Cyber Security Threat Modeller

**WPP** is the creative transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities.**

**Working at WPP means being part of a global network of more than 115,000 accomplished people in 110 countries. WPP has headquarters in New York, London and Singapore and a corporate presence in major markets worldwide.**

**We create transformative ideas and outcomes for our clients through an integrated offer of communications, experience, commerce, and technology.**

**WPP and our award-winning agencies work with most of the world's biggest companies and organisations - from Ford, Unilever and P&G to Google, HSBC, and the UN. Our clients include 61 of the FTSE 100, 307 of the Fortune Global 500, all 30 of the Dow Jones 30 and 62 of the NASDAQ 100. WPP are the leader in the Bloomberg Gender Equality Index and 20th in the FTSE 100 rankings for Women on Boards.**

**Why we're hiring**:
The Threat Modeller reports directly to the Cyber Security, Senior Threat Modeller and will act as a capability enabler for the Cyber Security Operations function within the wider WPP IT Cyber Security Team.
The role holder will be responsible for delivering cyber threat modelling within the organisation's cyber security functions. They will work on and analyse Threat situations as advised and allocated by their line management.
The role holder will successfully promote the further adoption of centralised security services and drive consistency and continual improvement across the business.

**What you'll be doing**:

- Develop and implement a framework for effectively modelling threat actor behaviour
- Utilise established threat modelling concepts and frameworks to create defences by emulating a range of adversaries
- Inform detection, alerting rules, and design security controls with a particular focus on detection of threat, informed by threat modelling concepts

**What you'll need**:
**Qualification Requirements (Desirable)**
- MSC Information Technology degree (desirable but not essential)
- CISSP or similar

**Skills / Experience Requirements**
- Familiarity with threat modelling methodologies e.g., the Diamond model, Kill Chain, F3EAD, PASTA, STRIDE, etc.
- Understanding of network protocols, attack lifecycles, actor tradecraft and high-profile cyber incidents
- Ability to liaise with other security and IT teams and interact with both technical and non-technical stakeholders across different business units
- Hands-on expertise in MITRE Attack, User Behaviour Analytics and SIEM tools (e.g., Sentinel, QRadar, Splunk)
- Be versatile and proactive

**Who you are**:
**You're open**_:_** **We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are accepting: of new ideas, new partnerships, new ways of working.

**You're optimistic**_:_** We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.

**You're extraordinary**: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.

**What we'll give you**:
**Passionate, inspired people** - We promote a culture of people that do extraordinary work.

**Scale and opportunity** - We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.

**Challenging and stimulating work** - Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?