Cybersecurity Engineer - Threat Modelling

London, England, United Kingdom

We're looking for a hands-on Cybersecurity Engineer to join our Cybersecurity team to strengthen the security posture of our applications, data, infrastructure, and processes.

The role combines both hands-on technical expertise to uncover and remediate vulnerabilities and people skills to partner with various teams across the firm, guide teams to analyze the security implications of design decisions and guide them to build security into their applications from the ground up.

The role will leverage your hands-on offensive background to identify threats and require you to dive deep into the technical details and help build tailored security solutions and develop creative approaches to complex challenges. This role will require practical threat modeling skills and the ability to translate security principles into concrete architectural improvements.

The role also involves having conversations with system owners who understand their applications but may not recognize potential exploits, partnering with them to identify and help resolve vulnerabilities, and balancing tradeoffs between security controls and business requirements.

As a member of the Cybersecurity team, you’ll join a skilled group of programmers and security experts dedicated to keeping the firm safe. Our work covers a wide range of topics, from software engineering and DevOps to risk analysis, security governance, and cyber awareness.

• Apply hands-on offensive security background to identify threats and vulnerabilities in systems, applications, data, and infrastructure.
• Partner with system owners and engineers to analyze security implications of design decisions and to bake security into applications from the ground up.
• Translate security principles into concrete architectural improvements through practical threat modeling.
• Balance security controls with business requirements, documenting rationale and trade-offs.
• Collaborate with the Cybersecurity team on a range of topics including software engineering, DevOps, risk analysis, and governance.

• Offensive security background
• Can help build and implement secure solutions from the ground up
• Equally comfortable breaking down complex problems on a whiteboard and taking a hands-on approach to problem-solving and troubleshooting
• Skilled at evaluating security tradeoffs and making risk-based decisions
• An excellent communicator who thrives on talking to people and building relationships; a collaborative mindset is a must
• Ability to teach others and transfer knowledge about threat modeling
• Strong Linux background — you know your way around a terminal and are confident in your scripting ability
• Comfortable taking accountability and able to document your decision-making rationale
• Proficiency in any programming language is a plus
• Fluency in English required