Previous Job
Senior Threat Modeler
Ref No.: 17-08247
Location: St. Louis, Missouri
Position Type:Direct Placement
Start Date: 09/06/2017

Title: Senior Senior Security Architect
Location: St. Louis, MO
Type: Full Time/ Direct Hire 

Job Description
The Threat Evaluation (TEV) organization's mission is to identify threats and drive out vulnerabilities across the organization. The ideal candidate will have excellent analytical, engineering, communication, and technical skills. This position will be responsible for performing threat modeling exercises in support of the Project Risk Assessment Team. This role is a lead position, which will create, implement, and maintain a threat modeling strategy and framework (PASTA, DREAD, etc.).

  • Lead the Threat Modeling program by performing security architecture / application reviews of products and applications
  • Create security use, misuse and abuse cases for products and applications, to help create test plans to ensure adequate protection against threats
  • Define and implement KPIs to effectively measure the program
  • Create and execute the strategic roadmap
  • Assist project teams in implementing security measures to meet corporate policies and external regulations.
  • Mentor other Security Analysts in performing threat modeling and risk assessments
  • Provide technical expertise and resolution for Threat Modeling and Risk Assessments
Job Requirements
  • Demonstrated Experience in the following areas:
    • Application security and architecture
    • Identity management
    • Static and dynamic code analysis
    • Multifactor Authentication
    • Vulnerability Management
    • Web application firewalls
  • Experience with understanding complex software and system interactions
  • Practical experience of threat modeling applications, services, and infrastructure
  • Demonstrated experience with implementing/assessing risk against standards
  • In-depth knowledge of OWASP Top 10 / Application Security Verification Standard and how to remediate those findings
  • Familiarity with high level programming languages
  • Demonstrated ability to diagnose and troubleshoot technical issues, excellent problem-solving skills
  • 5+ years' experience as Application Architect/Sr. Developer
  • 3+ years' experience in Information Security
  • Strong program development, program management and leadership skills including experience in developing, documenting and establishing application security programs and best practices.
  • Understanding of application threat modelling and Secure SDLC practices.
  • Excellent written and verbal communication skills required. Must be able to communicate technical details a clear, understandable manner.
  • Generally curious with the ability to pick up new technology or concepts very quickly is required for success