Threat Modeler

Your Primary Responsibilities

• Perform threat modeling to identify use cases, threat agents, attack vectors and patterns, design patterns, and compensating controls needed to mitigate risk.?
• Performs threat modeling with software development lifecycle (SDLC) and in partnership with stakeholders and development teams
• Ability to execute multiple threat modeling engagements concurrently
• Maintain threat models and update as necessary to reflect significant changes in application design
• Implement methodologies and frameworks such as STRIDE, Kill Chains, or similar attack trees within threat models

Talents needed for Success:

• Minimum of 6 years of related experience
• Bachelors Degree and/or equivalent experience
• Minimum of 6 years of experience in application security
• Minimum of 4 years of experience in threat modeling
• Broad knowledge of application layer technologies
• Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques
• Understanding of MITRE Framework and adversarial methodologies
• Ability to communicate technical issues to a non-technical executive audience
• Ability to work under pressure, multitask and be flexible
• Prior experience with threat modeling platforms is a huge plus

Must have:

• Minimum of 6 years of related experience
• Bachelors Degree and/or equivalent experience
• Minimum of 6 years of experience in application security
• Minimum of 4 years of experience in threat modeling
• Broad knowledge of application layer technologies
• Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques
• Understanding of MITRE Framework and adversarial methodologies
• Ability to communicate technical issues to a non-technical executive audience
• Ability to work under pressure, multitask and be flexible
• Prior experience with threat modeling platforms is a huge plus