4,057 Threat Modeling jobs in the United States

As a Senior Engineer - Threat Modeling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modeling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies.

Your Impact:

• Conduct thorough threat modeling exercises utilizing established methodologies and frameworks.
• Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls.
• Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary.
• Deliver comprehensive threat models and related tasks within specified timeframes.
• Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process.
• Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders.

We are seeking an ideal candidate with 8+ years of experience in a range of technologies and processes including:

• Proficiency in GCP - essential
• Strong knowledge of security architecture principles, frameworks, and best practices
• Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.
• Overall experience in Cybersecurity:5+ years
• Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation
• Knowledge of cloud security frameworks
• knowledge of Rest API
• Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation)
• Familiarity with Jira or other ticketing systems - essential
• Technical architecture design and review skills - essential
• Ability to identify vulnerabilities using CWE or OWASP
• Knowledge of operating systems and their hardening techniques
• Understanding of development concepts such as CICD, Pipelines, and SDLC
• Penetration testing knowledge is also super useful
• Familiarity with Cloud Development Kit (CDK) and GitOps
• Experience operating in a DevOps/agile team environment
• Understanding of docker, Kubernetes, serverless architecture, and Helm
• Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks
• Strong analytical skills, diligence, and attention to detail
• Willingness to conduct research using vendor documentation
• Capability to create and maintain high-quality documentation
• Possession of an adversary mindset
• Continuous learning attitude towards new technologies and methodologies
• Strong problem-solving skills
• Excellent communication and collaboration abilities
• Ability to build and nurture relationships across cross-functional teams

Set Yourself Apart With:

• Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
• Relevant GCP certifications are highly desirable: GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer.
• Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
• Experience working in regulated environments
• Exposure to agile development, DevOps, SecOps and scrum teams
• Hands-on-experience with cloud security designs on Azure
• Development experience (python, Node)
• Strong desire to learn and contribute solutions and ideas to broader team

* Flexible vacation policy; time is not limited, allocated, or accrued
* 16 paid holidays throughout the year
* Generous parental leave and new parent transition program
* Tuition reimbursement
* Corporate gift matching program

Base Pay Range: USD 140,000 - 185,000 (varies depending on experience)

Therange shown represents a grouping of relevantranges currently in use at Publicis Sapient. Actualrange for this position may differ, depending on location and specific skillset required for the work itself.

As part of our dedication to an inclusive and diverse workforce, Publicis Sapient is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us you may call us at .

Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting, and customer obsession to accelerate our clients' businesses through designing the products and services their customers truly value.

Company description

Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting, and customer obsession to accelerate our clients’ businesses through designing the products and services their customers truly value.

Overview

As a Senior Engineer - Threat Modeling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modeling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies.

Your Impact:

• Conduct thorough threat modeling exercises utilizing established methodologies and frameworks.

• Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls.

• Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary.

• Deliver comprehensive threat models and related tasks within specified timeframes.

• Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process.

• Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders.

Qualifications

We are seeking an ideal candidate with 8+ years of experience in a range of technologies and processes including:

• Proficiency in GCP - essential

• Strong knowledge of security architecture principles, frameworks, and best practices

• Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.

• Overall experience in Cybersecurity: 5+ years

• Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation

• Knowledge of cloud security frameworks

• knowledge of Rest API

• Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation)

• Familiarity with Jira or other ticketing systems – essential

• Technical architecture design and review skills – essential

• Ability to identify vulnerabilities using CWE or OWASP

• Knowledge of operating systems and their hardening techniques

• Understanding of development concepts such as CICD, Pipelines, and SDLC

• Penetration testing knowledge is also super useful

• Familiarity with Cloud Development Kit (CDK) and GitOps

• Experience operating in a DevOps/agile team environment

• Understanding of docker, Kubernetes, serverless architecture, and Helm

• Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks

• Strong analytical skills, diligence, and attention to detail

• Willingness to conduct research using vendor documentation

• Capability to create and maintain high-quality documentation

• Possession of an adversary mindset

• Continuous learning attitude towards new technologies and methodologies

• Strong problem-solving skills

• Excellent communication and collaboration abilities

• Ability to build and nurture relationships across cross-functional teams

Set Yourself Apart With:

• Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL

• Relevant GCP certifications are highly desirable: GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer.

• Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)

• Experience working in regulated environments

• Exposure to agile development, DevOps, SecOps and scrum teams

• Hands-on-experience with cloud security designs on Azure

• Development experience (python, Node)

• Strong desire to learn and contribute solutions and ideas to broader team

Additional information

• Flexible vacation policy; time is not limited, allocated, or accrued

• 16 paid holidays throughout the year

• Generous parental leave and new parent transition program

• Tuition reimbursement

• Corporate gift matching program

Base Pay Range: USD 140,000 - 185,000 (varies depending on experience)

The range shown represents a grouping of relevant ranges currently in use at Publicis Sapient. Actual range for this position may differ, depending on location and specific skillset required for the work itself.

As part of our dedication to an inclusive and diverse workforce, Publicis Sapient is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at or you may call us at +1- .

• Conduct thorough threat modeling exercises utilizing established methodologies and frameworks.
• Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls.
• Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary.
• Deliver comprehensive threat models and related tasks within specified timeframes.
• Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process.
• Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders.

• Proficiency in GCP - essential
• Strong knowledge of security architecture principles, frameworks, and best practices
• Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.
• Overall experience in Cybersecurity: 5+ years
• Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation
• Knowledge of cloud security frameworks
• knowledge of Rest API
• Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation)
• Familiarity with Jira or other ticketing systems - essential
• Technical architecture design and review skills - essential
• Ability to identify vulnerabilities using CWE or OWASP
• Knowledge of operating systems and their hardening techniques
• Understanding of development concepts such as CICD, Pipelines, and SDLC
• Penetration testing knowledge is also super useful
• Familiarity with Cloud Development Kit (CDK) and GitOps
• Experience operating in a DevOps/agile team environment
• Understanding of docker, Kubernetes, serverless architecture, and Helm
• Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks
• Strong analytical skills, diligence, and attention to detail
• Willingness to conduct research using vendor documentation
• Capability to create and maintain high-quality documentation
• Possession of an adversary mindset
• Continuous learning attitude towards new technologies and methodologies
• Strong problem-solving skills
• Excellent communication and collaboration abilities
• Ability to build and nurture relationships across cross-functional teams

• Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
• Relevant GCP certifications are highly desirable: GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer.
• Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
• Experience working in regulated environments
• Exposure to agile development, DevOps, SecOps and scrum teams
• Hands-on-experience with cloud security designs on Azure
• Development experience (python, Node)
• Strong desire to learn and contribute solutions and ideas to broader team

• Conduct thorough threat modeling exercises utilizing established methodologies and frameworks.
• Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls.
• Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary.
• Deliver comprehensive threat models and related tasks within specified timeframes.
• Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process.
• Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders.

• Proficiency in GCP - essential
• Strong knowledge of security architecture principles, frameworks, and best practices
• Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.
• Overall experience in Cybersecurity: 5+ years
• Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation
• Knowledge of cloud security frameworks
• knowledge of Rest API
• Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation)
• Familiarity with Jira or other ticketing systems - essential
• Technical architecture design and review skills - essential
• Ability to identify vulnerabilities using CWE or OWASP
• Knowledge of operating systems and their hardening techniques
• Understanding of development concepts such as CICD, Pipelines, and SDLC
• Penetration testing knowledge is also super useful
• Familiarity with Cloud Development Kit (CDK) and GitOps
• Experience operating in a DevOps/agile team environment
• Understanding of docker, Kubernetes, serverless architecture, and Helm
• Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks
• Strong analytical skills, diligence, and attention to detail
• Willingness to conduct research using vendor documentation
• Capability to create and maintain high-quality documentation
• Possession of an adversary mindset
• Continuous learning attitude towards new technologies and methodologies
• Strong problem-solving skills
• Excellent communication and collaboration abilities
• Ability to build and nurture relationships across cross-functional teams

• Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
• Relevant GCP certifications are highly desirable: GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer.
• Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
• Experience working in regulated environments
• Exposure to agile development, DevOps, SecOps and scrum teams
• Hands-on-experience with cloud security designs on Azure
• Development experience (python, Node)
• Strong desire to learn and contribute solutions and ideas to broader team

About the job Threat Modeling Engineer, Senior
Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours.

Job Number: R0206267 Threat Modeling Engineer, Senior

Key Role: Research, design, develop, test, or supervise the manufacturing and installation of electrical equipment, components, or systems for commercial, industrial, military, or scientific use. Employ knowledge of electrical theory and materials properties. Apply advanced consulting skills or extensive technical expertise, including full industry knowledge. Develop innovative solutions to complex problems. Work without considerable direction, and mentor and supervise team members.

Basic Qualifications:

• Experience with software modeling and a variety of fidelity levels, including ground force weapon and C4ISR systems
• Knowledge of C++, Python, and Java
• Knowledge of MATLAB or Simulink
• Ability to learn or understand an engineering level system such as Radars, RF sensors, EW, tanks, artillery, rockets, UAS, radios, and directed energy systems
• Top Secret clearance
• Bachelor's degree in Science, Technology, Engineering, or Mathematics

• Experience working with Army ground systems
• Knowledge of fidelity levels of modeling, including parametric, engineering, and emulative
• Knowledge of simulation environments, including the Integrated Threat Analysis Simulation Environment (ITASE) and Advanced Framework for Simulation, Integration, and Modeling (AFSIM)
• TS/SCI clearance
• Master's degree in Science, Technology, Engineering, or Mathematics

• If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.

About the job Threat Modeling Engineer, Senior
Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours.

Job Number: R0206267 Threat Modeling Engineer, Senior

Key Role: Research, design, develop, test, or supervise the manufacturing and installation of electrical equipment, components, or systems for commercial, industrial, military, or scientific use. Employ knowledge of electrical theory and materials properties. Apply advanced consulting skills or extensive technical expertise, including full industry knowledge. Develop innovative solutions to complex problems. Work without considerable direction, and mentor and supervise team members.

Basic Qualifications:

• Experience with software modeling and a variety of fidelity levels, including ground force weapon and C4ISR systems
• Knowledge of C++, Python, and Java
• Knowledge of MATLAB or Simulink
• Ability to learn or understand an engineering level system such as Radars, RF sensors, EW, tanks, artillery, rockets, UAS, radios, and directed energy systems
• Top Secret clearance
• Bachelor's degree in Science, Technology, Engineering, or Mathematics

• Experience working with Army ground systems
• Knowledge of fidelity levels of modeling, including parametric, engineering, and emulative
• Knowledge of simulation environments, including the Integrated Threat Analysis Simulation Environment (ITASE) and Advanced Framework for Simulation, Integration, and Modeling (AFSIM)
• TS/SCI clearance
• Master's degree in Science, Technology, Engineering, or Mathematics

• If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.

About the job Threat Modeling Engineer, Senior
Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours.

Job Number: R0206267 Threat Modeling Engineer, Senior

Key Role: Research, design, develop, test, or supervise the manufacturing and installation of electrical equipment, components, or systems for commercial, industrial, military, or scientific use. Employ knowledge of electrical theory and materials properties. Apply advanced consulting skills or extensive technical expertise, including full industry knowledge. Develop innovative solutions to complex problems. Work without considerable direction, and mentor and supervise team members.

Basic Qualifications:

• Experience with software modeling and a variety of fidelity levels, including ground force weapon and C4ISR systems
• Knowledge of C++, Python, and Java
• Knowledge of MATLAB or Simulink
• Ability to learn or understand an engineering level system such as Radars, RF sensors, EW, tanks, artillery, rockets, UAS, radios, and directed energy systems
• Top Secret clearance
• Bachelor's degree in Science, Technology, Engineering, or Mathematics

• Experience working with Army ground systems
• Knowledge of fidelity levels of modeling, including parametric, engineering, and emulative
• Knowledge of simulation environments, including the Integrated Threat Analysis Simulation Environment (ITASE) and Advanced Framework for Simulation, Integration, and Modeling (AFSIM)
• TS/SCI clearance
• Master's degree in Science, Technology, Engineering, or Mathematics

• If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.

About the job Threat Modeling Engineer, Senior
Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours.

Job Number: R0206267 Threat Modeling Engineer, Senior

Key Role: Research, design, develop, test, or supervise the manufacturing and installation of electrical equipment, components, or systems for commercial, industrial, military, or scientific use. Employ knowledge of electrical theory and materials properties. Apply advanced consulting skills or extensive technical expertise, including full industry knowledge. Develop innovative solutions to complex problems. Work without considerable direction, and mentor and supervise team members.

Basic Qualifications:

• Experience with software modeling and a variety of fidelity levels, including ground force weapon and C4ISR systems
• Knowledge of C++, Python, and Java
• Knowledge of MATLAB or Simulink
• Ability to learn or understand an engineering level system such as Radars, RF sensors, EW, tanks, artillery, rockets, UAS, radios, and directed energy systems
• Top Secret clearance
• Bachelor's degree in Science, Technology, Engineering, or Mathematics

• Experience working with Army ground systems
• Knowledge of fidelity levels of modeling, including parametric, engineering, and emulative
• Knowledge of simulation environments, including the Integrated Threat Analysis Simulation Environment (ITASE) and Advanced Framework for Simulation, Integration, and Modeling (AFSIM)
• TS/SCI clearance
• Master's degree in Science, Technology, Engineering, or Mathematics

• If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.