Role :: Threat Modeler
Rate - $80-85/hr. on C2C
Location :: Remote
Responsibilities:
· Develop training material for how to engage the Threat Management service, make use of technologies, and interpret findings.
· Drive beneficial security change into the business through supporting Developers with creation of threat models for their applications and remediation of potential threats, balancing risk against business need.
· Support the Security Architecture team to develop and mature an Application Threat Modeling Program by defining processes, procedures, controls, KRI’s/KPI’s, etc., that identify threats early in the development process reducing risks prior to deployment.
· Work with the InfoSec functional teams in the development of the Information Security strategy and roadmap, including and with focus on Threat Modeling; liaison and consult with Enterprise Architecture, IT and the business for ongoing input and awareness
· Advise and Contribute to Strategy and Roadmaps
Qualifications:
· 5-7 years related experience in Cyber Security, Insider Threat, Intelligence Community, Federal Law Enforcement, or a related field
· Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
· Demonstrated experience developing technical threat models
· Demonstrated experience performing security code reviews and explaining results to project teams
· Strong understanding of protocols, networking, firewalls, caching, VIPs, proxies, web applications, and database systems
· Experience with AWS
· Knowledge of several of the following programming languages; Java, C#, Python, C++, Node.JS, JavaScript
· Knowledge in one or several of the following Frontend frameworks; React, Angular, Ember, Vue
· Minimum of 2 years’ experience working as an Information Security Threat Modeling subject matter expert at a senior level
· Minimum of 2 years’ experience working as an Information Security Professional, preferably within the architecture or engineering disciplines
Desirable:
· Able to provide references to CVEs filled, Bug Bounty Username, or GitHub repositories
· One or more security-related certifications associated with AWS, GCP, or Azure
· CISSP (+ ISSAP), CCSP, CEH, OSCP, CSSLP
Keys to Success in this Role:
· Strong written and verbal communication skills
· Able to mentor and guide team members
· Self-starter, candidate must be able to anticipate tasks and take action
· Excellent presentation, program management and relationship management skills
Similar Jobs
What you need to know about the Boston Tech Scene
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
