Threat Modeler (W2 and Local only) at Sharp Decisions

A client of Sharp Decisions Inc. is looking to bring on a Threat Modeler to be based in Jersey City, NJ. This position is HYBRID (3 days a week onsite). The contract duration is 6 months with possible extension. *W2 and local only.

Your Primary Responsibilities

Perform threat modeling to identify use cases, threat agents, attack vectors and patterns, design patterns, and compensating controls needed to mitigate risk.

Performs threat modeling with software development lifecycle (SDLC) and in partnership with stakeholders and development teams

Ability to execute multiple threat modeling engagements concurrently

Maintain threat models and update as necessary to reflect significant changes in application design

Implement methodologies and frameworks such as STRIDE, Kill Chains, or similar attack trees within threat models

Talents needed for Success:

Minimum of 6 years of experience in application security

Minimum of 4 years of experience in threat modeling

Broad knowledge of application layer technologies

Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques

Understanding of MITRE Framework and adversarial methodologies

Ability to communicate technical issues to a non-technical executive audience

Ability to work under pressure, multitask and be flexible

Prior experience with threat modeling platforms is a huge plus

Bachelors Degree and/or equivalent experience