Information Security Review & Threat Modelling Engineer (ISRP Manifold)
London, United Kingdom | Posted on 08/07/2026
Contract Role: Information Security Review & Threat Modelling Engineer (ISRP Manifold)
Contract Location: London/Belfast (Hybrid)
Contract Duration: 6 months initially (with potential extension)
Contract Start Date: Immediate
Contract Classification: Inside IR35
Daily Rate breakdown:
Traditional Daily Rate: £450
This is an exciting opportunity to join a leading global Tier 1 financial institution undergoing a major transformation of its technology landscape.
We are seeking experienced Information Security Review & Threat Modelling Engineers to join a high‑performing cyber security team. The successful candidate will be responsible for conducting security reviews of infrastructure products before production deployment, ensuring compliance with enterprise security standards, identifying security risks, and recommending remediation activities.
Key Responsibilities
- Perform end‑to‑end security reviews of infrastructure products and validate compliance with enterprise information security standards.
- Work closely with engineering teams and third‑party vendors to obtain information required for security assessments.
- Review technical documentation and perform hands‑on security testing of infrastructure products.
- Identify security vulnerabilities, compliance gaps and non‑conformities.
- Produce detailed security findings and recommend remediation or risk mitigation strategies.
- Support Information Security teams throughout remediation activities.
- Design and review secure technical architectures.
- Embed quality control measures across security review processes.
- Produce high‑quality technical documentation and maintain audit‑ready evidence.
- Manage stakeholder expectations and communicate findings effectively.
- Escalate risks and issues appropriately.
- Support internal and external security audits.
Requirements
- Minimum 6 years’ IT experience, including at least 4 years in Cyber Security/Information Security across cloud and on‑premises environments.
- 3-5 years’ experience within Information Security or Information Technology.
- Strong experience reviewing infrastructure security.
- Hands‑on cloud security experience across AWS and/or GCP.
- Demonstrated expertise in Threat Modelling methodologies such as STRIDE, PASTA or MITRE ATT&CK/ATLAS.
- Strong understanding of authentication, authorisation, encryption, logging & monitoring, infrastructure security and network segmentation.
- Ability to design and review secure technical architectures.
- Strong understanding of Infrastructure as Code (Terraform and/or CloudFormation).
- Experience with Software Development Lifecycle (SDLC) and CI/CD pipelines.
- Hands‑on Python scripting skills with the ability to read, write and analyse scripts.
- Experience across multiple technology domains.
- Security testing experience is advantageous.
Qualifications
- Associate or Professional AWS or GCP Cloud Certification (mandatory).
- Associate or Professional Cyber Security Certification (mandatory).
- Security‑first mindset with the ability to think like an attacker.
- Excellent analytical and problem‑solving skills.
- Strong written and verbal communication.
- Excellent stakeholder and project management skills.
- Degree in Computer Science, Cyber Security or related discipline preferred.
#J-18808-Ljbffr…
