InfoSec Threat Modeler--- Remote
Job Description
Responsibilities:
· Develop training material for how to engage the Threat Management service, make use of technologies, and interpret findings.
· Drive beneficial security change into the business through supporting Developers with creation of threat models for their applications and remediation of potential threats, balancing risk against business need.
· Support the Security Architecture team to develop and mature an Application Threat Modeling Program by defining processes, procedures, controls, KRI's/KPI's, etc., that identify threats early in the development process reducing risks prior to deployment.
· Work with the InfoSec functional teams in the development of the Information Security strategy and roadmap, including and with focus on Threat Modeling; liaison and consult with Enterprise Architecture, IT and the business for ongoing input and awareness
· Advise and Contribute to Strategy and Roadmaps
Qualifications:
· 5-7 years related experience in Cyber Security, Insider Threat, Intelligence Community, Federal Law Enforcement, or a related field
· Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
· Demonstrated experience developing technical threat models
· Demonstrated experience performing security code reviews and explaining results to project teams
· Strong understanding of protocols, networking, firewalls, caching, VIPs, proxies, web applications, and database systems
· Experience with AWS
· Knowledge of several of the following programming languages; Java, C#, Python, C++, Node.JS, JavaScript
· Knowledge in one or several of the following Frontend frameworks; React, Angular, Ember, Vue
· Minimum of 2 years' experience working as an Information Security Threat Modeling subject matter expert at a senior level
· Minimum of 2 years' experience working as an Information Security Professional, preferably within the architecture or engineering disciplines
Desirable:
· Able to provide references to CVEs filled, Bug Bounty Username, or GitHub repositories
· One or more security-related certifications associated with AWS, GCP, or Azure
· CISSP (+ ISSAP), CCSP, CEH, OSCP, CSSLP
Keys to Success in this Role:
· Strong written and verbal communication skills
· Able to mentor and guide team members
· Self-starter, candidate must be able to anticipate tasks and take action
· Excellent presentation, program management and relationship management skills
----
Bharath Pammi Team Lead Direct : 209-431-3453 |
You received this message because you are subscribed to the Google Groups "activeC2CReqBharath3" group.
To unsubscribe from this group and stop receiving emails from it, send an email to activec2creqbharath3+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/activec2creqbharath3/CANoWkO8X9eJ9Z-unNKXtTMnYpWFVhLBj9jNobHmvKzoDX2P_tA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment