North Logo

North

Director, Threat Modeling

Posted 4 Hours Ago
Be an Early Applicant
Remote
Hiring Remotely in US
Expert/Leader
Remote
Hiring Remotely in US
Expert/Leader
Lead strategy and execution for AI-driven threat detection, SIEM/log management, SOAR automation, and enterprise vulnerability and insider-threat programs. Build and deploy detection models, integrate security into CI/CD and cloud, run tabletop exercises, measure KPIs, and drive cross-functional security engineering improvements.
The summary above was generated by AI

Director, Threat Modeling

North - Remote

This leadership role drives the strategic vision and technical execution of the security engineering function. The focus of this role is on implementing and optimizing advanced, automated security solutions, specifically leveraging AI, Machine Learning and algorithms for improved threat detection, log management, and incident response orchestration (SOAR). This director will manage the full lifecycle of internal security software, integrate security into cloud and CI/CD pipelines through cross-functional collaboration, and establish metrics to demonstrate the program's efficiency and return on investment.


What you'll do:

  • Strategy & Architecture: Define and execute enterprise strategies for Log Management, SIEM, and AI-driven automation, ensuring architectures support scalable data ingestion, real-time threat detection, and alignment with business objectives.

  • Development & Orchestration: Lead the end-to-end lifecycle (from design to deployment) of automated workflows, SOAR playbooks, and response scripts to streamline threat detection and maximize operational efficiency.

  • Vulnerability Management: Own the strategic vision and day-to-day execution of the enterprise vulnerability management program.

  • Vulnerability Management: Identify systemic workflow gaps and bottlenecks across IT operations to proactively address potential vulnerabilities before they can be exploited.

  • Insider Threat: Design and execute a holistic strategy to detect, investigate, and mitigate malicious, negligent, or compromised insider activities

  • Advanced Cyber Analytics: Act as an internal incubator for the broader cybersecurity organization, helping cybersecurity teams identify, experiment with, and adopt cutting-edge models, algorithms, and disruptive architectural approaches.

  • Advanced Cyber Analytics: Research and deploy innovative detection techniques, machine learning models, and predictive analytics to uncover sophisticated techniques that evade traditional rule-based and signature-based tools.

  • Optimization & Tuning: Partner with cybersecurity teams to infuse advanced automation and data-science mindsets into daily workflows, constantly pushing the boundaries of how the enterprise hunts, detects and contains threats.

  • Optimization & Tuning: Oversee the testing, validation, and continuous tuning of security controls, utilizing AI/ML and advanced analytics to reduce false positives, enhance detection accuracy, and optimize system performance.

  • Collaboration & Integration: Drive cross-functional collaboration with DevOps and IT teams to embed security automation best practices into CI/CD pipelines, cloud environments, and enterprise infrastructure.

  • Threat Management: Design, coordinate, and facilitate regular, high-fidelity security tabletop exercises for both technical teams and executive leadership.

  • Performance Measurement: Establish and track Key Performance Indicators (KPIs) and operational metrics to quantify program efficacy, demonstrate ROI, and drive data-informed continuous improvement.


What we need from you:

  • Bachelor's degree in Software Engineering, Computer Science, Information Technology, or a related field, or equivalent practical experience (10+ years of experience in Cybersecurity).

  • Strong background in cybersecurity domains including: Incident Response; Digital Forensics; Cybersecurity Program Management.

  • Experience conducting hunts or incident response across networks, endpoints, cloud and application environments. 

  • Practical experience in developing agentic cybersecurity solutions.

  • Proficiency in leading the end-to-end lifecycle of security software and automated workflows.

  • Strategic vision for enterprise vulnerability management, including the ability to identify systemic workflow gaps.

  • Competence in digital forensics and the ability to coordinate high-fidelity security tabletop exercises.

  • Strong knowledge of all aspects of large-scale incident response management.

  • Knowledge of the MITRE ATT&CK framework and the Cyber Kill Chain. Ability to map disparate events to specific tactics, techniques, and procedures (TTPs).

  • Strong knowledge of all aspects of large-scale incident response management.

  • Knowledge of cybercrime and nation state attack vectors, detection and mitigation strategies.

  • Strong technical background in security tooling and detection engineering principles (agentic solutions, detection algorithms, machine learning).

  • Attention to details and focus on tactical execution.

What we offer: 

We offer a comprehensive benefits package that enables our teams to live a life well lived, both personally and professionally. Some of our perks include:

  • Medical, Dental, & Vision Coverage

  • Flexible Paid Time Off

  • 401(k) + Match

  • Mental Health Support & Well-Being Program

  • Paid Maternity & Paternity Leave

  • Education Assistance

  • Company-funded Lifestyle Spending Account

Please note: North is a US based company and this role is not eligible for current or future sponsorship.

Who we are: 

North, and our family of companies, are committed to helping entrepreneurs grow their businesses. As an end-to-end payment solutions company, we provide everything business owners need to get paid, whether they serve customers in a physical storefront, online, or both. We pride ourselves on being large enough to offer customized solutions to our enterprise-level clients while remaining agile enough to take an award-winning, hands-on approach to personal service that our merchants won’t find anywhere else.

Let’s go North, together! Our most important resource is our people. Join our diverse team of innovators and do-ers and make your mark on the future of payments technology. We're proud to offer benefits that help our team members further their overall well-being through unique initiatives that are both personally and professionally fulfilling. 

At North, we celebrate diversity and create an inclusive environment for everyone. We are an equal opportunity employer.

To learn more about North, and our family of companies, visit our website: north.com

Similar Jobs

24 Minutes Ago
Remote or Hybrid
Senior level
Senior level
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Design, build, and operate IAM solutions across cloud, SaaS, and internal systems. Implement least-privilege access models, automate access workflows, integrate logging into SIEM, run access reviews, and drive continuous risk reduction and adoption of secure-by-default practices.
Top Skills: AWSAzureGCPKubernetesOauthOidcOktaSAMLScimSIEMTeleportTerraform
24 Minutes Ago
Remote or Hybrid
Senior level
Senior level
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Lead technical design and implementation of ServiceNow Finance & Supply Chain and Contracting solutions. Configure versus customize platform features, build integrations (SSO, LDAP, web services), develop portals, run customer workshops, draft technical user stories and testing strategies, mentor administrators, and ensure quality delivery across multiple engagements.
Top Skills: Apo)BootstrapContract ManagementCoupaCSSHTMLIvaluaJavaScriptLdapLegal Service DeliveryMiddlewareOracle Procurement CloudSaaSSap AribaSap EccSap S/4HanaServicenowServicenow Finance & Supply Chain (SpoSlp/Sl0SsoWeb ServicesXML
24 Minutes Ago
Remote or Hybrid
206K-371K Annually
Expert/Leader
206K-371K Annually
Expert/Leader
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Lead global go-to-market for Energy & Utilities by localizing ServiceNow solutions, seeding and progressing strategic pipeline, enabling partners, and analyzing business trends to drive revenue. Build executive relationships, support account teams with industry expertise, and accelerate deal cycles through solution positioning and industry thought leadership.
Top Skills: FercIec 62443Iso 27001Iso 27002Nerc CipNis2Nist Cybersecurity FrameworkOperational Technology (Ot)ServicenowSingapore Cybersecurity ActSoci ActUk National Grid Cyber Security Strategy

What you need to know about the Colorado Tech Scene

With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.

Key Facts About Colorado Tech

  • Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
  • Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
  • Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
  • Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
  • Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account