Job Description

STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!

Strategic Staffing Solutions is currently looking for a Threat Modeler, a W2 contract opportunity with one of our largest clients!

Candidates should be willing to work on our W2 ONLY, NO C2C

Job Title: Threat Modeler-Application Security Architect
Role Type: W2 only
Duration: 12 months
Location: Iselin, NJ
Schedule: Onsite/Hybrid—3 days in office

Position Overview and Responsibilities:

Application Security Secure Development is seeking an application security architect to threat model applications, services, and platforms.

A successful candidate will:

• Engage and collaborate with application, service, and platform teams to derive a deep, detailed, and accurate description of their application architectures and the services and platforms they consume.
• Model the architectures in our threat modeling tool.
• Apply our threat modeling methodology to identify and prioritize threats to those applications and to apply mitigating controls.
• Review evidence (designs, configurations, and/or source code) of mitigations to threats.
• Propose solutions to mitigate threats.
• Publish and present threat modeling results.
• Collaborate with Cybersecurity Architecture in the creation of new mitigating controls where a sufficient mitigation does not previously exist for a threat.

 Required Qualifications:

• 4+ years of Systems Architecture and/or Systems Development experience
• 3+ years of cybersecurity experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education, and cybersecurity certifications.
• 1+ years of engineering experience with Azure, GCP, or AWS.
• 1+ years of experience in Python programming.
• Proficient in at least one Threat Modeling methodology, such as STRIDE, PASTA, OCTAVE, LINDDUN, or VAST
• Experience using Threat Modeler, Microsoft Threat Modeling tool, or OWASP Threat Dragon to develop threat models
• Understanding of OWASP Top 10, CAPEC, MITRE ATTACK, and Secure Design principles
• The ability to juggle multiple threat models actively in the work-in-progress state, working with a sense of urgency, delivering with short cycle times and a high throughput without sacrificing quality.
• Strong collaboration and communication skills, and the ability to work effectively with cross-functional teams.

 Desired Qualifications:

• Security and cloud certifications, such as CISSP, CCSP, and Azure, GCP, or AWS cloud certifications.
• 3+ years leading Architecture Risk Reviews and building threat models
• 1+ years of experience in Threat Modeling GenAI.
• 1+ years of experience leveraging Threat modeling-as-a-Code (TaaC)

“Beware of scams. S3 never asks for money during its onboarding process.”