Director, Threat Modeling
North - Remote
This leadership role drives the strategic vision and technical execution of the security engineering function. The focus of this role is on implementing and optimizing advanced, automated security solutions, specifically leveraging AI, Machine Learning and algorithms for improved threat detection, log management, and incident response orchestration (SOAR). This director will manage the full lifecycle of internal security software, integrate security into cloud and CI/CD pipelines through cross-functional collaboration, and establish metrics to demonstrate the program's efficiency and return on investment.
What you'll do:
Strategy & Architecture: Define and execute enterprise strategies for Log Management, SIEM, and AI-driven automation, ensuring architectures support scalable data ingestion, real-time threat detection, and alignment with business objectives.
Development & Orchestration: Lead the end-to-end lifecycle (from design to deployment) of automated workflows, SOAR playbooks, and response scripts to streamline threat detection and maximize operational efficiency.
Vulnerability Management: Own the strategic vision and day-to-day execution of the enterprise vulnerability management program.
Vulnerability Management: Identify systemic workflow gaps and bottlenecks across IT operations to proactively address potential vulnerabilities before they can be exploited.
Insider Threat: Design and execute a holistic strategy to detect, investigate, and mitigate malicious, negligent, or compromised insider activities
Advanced Cyber Analytics: Act as an internal incubator for the broader cybersecurity organization, helping cybersecurity teams identify, experiment with, and adopt cutting-edge models, algorithms, and disruptive architectural approaches.
Advanced Cyber Analytics: Research and deploy innovative detection techniques, machine learning models, and predictive analytics to uncover sophisticated techniques that evade traditional rule-based and signature-based tools.
Optimization & Tuning: Partner with cybersecurity teams to infuse advanced automation and data-science mindsets into daily workflows, constantly pushing the boundaries of how the enterprise hunts, detects and contains threats.
Optimization & Tuning: Oversee the testing, validation, and continuous tuning of security controls, utilizing AI/ML and advanced analytics to reduce false positives, enhance detection accuracy, and optimize system performance.
Collaboration & Integration: Drive cross-functional collaboration with DevOps and IT teams to embed security automation best practices into CI/CD pipelines, cloud environments, and enterprise infrastructure.
Threat Management: Design, coordinate, and facilitate regular, high-fidelity security tabletop exercises for both technical teams and executive leadership.
Performance Measurement: Establish and track Key Performance Indicators (KPIs) and operational metrics to quantify program efficacy, demonstrate ROI, and drive data-informed continuous improvement.
What we need from you:
Bachelor's degree in Software Engineering, Computer Science, Information Technology, or a related field, or equivalent practical experience (10+ years of experience in Cybersecurity).
Strong background in cybersecurity domains including: Incident Response; Digital Forensics; Cybersecurity Program Management.
Experience conducting hunts or incident response across networks, endpoints, cloud and application environments.
Practical experience in developing agentic cybersecurity solutions.
Proficiency in leading the end-to-end lifecycle of security software and automated workflows.
Strategic vision for enterprise vulnerability management, including the ability to identify systemic workflow gaps.
Competence in digital forensics and the ability to coordinate high-fidelity security tabletop exercises.
Strong knowledge of all aspects of large-scale incident response management.
Knowledge of the MITRE ATT&CK framework and the Cyber Kill Chain. Ability to map disparate events to specific tactics, techniques, and procedures (TTPs).
Strong knowledge of all aspects of large-scale incident response management.
Knowledge of cybercrime and nation state attack vectors, detection and mitigation strategies.
Strong technical background in security tooling and detection engineering principles (agentic solutions, detection algorithms, machine learning).
Attention to details and focus on tactical execution.
What we offer:
We offer a comprehensive benefits package that enables our teams to live a life well lived, both personally and professionally. Some of our perks include:
Medical, Dental, & Vision Coverage
Flexible Paid Time Off
401(k) + Match
Mental Health Support & Well-Being Program
Paid Maternity & Paternity Leave
Education Assistance
Company-funded Lifestyle Spending Account
Please note: North is a US based company and this role is not eligible for current or future sponsorship.
Who we are:
North, and our family of companies, are committed to helping entrepreneurs grow their businesses. As an end-to-end payment solutions company, we provide everything business owners need to get paid, whether they serve customers in a physical storefront, online, or both. We pride ourselves on being large enough to offer customized solutions to our enterprise-level clients while remaining agile enough to take an award-winning, hands-on approach to personal service that our merchants won’t find anywhere else.
Let’s go North, together! Our most important resource is our people. Join our diverse team of innovators and do-ers and make your mark on the future of payments technology. We're proud to offer benefits that help our team members further their overall well-being through unique initiatives that are both personally and professionally fulfilling.
At North, we celebrate diversity and create an inclusive environment for everyone. We are an equal opportunity employer.
To learn more about North, and our family of companies, visit our website: north.com
Similar Jobs
What you need to know about the Colorado Tech Scene
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute

