Security Architect and Threat Modeler

Gravity IT Resources

Apply Now

Job Title: Security Architect and Threat Modeling

Location: Remote

Job-Type: Direct Hire

Employment Eligibility: Gravity cannot transfer nor sponsor a work visa for this position. Applicants must be eligible to work in the U.S. for any employer directly (we are not open to contract or “corp to corp” agreements).
 

Overview

Our client is seeking a Consultant (FTE) that can help improve the security of medical devices through the delivery of threat models and threat modeling training for customers.  Our employees work on complex systems, including custom embedded devices, desktop software applications, web applications, cloud backends, and mobile apps. Titles and compensation will be commensurate with experience.

Requirements

  • Expertise in security threat modeling and architecture
  • Strong problem-solving and analytical skills
  • Good understanding of systems-level security concepts
  • Good understanding of cryptographic primitives
  • Remain current in the latest security technologies, methodologies, and best practices, especially as it relates to threat modeling
  • In-depth knowledge of security concepts and design techniques relating to the cloud (AWS/GCP/Azure) as well as web applications, embedded IoT, client, and mobile applications
  • Excellent communication skills in English
  • Ability to write technical reports and other documentation
  • Ability to develop and deliver training
  • Ability to travel up to 25% to customer premises
  • Facilitate meetings with external customers/clients to iterate the threat model diagram.

Basic Qualifications

  • 5+ years of experience in security architecture
  • 5+ years of experience creating, maintaining, and reviewing threat models
  • In-depth knowledge of security concepts and design techniques relating to the cloud (AWS/GCP/Azure) as well as web applications, IoT, client, and mobile applications
  • Understanding of NIST or medical device regulations and standards is a plus but not required
  • Proficient in Office365 and threat modeling methodologies such as STRIDE

Law.Jones

Apply Now