Role :: Threat Modeler
Rate - $80-85/hr. on C2C
Location :: Remote
Responsibilities:
· Develop training material for how to engage the Threat Management service, make use of technologies, and interpret findings.
· Drive beneficial security change into the business through supporting Developers with creation of threat models for their applications and remediation of potential threats, balancing risk against business need.
· Support the Security Architecture team to develop and mature an Application Threat Modeling Program by defining processes, procedures, controls, KRI’s/KPI’s, etc., that identify threats early in the development process reducing risks prior to deployment.
· Work with the InfoSec functional teams in the development of the Information Security strategy and roadmap, including and with focus on Threat Modeling; liaison and consult with Enterprise Architecture, IT and the business for ongoing input and awareness
· Advise and Contribute to Strategy and Roadmaps
Qualifications:
· 5-7 years related experience in Cyber Security, Insider Threat, Intelligence Community, Federal Law Enforcement, or a related field
· Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
· Demonstrated experience developing technical threat models
· Demonstrated experience performing security code reviews and explaining results to project teams
· Strong understanding of protocols, networking, firewalls, caching, VIPs, proxies, web applications, and database systems
· Experience with AWS
· Knowledge of several of the following programming languages; Java, C#, Python, C++, Node.JS, JavaScript
· Knowledge in one or several of the following Frontend frameworks; React, Angular, Ember, Vue
· Minimum of 2 years’ experience working as an Information Security Threat Modeling subject matter expert at a senior level
· Minimum of 2 years’ experience working as an Information Security Professional, preferably within the architecture or engineering disciplines
Desirable:
· Able to provide references to CVEs filled, Bug Bounty Username, or GitHub repositories
· One or more security-related certifications associated with AWS, GCP, or Azure
· CISSP (+ ISSAP), CCSP, CEH, OSCP, CSSLP
Keys to Success in this Role:
· Strong written and verbal communication skills
· Able to mentor and guide team members
· Self-starter, candidate must be able to anticipate tasks and take action
· Excellent presentation, program management and relationship management skills
Top Skills
Similar Jobs
What you need to know about the Los Angeles Tech Scene
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
