and review secure technical architectures.
  • Strong understanding of Infrastructure as Code (Terraform and/or Cloud Formation).
  • Experience with Software Development Lifecycle (SDLC) and CI/CD pipelines.
  • Hands‑on Python scripting skills with the ability to read, write and analyse scripts.
  • Experience across multiple technology domains.
  • Security testing experience is advantageous.

Qualifications

  • Associate or Professional AWS or GCP Cloud Certification (mandatory).
  • Associate or Professional Cyber Security Certification (mandatory).
  • Security‑first mindset with the ability to think like an attacker.
  • Excellent analytical and problem‑solving skills.
  • Strong written and verbal communication.
  • Excellent stakeholder and project management skills.
  • Degree in Computer Science, Cyber Security or related discipline preferred.
  • #J-18808-Ljbffr
Deloitte - Recruitment

Contact Details:

Deloitte - Recruitment Recruitment Team

We think you need these skills to ace Information Security Review & Threat Modelling Engineer (ISRP Manifold)

Information Security Review
Threat Modelling
Cyber Security
Infrastructure Security
Cloud Security (AWS and/or GCP)
STRIDE
PASTA