Threat Modeling Architect

Job Title: Threat Modeling Architect

Location: Remote

Duration: Contract

About the Role

We are seeking a highly skilled and experienced Threat Modeling Architect to join our cybersecurity team. This role is critical in helping our organization proactively identify, assess, and mitigate security threats across applications, systems, and infrastructure. You will lead structured threat modeling exercises, collaborate with cross-functional teams, and drive the integration of security into design and development processes.

Key Responsibilities

• Lead and facilitate threat modeling sessions across diverse technology stacks and business domains.
• Define scope, identify assets, and document potential threats and vulnerabilities.
• Analyze threat impact and likelihood to prioritize mitigation strategies.
• Collaborate with engineering, architecture, and product teams to embed security into system design.
• Evaluate existing security controls and identify gaps or weaknesses.
• Develop and maintain threat model documentation, including architecture diagrams, findings, and action items.
• Continuously monitor and update threat models to reflect evolving threat landscapes.
• Promote a security-conscious culture through awareness and training.

Qualifications

• 5+ years of experience in cybersecurity, with a focus on threat modeling, risk assessment, or security architecture.
• Excellent communication and collaboration skills across technical and non-technical stakeholders.
• Excellent in interpreting architecture diagrams and identifying security design flaws within architectures
• Ability to prioritize security and privacy remediations using a risk-based approach.
• Strong understanding of application, infrastructure, and networking security principles.
• Demonstrated hands-on development experience in one or more major programming languages
• Experience with threat modeling methodologies (e.g., STRIDE, DREAD, PASTA, OCTAVE).
• Ability to quickly learn new technologies and architectures in the AI Security space.

Preferred Skills

• Extensive understanding of modern AI technologies and architectures, including large language models (LLMs), Agents, MCP, and retrieval-augmented generation (RAG).
• Proven experience designing and building enterprise-scale applications using one or more major programming languages (Python, Java, JavaScript, Go, C/C++).
• Security Certifications like CISSP, AWS Certified Security Specialty, MS Cyber Architect, Google Cloud Platform Security are good to have
• Privacy background, including familiarity with privacy threat modeling methodologies and frameworks, and holding relevant certifications (e.g., CIPP, CIPT, or equivalent).