What you'll do
* You will be able to perform an end-to-end threat model, using the STRIDE methodology, independently of any help. This means to organise, perform, document, and follow up on the threat models taking place.
* Perform threat modelling for AI-enabled systems, including LLM-based and agentic architectures, identifying risks introduced by autonomy, tool use, memory, and orchestration layers.
* Work with engineering and product teams to define secure design patterns, guardrails, and mitigations for AI agents (e.g. least-privilege tool access, human-in-the-loop controls).
* Proficient in managing your workload independently and familiarise yourself with industry business practices and procedures while taking ownership of your development pathway alongside your line manager and colleagues.
* You will evangelise about the benefits Cyber can offer the business and are confident running workshops and initiatives to spread the word.
* You will coach and assist junior members of the team to improve their skills, knowledge or behaviours.
* Support external departments by working on bespoke integrations and sharing of information.
* Engage with cyber stakeholders, the wider business, and external entities to facilitate and support the delivery of cyber services and initiatives.
* Always look to improve your understanding and knowledge of the following.
* Regulatory requirements on our business. TSA, PCI, SWIFT, GDPR (not an exhaustive list)
* Architectural domains. DLP, CLOUD, IDAM, LOGGING & MONITERING (not an exhaustive list)
* Departments and their verticals. CONTENT, CUSTOMER, ISP, PRODUCT, DIGITAL, DATA (not an exhaustive list)
What you'll bring
* Experience providing end-to-end threat models, using the STRIDE methodology in an Enterprise level business.
* Strong understanding of AI-specific threat classes, such as prompt injection, model abuse, data leakage, insecure plugin/tool execution, and emergent agent behaviour.
* Live the Sky Values and demonstrate enthusiasm and a can-do attitude.
* Demonstrate a passion for cyber security and have a positive outlook and approach to the work we do.
* Experience in working within a typical Cyber/Infosec field, dealing with subjects ranging from technologies, compliance, or regulatory frameworks that have an impact on the Cyber function or offerings.
* Strong skills in analytical, decision making, verbal and written communication capabilities.
* Excellent teamwork skills to collaborate, share and support colleagues.
* A desire to learn, and share your knowledge within the team.
Team overview
Our products, platforms and technologies are constantly evolving that's why keeping Sky safe from cyber-attacks is one of our top priorities. Our Cyber Security team helps the business grow while protecting our customers, colleagues and partners from increasingly sophisticated cyber threats. Our global team works across the UK, US & India. As the business adopts AI and autonomous technologies, the team plays a key role in ensuring these systems are designed and operated securely and responsibly. Join us and you'll get involved in tackling challenges and future threats in an ever-changing cyber landscape.
Inclusion & how you'll work
We are a Disability Confident Employer, and welcome and encourage applications from all candidates. We will look to ensure a fair and consistent experience for all, and will make reasonable adjustments to support you where appropriate. Please flag any adjustments you need to your recruiter as early as you can.
We've embraced hybrid working and split our time between unique office spaces and the convenience of working from home. You'll find out more about what hybrid working looks like for your role later on in the recruitment process.
The rewards
* Sky Q, for the TV you love all in one place
* The magic of Sky Glass at an exclusive rate
* A generous pension package
* Private healthcare
* Discounted mobile and broadband
* A wide range of Sky VIP rewards and experiences
Just so you know: if your application is successful, we'll ask you to complete a criminal record check. And depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer.
#J-18808-Ljbffr