Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Deloitte

Information Security Review, Threat Modelling Engineer

Deloitte

Information Security Review & Threat Modelling Engineer at global financial institution. Conducting security reviews and collaborating with engineering teams for compliance and risk mitigation.

Posted 7/9/2026contractLondon • 🇬🇧 United KingdomMid-LevelSenior💰 £450 per dayWebsite

Tech Stack

Tools & technologies
AWSCloudCyber SecurityGoogle Cloud PlatformPythonSDLCTerraform

About the role

Key responsibilities & impact
  • Perform end-to-end security reviews of infrastructure products and validate compliance with enterprise information security standards.
  • Work closely with engineering teams and third-party vendors to obtain information required for security assessments.
  • Review technical documentation and perform hands-on security testing of infrastructure products.
  • Identify security vulnerabilities, compliance gaps and non-conformities.
  • Produce detailed security findings and recommend remediation or risk mitigation strategies.
  • Support Information Security teams throughout remediation activities.
  • Design and review secure technical architectures.
  • Embed quality control measures across security review processes.
  • Produce high-quality technical documentation and maintain audit-ready evidence.
  • Manage stakeholder expectations and communicate findings effectively.
  • Escalate risks and issues appropriately.
  • Support internal and external security audits.

Requirements

What you’ll need
  • Minimum 6 years’ IT experience, including at least 4 years in Cyber Security/Information Security across cloud and on-premises environments.
  • 3-5 years’ experience within Information Security or Information Technology.
  • Strong experience reviewing infrastructure security.
  • Hands-on cloud security experience across AWS and/or GCP.
  • Demonstrated expertise in Threat Modelling methodologies such as STRIDE, PASTA or MITRE ATT&CK/ATLAS.
  • Strong understanding of authentication, authorisation, encryption, logging & monitoring, infrastructure security and network segmentation.
  • Ability to design and review secure technical architectures.
  • Strong understanding of Infrastructure as Code (Terraform and/or CloudFormation).
  • Experience with Software Development Lifecycle (SDLC) and CI/CD pipelines.
  • Hands-on Python scripting skills with the ability to read, write and analyse scripts.
  • Experience across multiple technology domains.
  • Security testing experience is advantageous.
  • Associate or Professional AWS or GCP Cloud Certification (mandatory).
  • Associate or Professional Cyber Security Certification (mandatory).
  • Excellent analytical and problem-solving skills.
  • Strong written and verbal communication.
  • Excellent stakeholder and project management skills.
  • Degree in Computer Science, Cyber Security or related discipline preferred.

Benefits

Comp & perks
  • Holiday pay
  • Potential extensions of contract

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Cyber SecurityInfrastructure Security ReviewCloud SecurityThreat ModellingInfrastructure as CodePython ScriptingSecurity TestingCompliance ValidationTechnical DocumentationRisk Mitigation Strategies
Soft Skills
Analytical SkillsProblem-Solving SkillsWritten CommunicationVerbal CommunicationStakeholder Management
Certifications
AWS Cloud CertificationGCP Cloud CertificationCyber Security Certification