Senior Threat Modelling Analyst (STRIDE)

We believe in better. And we make it happen.

Better content. Better products. And better careers.

Working in Tech, Product or Data at Sky is about building the next and the new. From broadband to broadcast, streaming to mobile, SkyQ to Sky Glass, we never stand still. We optimise and innovate.

We turn big ideas into the products, content and services millions of people love.

And we do it all right here at Sky.

For this role we offer the hybrid working approach with 2 days a week onsite in Osterley campus.

What you'll do

You will be able to perform an end-to-end threat model, using the STRIDE methodology, independently of any help. This means to organise, perform, document, and follow up on the threat models taking place.

Perform threat modelling for AI-enabled systems, including LLM-based and agentic architectures, identifying risks introduced by autonomy, tool use, memory, and orchestration layers.

Work with engineering and product teams to define secure design patterns, guardrails, and mitigations for AI agents (e.g. least-privilege tool access, human-in-the-loop controls.

Proficient in managing your workload independently and familiarise yourself with industry business practices and procedures while taking ownership of your development pathway alongside your line manager and colleagues.

You will evangelise about the benefits Cyber can offer the business and are confident running workshops and initiatives to spread the word.

You will coach and assist junior members of the team to improve their skills, knowledge or behaviours.

Support external departments by working on bespoke integrations and sharing of information.

Engage with cyber stakeholders, the wider business, and external entities to facilitate and support the delivery of cyber services and initiatives.

Always look to improve you understand and knowledge of the following.

Regulatory requirements on our business. TSA, PCI, SWIFT, GDPR (not an exhaustive list)

Architectural domains. DLP, CLOUD, IDAM, LOGGING & MONITERING (not an exhaustive list)

Departments and their verticals. CONTENT, CUSTOMER, ISP, PRODUCT, DIGITAL, DATA (not an exhaustive list)

What you'll bring

Experience providing end-to-end threat models, using the STRIDE methodology in an Enterprise level business.

Strong understanding of AI-specific threat classes, such as prompt injection, model abuse, data leakage, insecure plugin/tool execution, and emergent agent behaviour.

Live the Sky Values and demonstrate enthusiasm and a can-do attitude.

Demonstrate a passion for cyber security and have a positive outlook and approach to the work we do.

Experience in working within a typical Cyber/Infosec field, dealing with subjects ranging from technologies, compliance, or regulatory frameworks that have an impact on the Cyber function or offerings.

Strong skills in analytical, decision making, verbal and written communication capabilities.

Excellent teamwork skills to collaborate, share and support colleagues.

A desire to learn, and share your knowledge within the team.

Team overview

Cyber Security

Our products, platforms and technologies are constantly evolving that's why keeping Sky safe from cyber-attacks is one of our top priorities. Our Cyber Security team helps the business grow while protecting our customers, colleagues and partners from increasingly sophisticated cyber threats. Our global team works across the UK, US & India. As the business adopts AI and autonomous technologies, the team plays a key role in ensuring these systems are designed and operated securely and responsibly. Join us and you'll get involved in tackling challenges and future threats in an ever-changing cyber landscape.

The rewards

There's one thing people can't stop talking about when it comes to #LifeAtSky : the perks . Here's a taster:

Sky Q, for the TV you love all in one place

The magic of Sky Glass at an exclusive rate

A generous pension package

Private healthcare

Discounted mobile and broadband

A wide range of Sky VIP rewards and experiences

Inclusion & how you'll work

We are a Disability Confident Employer, and welcome and encourage applications from all candidates. We will look to ensure a fair and consistent experience for all, and will make reasonable adjustments to support you where appropriate . Please flag any adjustments you need to your recruiter as early as you can.

We've embraced hybrid working and split our time between unique office spaces and the convenience of working from home. You'll find out more about what hybrid working looks like for your role later on in the recruitment process.

Your office space

Osterley

Our Osterley Campus is a 10-minute walk from Syon Lane train station. Or you can hop on one of our free shuttle buses that run to and from Osterley, Gunnersbury, Ealing Broadway and South Ealing tube stations. There's also plenty of bike shelters and showers.

On campus, you'll find 13 subsidised restaurants, cafes, and a Waitrose. You can keep in shape at our subsidised gym, catch the latest shows and movies at our cinema, get your car washed and even get pampered at our beauty salon.

Leeds

Our spacious tech hub is under a mile away from Leeds train station. There's plenty of parking in the surrounding streets and at the nearby CitiPark .

You can also blow off steam over a game of pool or table tennis, and stay fit at our subsidised gym.