Threat Modelling Engineer - Google Cloud Platform

  • New York, NY
  • Posted 1 day ago | Updated 1 day ago

Overview

On Site
$100,000 - $140,000
Full Time

Skills

cybersecurity
gcp
google cloud
mitre
ATT&CK
STRIDE
PASTA

Job Details

Tittle: Threat Modelling Engineer - Google Cloud Platform
Location: New York, NY or Dallas, TX and multiple other locations in USA
Duration: Fulltime/ Permanent

Job Description

As a Senior Engineer - Threat Modelling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modelling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies.

Qualifications

  • We are seeking an ideal candidate with 8+ years of experience in a range of technologies and processes
  • Proficiency in Google Cloud Platform - essential
  • Strong knowledge of security architecture principles, frameworks, and best practices
  • Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.
  • Overall experience in Cybersecurity: 5+ years
  • Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation
  • Knowledge of cloud security frameworks
  • knowledge of Rest API
  • Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation)
  • Familiarity with Jira or other ticketing systems essential
  • Technical architecture design and review skills essential
  • Ability to identify vulnerabilities using CWE or OWASP
  • Knowledge of operating systems and their hardening techniques
  • Understanding of development concepts such as CICD, Pipelines, and SDLC
  • Penetration testing knowledge is also super useful
  • Familiarity with Cloud Development Kit (CDK) and GitOps
  • Experience operating in a DevOps/agile team environment
  • Understanding of docker, Kubernetes, serverless architecture, and Helm
  • Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks
  • Strong analytical skills, diligence, and attention to detail
  • Willingness to conduct research using vendor documentation
  • Capability to create and maintain high-quality documentation
  • Possession of an adversary mindset
  • Continuous learning attitude towards new technologies and methodologies
  • Strong problem-solving skills
  • Excellent communication and collaboration abilities
  • Ability to build and nurture relationships across cross-functional teams
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.