Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Deloitte

Information Security Review, Threat Modelling Engineer

Deloitte

Information Security Review & Threat Modelling Engineer at global financial institution. Conducting security reviews and collaborating with engineering teams for compliance and risk mitigation.

Posted 7/9/2026contractLondon • 🇬🇧 United KingdomMid-LevelSenior💰 £450 per dayWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates extensive experience in Cyber Security and Information Security, with a strong focus on infrastructure security, cloud security (AWS and GCP), and secure technical architecture design. Proficient in security assessments, vulnerability identification, and compliance validation, supported by hands-on scripting and knowledge of security methodologies.

Highest-signal resume keywords
Cyber Security ExpertiseCloud Security (AWS/GCP)Threat Modelling (STRIDE, PASTA, MITRE ATT&CK)Infrastructure as Code (Terraform, CloudFormation)Security Testing Experience

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
Cyber SecurityInfrastructure Security ReviewCloud SecurityThreat ModellingInfrastructure as CodePython ScriptingSecurity TestingCompliance ValidationTechnical DocumentationRisk Mitigation Strategies
Soft Skills
Analytical SkillsProblem-Solving SkillsWritten CommunicationVerbal CommunicationStakeholder Management
Tools & Technologies
AWSGCPTerraformCloudFormationCI/CD PipelinesSoftware Development Lifecycle
Certifications & Qualifications
AWS Cloud CertificationGCP Cloud CertificationCyber Security Certification
Industry Keywords
Information SecurityComplianceSecurity AuditsTechnical ArchitectureQuality Control

Tech Stack

Tools & technologies
AWSCloudCyber SecurityGoogle Cloud PlatformPythonSDLCTerraform

About the role

Key responsibilities & impact
  • Perform end-to-end security reviews of infrastructure products and validate compliance with enterprise information security standards.
  • Work closely with engineering teams and third-party vendors to obtain information required for security assessments.
  • Review technical documentation and perform hands-on security testing of infrastructure products.
  • Identify security vulnerabilities, compliance gaps and non-conformities.
  • Produce detailed security findings and recommend remediation or risk mitigation strategies.
  • Support Information Security teams throughout remediation activities.
  • Design and review secure technical architectures.
  • Embed quality control measures across security review processes.
  • Produce high-quality technical documentation and maintain audit-ready evidence.
  • Manage stakeholder expectations and communicate findings effectively.
  • Escalate risks and issues appropriately.
  • Support internal and external security audits.

Requirements

What you’ll need
  • Minimum 6 years’ IT experience, including at least 4 years in Cyber Security/Information Security across cloud and on-premises environments.
  • 3-5 years’ experience within Information Security or Information Technology.
  • Strong experience reviewing infrastructure security.
  • Hands-on cloud security experience across AWS and/or GCP.
  • Demonstrated expertise in Threat Modelling methodologies such as STRIDE, PASTA or MITRE ATT&CK/ATLAS.
  • Strong understanding of authentication, authorisation, encryption, logging & monitoring, infrastructure security and network segmentation.
  • Ability to design and review secure technical architectures.
  • Strong understanding of Infrastructure as Code (Terraform and/or CloudFormation).
  • Experience with Software Development Lifecycle (SDLC) and CI/CD pipelines.
  • Hands-on Python scripting skills with the ability to read, write and analyse scripts.
  • Experience across multiple technology domains.
  • Security testing experience is advantageous.
  • Associate or Professional AWS or GCP Cloud Certification (mandatory).
  • Associate or Professional Cyber Security Certification (mandatory).
  • Excellent analytical and problem-solving skills.
  • Strong written and verbal communication.
  • Excellent stakeholder and project management skills.
  • Degree in Computer Science, Cyber Security or related discipline preferred.

Benefits

Comp & perks
  • Holiday pay
  • Potential extensions of contract