Enable job alerts via email!
Cyber Threat Modeller & Penetration Tester
Lawrence Harvey
United Kingdom
Hybrid
GBP 80,000 - 100,000
Full time
Job summary
A leading recruitment firm is seeking a Cyber Threat Modeller & Penetration Tester for a hybrid/remote contracting role. You'll lead the threat modelling process, conduct penetration tests, and ensure secure SDLC practices. Ideal candidates will have experience with attack vectors and risk scenarios, alongside documentation skills using tools like Confluence and Jira. This opportunity initially spans until the end of 2025, with potential for extension.
Qualifications
- Experience leading threat modelling processes for security.
- Strong background in manual and automated penetration testing.
- Familiarity with secure SDLC practices and security compliance.
Responsibilities
- Lead the Threat Modelling process for products.
- Perform manual and automated penetration testing on applications.
- Define and enforce secure SDLC practices.
- Document vulnerabilities and risks for stakeholders.
Skills
Tools
My Client are looking for a Cyber Threat Modeller & Penetration Tester for an initial contract opportunity to start ASAP.
IR35 Status: Outside IR35
Rate: Negotiable
Location: Hybrid/Remote
Length: Initially until end of 2025 – with scope to extend
- Lead the Threat Modelling process for new and existing products, identifying attack vectors, threat actors, and risk scenarios.
- Perform penetration testing (manual & automated) on applications, APIs, and infrastructure, prioritizing remediation with development teams.
- Define and enforce secure SDLC practices, supporting architecture and product design with security requirements.
- Partner with Delivery & Project Managers to plan and execute security sign–off gates (OWASP, NCA, 3rd party pentests).
- Support and maintain the Cybersecurity Go–Live Tracker, ensuring alignment between security tasks, releases, and backlog priorities.
- Document vulnerabilities, risks, and mitigations in Confluence, Jira, and security reports for stakeholders.
- Act as focal point for security assessments during release management, bug fixing cycles, and major product launches.
- Collaborate with external vendors (3rd party pentesters, compliance auditors) to coordinate IP whitelisting, credentials, and testing scope.
If you are interested, please apply with your most up to date CV.
Lawrence Harvey is acting as an Employment Business in regards to this position.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
