FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Information Security Review, Threat Modelling Engineer
DeloitteInformation Security Review & Threat Modelling Engineer at global financial institution. Conducting security reviews and collaborating with engineering teams for compliance and risk mitigation.
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates extensive experience in Cyber Security and Information Security, with a strong focus on infrastructure security, cloud security (AWS and GCP), and secure technical architecture design. Proficient in security assessments, vulnerability identification, and compliance validation, supported by hands-on scripting and knowledge of security methodologies.
Highest-signal resume keywords
Cyber Security ExpertiseCloud Security (AWS/GCP)Threat Modelling (STRIDE, PASTA, MITRE ATT&CK)Infrastructure as Code (Terraform, CloudFormation)Security Testing Experience
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
Cyber SecurityInfrastructure Security ReviewCloud SecurityThreat ModellingInfrastructure as CodePython ScriptingSecurity TestingCompliance ValidationTechnical DocumentationRisk Mitigation Strategies
Soft Skills
Analytical SkillsProblem-Solving SkillsWritten CommunicationVerbal CommunicationStakeholder Management
Tools & Technologies
AWSGCPTerraformCloudFormationCI/CD PipelinesSoftware Development Lifecycle
Certifications & Qualifications
AWS Cloud CertificationGCP Cloud CertificationCyber Security Certification
Industry Keywords
Information SecurityComplianceSecurity AuditsTechnical ArchitectureQuality Control
Tech Stack
Tools & technologiesAWSCloudCyber SecurityGoogle Cloud PlatformPythonSDLCTerraform
About the role
Key responsibilities & impact- Perform end-to-end security reviews of infrastructure products and validate compliance with enterprise information security standards.
- Work closely with engineering teams and third-party vendors to obtain information required for security assessments.
- Review technical documentation and perform hands-on security testing of infrastructure products.
- Identify security vulnerabilities, compliance gaps and non-conformities.
- Produce detailed security findings and recommend remediation or risk mitigation strategies.
- Support Information Security teams throughout remediation activities.
- Design and review secure technical architectures.
- Embed quality control measures across security review processes.
- Produce high-quality technical documentation and maintain audit-ready evidence.
- Manage stakeholder expectations and communicate findings effectively.
- Escalate risks and issues appropriately.
- Support internal and external security audits.
Requirements
What you’ll need- Minimum 6 years’ IT experience, including at least 4 years in Cyber Security/Information Security across cloud and on-premises environments.
- 3-5 years’ experience within Information Security or Information Technology.
- Strong experience reviewing infrastructure security.
- Hands-on cloud security experience across AWS and/or GCP.
- Demonstrated expertise in Threat Modelling methodologies such as STRIDE, PASTA or MITRE ATT&CK/ATLAS.
- Strong understanding of authentication, authorisation, encryption, logging & monitoring, infrastructure security and network segmentation.
- Ability to design and review secure technical architectures.
- Strong understanding of Infrastructure as Code (Terraform and/or CloudFormation).
- Experience with Software Development Lifecycle (SDLC) and CI/CD pipelines.
- Hands-on Python scripting skills with the ability to read, write and analyse scripts.
- Experience across multiple technology domains.
- Security testing experience is advantageous.
- Associate or Professional AWS or GCP Cloud Certification (mandatory).
- Associate or Professional Cyber Security Certification (mandatory).
- Excellent analytical and problem-solving skills.
- Strong written and verbal communication.
- Excellent stakeholder and project management skills.
- Degree in Computer Science, Cyber Security or related discipline preferred.
Benefits
Comp & perks- Holiday pay
- Potential extensions of contract