Deloitte
Senior Threat Modeler
β - Featured Role | Apply direct with Data Freelance Hub
This role is for a Senior Threat Modeler based in London/Belfast, offering a 6-month contract with a competitive day rate. Key skills include threat modeling, cloud and cybersecurity certifications, and proficiency in Python and automation tools.
π - Country
United States
π± - Currency
$ USD
-
π° - Day rate
Unknown
-
ποΈ - Date
June 24, 2026
π - Duration
More than 6 months
-
ποΈ - Location
Unknown
-
π - Contract
Inside IR35
-
π - Security
Unknown
-
π - Location detailed
London, England, United Kingdom
-
π§ - Skills detailed
#Cybersecurity #GCP (Google Cloud Platform) #DevOps #Azure Security #Azure #Documentation #Automation #Logging #MongoDB #Agile #Data Engineering #Programming #Big Data #Pytest #Python #Jira #Terraform #Unit Testing #Infrastructure as Code (IaC) #GitHub #FastAPI #Oracle #Oracle Cloud #Docker #Monitoring #Databricks #Scripting #Security #Defender #Cloud #Snowflake #AWS (Amazon Web Services)
Role description
Role: Senior Threat Modeler
Location: London / Belfast
Start Date: ASAP
End Date: 6 Months
Daily Rate: Competitive Day Rate, Inside IR35
Payroll provider β Rockford Payroll Info for Contingent Workers β Rockford Pay
Responsibilities
β’ Threat Modeling using a documented process.
β’ Development of automation tools as required.
β’ Maintain a high standard of work in identifying threats and specifying mitigating controls.
β’ Attending to the lifecycle of identified threats and controls.
β’ Delivery of threat models and supporting tasks within existing timeframes.
β’ Provide feedback, support, and improvements to the existing threat modeling process.
β’ Present work to seniors, the team, and other technical teams.
β’ Train newer members of the team
β’ Supervise junior members of the team
β’ Run parts of our threat model service
β’ Work with little supervision to complete work
β’ Develop, test, and deploy secure and efficient Python-based applications, adhering to established SDLC processes and quality standards.
Certification Requirements
β’ Youβre expected to have a professional level cloud certification (defined further below) from either AWS, GCP or Azure.
β’ Youβre expected to have a vendors cloud security certification (defined further below) from either AWS, GCP or Azure.
β’ Youβre expected to have a professional cyber-security certification (defined further below).
Technical skills
β’ Youβre expected to have five or more years of experience in several of the following:
β’ IT experience minimum of 10 years with minimum of 4 years Cyber-Security/Information Security β must
β’ Threat Modeling (STRIDE, PASTA, Attack trees, tooling, Att&ck) β must.
β’ Identifying vulnerabilities using CWE or OWASP.
β’ Experience working in a cyber-security role - must.
β’ Security practices pertaining to authentication, authorization, logging/monitoring, encryption, infrastructure security, network/segmentation β must .
β’ Operating systems and their hardening.
β’ Development concepts (such as: CICD, Pipelines, SDLC) β must.
β’ Scripting languages, Infrastructure as Code (Terraform, CloudFormation) β must.
β’ Cloud Development Kit (CDK), GitOps.
β’ Operating in a DevOps / agile team structure.
β’ Jira or other ticketing systems.
β’ Understanding of docker/K8S/serverless/helm β must .
β’ Support or perform pen testing.
β’ Snowflake/MongoDB/Terraform Cloud/GitHub/Databricks.
β’ Design and review technical architectures.
β’ Strong proficiency in Programming Languages, with a preference for Python (asynchronous programming), and FastAPI (must).
β’ Unit Testing: Developing and executing unit tests using frameworks like Pytest to ensure code quality (must).
β’ Ensure all software platforms adhere to the clientβs security standards and Software Development Life Cycle (SDLC) processes (must).
Essential Skills
β’ Analytical, diligence and attention to detail.
β’ Eagerness to research using vendor documentation.
β’ Create and maintain quality documentation.
β’ Experience of regulated environment.
β’ Adversary mindset.
β’ Work with diverse set of people and teams.
β’ Constant learner of new technologies and methodologies.
β’ Problem solver.
β’ Communication and collaboration skills.
β’ Builder of relationships across cross-functional teams.
Education
β’ Bachelor's degree in computer related field or equivalent work experience.
Professional level cloud certification
β’ AWS Certified Solutions Architect, AWS Certified DevOps Engineer
β’ Google Cloud Architect, Cloud Developer, Data Engineer, Network Engineer, and more
β’ Oracle Cloud Infrastructure Certified Architect Professional, Oracle Cloud Infrastructure HPC and Big Data Solutions Associate
β’ Microsoft Certified: Azure Solutions Architect Expert
Cloud security certification
β’ Google Professional Cloud Security Engineer
β’ Microsoft Certified Azure Security Engineer Associate
β’ AWS Certified Security - Specialty
Professional cyber-security certification
β’ ISACA Certified Information Security Manager (CISM)
β’ GIAC Certified Enterprise Defender (GCED), GIAC Certified Intrusion Analyst (GCIA), GIAC Open Source Intelligence (GOSI)
β’ ISC2 Certified Information Systems Security Professional (CISSP)
β’ CompTIA CASP+, CompTIA PenTest+
β’ Microsoft Certified: Identity and Access Administrator Associate
Role: Senior Threat Modeler
Location: London / Belfast
Start Date: ASAP
End Date: 6 Months
Daily Rate: Competitive Day Rate, Inside IR35
Payroll provider β Rockford Payroll Info for Contingent Workers β Rockford Pay
Responsibilities
β’ Threat Modeling using a documented process.
β’ Development of automation tools as required.
β’ Maintain a high standard of work in identifying threats and specifying mitigating controls.
β’ Attending to the lifecycle of identified threats and controls.
β’ Delivery of threat models and supporting tasks within existing timeframes.
β’ Provide feedback, support, and improvements to the existing threat modeling process.
β’ Present work to seniors, the team, and other technical teams.
β’ Train newer members of the team
β’ Supervise junior members of the team
β’ Run parts of our threat model service
β’ Work with little supervision to complete work
β’ Develop, test, and deploy secure and efficient Python-based applications, adhering to established SDLC processes and quality standards.
Certification Requirements
β’ Youβre expected to have a professional level cloud certification (defined further below) from either AWS, GCP or Azure.
β’ Youβre expected to have a vendors cloud security certification (defined further below) from either AWS, GCP or Azure.
β’ Youβre expected to have a professional cyber-security certification (defined further below).
Technical skills
β’ Youβre expected to have five or more years of experience in several of the following:
β’ IT experience minimum of 10 years with minimum of 4 years Cyber-Security/Information Security β must
β’ Threat Modeling (STRIDE, PASTA, Attack trees, tooling, Att&ck) β must.
β’ Identifying vulnerabilities using CWE or OWASP.
β’ Experience working in a cyber-security role - must.
β’ Security practices pertaining to authentication, authorization, logging/monitoring, encryption, infrastructure security, network/segmentation β must .
β’ Operating systems and their hardening.
β’ Development concepts (such as: CICD, Pipelines, SDLC) β must.
β’ Scripting languages, Infrastructure as Code (Terraform, CloudFormation) β must.
β’ Cloud Development Kit (CDK), GitOps.
β’ Operating in a DevOps / agile team structure.
β’ Jira or other ticketing systems.
β’ Understanding of docker/K8S/serverless/helm β must .
β’ Support or perform pen testing.
β’ Snowflake/MongoDB/Terraform Cloud/GitHub/Databricks.
β’ Design and review technical architectures.
β’ Strong proficiency in Programming Languages, with a preference for Python (asynchronous programming), and FastAPI (must).
β’ Unit Testing: Developing and executing unit tests using frameworks like Pytest to ensure code quality (must).
β’ Ensure all software platforms adhere to the clientβs security standards and Software Development Life Cycle (SDLC) processes (must).
Essential Skills
β’ Analytical, diligence and attention to detail.
β’ Eagerness to research using vendor documentation.
β’ Create and maintain quality documentation.
β’ Experience of regulated environment.
β’ Adversary mindset.
β’ Work with diverse set of people and teams.
β’ Constant learner of new technologies and methodologies.
β’ Problem solver.
β’ Communication and collaboration skills.
β’ Builder of relationships across cross-functional teams.
Education
β’ Bachelor's degree in computer related field or equivalent work experience.
Professional level cloud certification
β’ AWS Certified Solutions Architect, AWS Certified DevOps Engineer
β’ Google Cloud Architect, Cloud Developer, Data Engineer, Network Engineer, and more
β’ Oracle Cloud Infrastructure Certified Architect Professional, Oracle Cloud Infrastructure HPC and Big Data Solutions Associate
β’ Microsoft Certified: Azure Solutions Architect Expert
Cloud security certification
β’ Google Professional Cloud Security Engineer
β’ Microsoft Certified Azure Security Engineer Associate
β’ AWS Certified Security - Specialty
Professional cyber-security certification
β’ ISACA Certified Information Security Manager (CISM)
β’ GIAC Certified Enterprise Defender (GCED), GIAC Certified Intrusion Analyst (GCIA), GIAC Open Source Intelligence (GOSI)
β’ ISC2 Certified Information Systems Security Professional (CISSP)
β’ CompTIA CASP+, CompTIA PenTest+
β’ Microsoft Certified: Identity and Access Administrator Associate
