Location: -Jersey City, NJ | Charlotte, NC (Onsite)
Type: FTE
Functional Area: Threat Modeling
Role Summary:
Facilitate threat modeling sessions and produce actionable security requirements (NFRs).
Support manual threat modeling enablement per the 2026 roadmap.
Drive risk identification and mitigation planning for new and existing features.
Key Responsibilities:
Conduct STRIDE/LINDDUN-based threat models; document abuse cases and controls.
Translate findings into tiered security requirements and testable NFRs; automate validation where feasible.
Collaborate with SecDesign to embed controls early and prevent defects.
Maintain artifacts in repositories; integrate with AVR/JIRA for tracking.
Provide inputs to risk register; escalate high-impact risks immediately.
Required Qualifications & Skills:
Bachelor s in CS or related field.
3+ years in AppSec or security architecture.
Familiarity with threat modeling methodologies and secure design patterns.
Ability to communicate technical risk to non-technical stakeholders.
Preferred Qualifications:
Experience automating NFR validation in CI/CD.
Certifications: CSSLP, GIAC GWEB, or equivalent.
Knowledge of privacy threat modeling (LINDDUN).
Tools & Technologies:
Threat modeling tools (Threat Dragon, Microsoft Threat Modeling Tool)
Documentation (Confluence, Markdown)
AVR/JIRA for tracking
Never miss an opportunity! Create an alert based on the job you applied for.
