165 526
23 379
## For additional information, please review .* Perform Threat Modeling using a documented process* Development of automation tools as required* Maintain a high standard of work in identifying threats and specifying mitigating controls* Attending to the lifecycle of identified threats and controls* Delivery of threat models and supporting tasks within existing timeframes* Provide feedback, support, and improvements to the existing threat modeling process* Present work to seniors, the team, and other technical teams* Proven experience with **Jira** or other similar ticketing systems.* Strong understanding of security best practices related to **Authentication**, **Authorization**, **Logging/Monitoring**, **Encryption**, **Infrastructure Security**, and **Network Segmentation**.* Experience with scripting languages (e.g., **Python**, **Bash**, **PowerShell**) or Infrastructure as Code tools (e.g., **Terraform**, **CloudFormation**).* Familiarity with threat modeling methodologies like **STRIDE**, **PASTA**, **Attack Trees**, and the **MITRE ATT&CK framework**, as well as threat modeling tools (e.g., **IriusRisk**, **ThreatModeler**, **Microsoft Threat Modeling Tool**).* Ability to identify vulnerabilities using **CWE** or **OWASP** frameworks.* Working knowledge of **Operating Systems** (e.g., **Windows**, **Linux**) and their hardening best practices.* Familiarity with **Development Concepts** such as **CI/CD pipelines**, and **SDLC**.* Working knowledge of **Cloud Platforms** (e.g., **AWS**, **Azure**, **GCP**).* Ability to design and review technical architectures.* Strong analytical skills, diligence, and attention to detail.* Excellent skills in creating and maintaining high-quality documentation.* Demonstrated ability to work effectively with diverse individuals and teams.* Excellent written and verbal communication skills.* A passion for continuous learning and staying up-to-date with new technologies and methodologies.* Proven ability to build relationships across multiple cross-functional teams.**5+ years** of experience in a **Cybersecurity** role.* Familiarity with **Cloud Development Kit (CDK) and GitOps** principles.* Experience supporting or performing **Penetration Testing** activities (e.g., **vulnerability scanning**, **network penetration testing**, **web application testing**, **mobile application testing**).* Experience with **Snowflake**, **MongoDB**, **Terraform Cloud**, **GitHub**, or **Databricks**.* Experience working in a regulated environment (e.g., **financial services**).* Ability to think like an attacker and anticipate potential threats.**3+ years** experience specifically focused on **Threat Modeling**.Experience with **Docker**, **Kubernetes**, **Serverless Technologies** (e.g., **AWS Lambda**, **Azure Functions**, **Google Cloud Functions**), and **Helm**.
#J-18808-Ljbffr