Role :: Threat Modeler
Rate - $80-85/hr. on C2C
Location :: Remote
Responsibilities:
· Develop training material for how to engage the Threat Management service, make use of technologies, and interpret findings.
· Drive beneficial security change into the business through supporting Developers with creation of threat models for their applications and remediation of potential threats, balancing risk against business need.
· Support the Security Architecture team to develop and mature an Application Threat Modeling Program by defining processes, procedures, controls, KRI’s/KPI’s, etc., that identify threats early in the development process reducing risks prior to deployment.
· Work with the InfoSec functional teams in the development of the Information Security strategy and roadmap, including and with focus on Threat Modeling; liaison and consult with Enterprise Architecture, IT and the business for ongoing input and awareness
· Advise and Contribute to Strategy and Roadmaps
Qualifications:
· 5-7 years related experience in Cyber Security, Insider Threat, Intelligence Community, Federal Law Enforcement, or a related field
· Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
· Demonstrated experience developing technical threat models
· Demonstrated experience performing security code reviews and explaining results to project teams
· Strong understanding of protocols, networking, firewalls, caching, VIPs, proxies, web applications, and database systems
· Experience with AWS
· Knowledge of several of the following programming languages; Java, C#, Python, C++, Node.JS, JavaScript
· Knowledge in one or several of the following Frontend frameworks; React, Angular, Ember, Vue
· Minimum of 2 years’ experience working as an Information Security Threat Modeling subject matter expert at a senior level
· Minimum of 2 years’ experience working as an Information Security Professional, preferably within the architecture or engineering disciplines
Desirable:
· Able to provide references to CVEs filled, Bug Bounty Username, or GitHub repositories
· One or more security-related certifications associated with AWS, GCP, or Azure
· CISSP (+ ISSAP), CCSP, CEH, OSCP, CSSLP
Keys to Success in this Role:
· Strong written and verbal communication skills
· Able to mentor and guide team members
· Self-starter, candidate must be able to anticipate tasks and take action
· Excellent presentation, program management and relationship management skills
Similar Jobs
What you need to know about the San Francisco Tech Scene
Key Facts About San Francisco Tech
- Number of Tech Workers: 365,500; 13.9% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Google, Apple, Salesforce, Meta
- Key Industries: Artificial intelligence, cloud computing, fintech, consumer technology, software
- Funding Landscape: $50.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Sequoia Capital, Andreessen Horowitz, Bessemer Venture Partners, Greylock Partners, Khosla Ventures, Kleiner Perkins
- Research Centers and Universities: Stanford University; University of California, Berkeley; University of San Francisco; Santa Clara University; Ames Research Center; Center for AI Safety; California Institute for Regenerative Medicine
