Avance Consulting Services
New York, NY
Post Resume to
View Contact Details &
Apply for Job
Job Description :

InfoSec Threat Modeler

Contract

McLean, Virginia 

Remote

Job Description:

Responsibilities:

  • Develop training material for how to engage the Threat Management service, make use of technologies, and interpret findings.
  • Drive beneficial security change into the business through supporting Developers with creation of threat models for their applications and remediation of potential threats, balancing risk against business need.
  • Support the Security Architecture team to develop and mature an Application Threat Modeling Program by defining processes, procedures, controls, KRI s/KPI s, etc., that identify threats early in the development process reducing risks prior to deployment.
  • Work with the InfoSec functional teams in the development of the Information Security strategy and roadmap, including and with focus on Threat Modeling; liaison and consult with Enterprise Architecture, IT and the business for ongoing input and awareness
  • Advise and Contribute to Strategy and Roadmaps

Qualifications:

  • 5-7 years related experience in Cyber Security, Insider Threat, Intelligence Community, Federal Law Enforcement, or a related field
  • Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
  • Demonstrated experience developing technical threat models
  • Demonstrated experience performing security code reviews and explaining results to project teams
  • Strong understanding of protocols, networking, firewalls, caching, VIPs, proxies, web applications, and database systems
  • Experience with AWS
  • Knowledge of several of the following programming languages; Java, C#, Python, C++, Node.JS, JavaScript
  • Knowledge in one or several of the following Frontend frameworks; React, Angular, Ember, Vue
  • Minimum of 2 years experience working as an Information Security Threat Modeling subject matter expert at a senior level
  • Minimum of 2 years experience working as an Information Security Professional, preferably within the architecture or engineering disciplines

Desirable:

  • Able to provide references to CVEs filled, Bug Bounty Username, or GitHub repositories
  • One or more security-related certifications associated with AWS, GCP, or Azure
  • CISSP (+ ISSAP), CCSP, CEH, OSCP, CSSLP

Keys to Success in this Role:

  • Strong written and verbal communication skills
  • Able to mentor and guide team members
  • Self-starter, candidate must be able to anticipate tasks and take action
  • Excellent presentation, program management and relationship management skills
 
             

Similar Jobs you may be interested in ..