Role :: Threat Modeler
Rate - $80-85/hr. on C2C
Location :: Remote
Responsibilities:
· Develop training material for how to engage the Threat Management service, make use of technologies, and interpret findings.
· Drive beneficial security change into the business through supporting Developers with creation of threat models for their applications and remediation of potential threats, balancing risk against business need.
· Support the Security Architecture team to develop and mature an Application Threat Modeling Program by defining processes, procedures, controls, KRI’s/KPI’s, etc., that identify threats early in the development process reducing risks prior to deployment.
· Work with the InfoSec functional teams in the development of the Information Security strategy and roadmap, including and with focus on Threat Modeling; liaison and consult with Enterprise Architecture, IT and the business for ongoing input and awareness
· Advise and Contribute to Strategy and Roadmaps
Qualifications:
· 5-7 years related experience in Cyber Security, Insider Threat, Intelligence Community, Federal Law Enforcement, or a related field
· Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
· Demonstrated experience developing technical threat models
· Demonstrated experience performing security code reviews and explaining results to project teams
· Strong understanding of protocols, networking, firewalls, caching, VIPs, proxies, web applications, and database systems
· Experience with AWS
· Knowledge of several of the following programming languages; Java, C#, Python, C++, Node.JS, JavaScript
· Knowledge in one or several of the following Frontend frameworks; React, Angular, Ember, Vue
· Minimum of 2 years’ experience working as an Information Security Threat Modeling subject matter expert at a senior level
· Minimum of 2 years’ experience working as an Information Security Professional, preferably within the architecture or engineering disciplines
Desirable:
· Able to provide references to CVEs filled, Bug Bounty Username, or GitHub repositories
· One or more security-related certifications associated with AWS, GCP, or Azure
· CISSP (+ ISSAP), CCSP, CEH, OSCP, CSSLP
Keys to Success in this Role:
· Strong written and verbal communication skills
· Able to mentor and guide team members
· Self-starter, candidate must be able to anticipate tasks and take action
· Excellent presentation, program management and relationship management skills
Similar Jobs
What you need to know about the Colorado Tech Scene
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
