Senior Threat Modeling Engineer Job at Synergy Interactive, New York, NY

bjVWTFQzd1lJNEJWZUJPcjgvV1NZWVA4S3c9PQ==
  • Synergy Interactive
  • New York, NY

Job Description

Job Description As a Senior Engineer - Threat Modeling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modeling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Your Impact: Conduct thorough threat modeling exercises utilizing established methodologies and frameworks. Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls. Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary. Deliver comprehensive threat models and related tasks within specified timeframes. Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process. Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders. Qualifications We are seeking an ideal candidate with 8+ years of experience in a range of technologies and processes including:Proficiency in GCP - essential Strong knowledge of security architecture principles, frameworks, and best practices Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc. Overall experience in Cybersecurity: 5+ years Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation Knowledge of Rest API Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation) Familiarity with Jira or other ticketing systems – essential Technical architecture design and review skills – essential Ability to identify vulnerabilities using CWE or OWASP Knowledge of operating systems and their hardening techniques Understanding of development concepts such as CICD, Pipelines, and SDLC Penetration testing knowledge is also super useful Familiarity with Cloud Development Kit (CDK) and GitOps Experience operating in a DevOps/agile team environment Understanding of docker, Kubernetes, serverless architecture, and Helm Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks Strong analytical skills, diligence, and attention to detail Willingness to conduct research using vendor documentation Capability to create and maintain high-quality documentation Possession of an adversary mindset Continuous learning attitude towards new technologies and methodologies Strong problem-solving skills Excellent communication and collaboration abilities Ability to build and nurture relationships across cross-functional teams Set Yourself Apart With: Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL Relevant GCP certifications are highly desirable: GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer. Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA) Hands-on-experience with cloud security designs on GCP Experience working in regulated environments Exposure to agile development, DevOps, SecOps and scrum teams Experience with another CSP provider: AWS, Azure Development experience (python, Node) Strong desire to learn and contribute solutions and ideas to broader team

Job Tags

Similar Jobs

Jovie of San Francisco | Los Gatos | East Bay

Babysitter / Nanny Job at Jovie of San Francisco | Los Gatos | East Bay

Smart, capable and ready for anything? This is the childcare opportunity for you. Have you always preferred the fun and wonder of the kids table rather than sitting with the adults? Do babysitting gigs feel more like a chance to let loose and have fun than just a mere...

Holiday Inn Express & Suites Galveston

Housekeeping | Room Cleaning | Room Attendant Job at Holiday Inn Express & Suites Galveston

 ...Job Description Job Title: Housekeeper/Room Attendant Clean guest rooms as assigned ensuring the hotels established standards of cleanliness. Responsible for reporting any maintenance deficiencies and handling guests requests or complaints. Ensure the confidentiality... 

Talent Groups

Procurement Buyer Job at Talent Groups

 ...sequencing, and assay development. Key Responsibilities: ~5+ years experience in strategic sourcing within biotech/pharma ~ Develop and...  ...management, and contracting skills ~ Bachelors degree in Business, Science, Engineering, or Supply Chain; MS/MBA preferred... 

The Equus Group

Communications Manager Job at The Equus Group

 ...Vice President of Communications Position Summary Our client is seeking an experienced Vice President of Communications to lead the...  ...strategies that effectively inform and engage employees across all levels of the organization Partner with senior leadership to craft... 

VBeyond Corporation

Certified Personal Trainer Job at VBeyond Corporation

Detail Description of the Role: Certified trainers for in standards (Certified IPC Trainers), having Master IPC Trainer (MIT) certification is an advantage Provide training at onsite for IPC Specialists (Production Operators) and IPC Trainers (Train the Trainer)...