Information Security Review & Threat Modelling Engineer at Deloitte - ScoutJobs - The AI-curated global job board
Skip to content
Deloitte
Posted a day ago

Information Security Review & Threat Modelling Engineer

Deloitte

Requirements

6 years IT experience, 4 years Cyber Security experience, Cloud security expertise (AWS/GCP), Threat modelling (STRIDE/PASTA/MITRE), Infrastructure as Code (Terraform/CloudFormation), Python scripting, AWS or GCP Cloud Certification, Cyber Security Certification

Skills

AWSGCPPythonTerraformThreat Modelling

About the role

Responsibilities

  • Perform end-to-end security reviews of infrastructure products to ensure compliance with enterprise information security standards.
  • Conduct threat modelling using methodologies such as STRIDE, PASTA, or MITRE ATT&CK/ATLAS.
  • Identify security vulnerabilities, compliance gaps, and non-conformities within technical architectures.
  • Produce detailed security findings and recommend effective remediation or risk mitigation strategies.
  • Work closely with engineering teams and third-party vendors to validate secure technical architectures.
  • Support internal and external security audits by maintaining high-quality technical documentation and audit-ready evidence.
  • Embed quality control measures across security review processes and manage stakeholder expectations.

Requirements

  • Minimum 6 years of IT experience, including at least 4 years specifically in Cyber Security/Information Security.
  • Hands-on cloud security expertise across AWS and/or GCP environments.
  • Demonstrated expertise in Threat Modelling methodologies (STRIDE, PASTA, or MITRE).
  • Strong understanding of Infrastructure as Code (Terraform and/or CloudFormation).
  • Proficiency in Python scripting with the ability to read, write, and analyse scripts.
  • Deep understanding of authentication, authorisation, encryption, logging, monitoring, and network segmentation.
  • Experience working within the Software Development Lifecycle (SDLC) and CI/CD pipelines.
  • Mandatory Associate or Professional AWS or GCP Cloud Certification.
  • Mandatory Associate or Professional Cyber Security Certification.

Preferred Qualifications

  • Degree in Computer Science, Cyber Security, or a related discipline.
  • Practical experience in security testing.

About the Company

Deloitte is a leading global provider of professional services, supporting major financial institutions through large-scale technology transformations and high-performance cyber security initiatives.

ScoutJobs Agent

Get matches like this delivered daily

Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.

Get started — it's free

Information Security Review & Threat Modelling Engineer

Deloitte · London

Sign up to apply