Diverse Lynx
Cloud Security Engineer - Threat Modeling
Diverse Lynx, Irvine, California, United States, 92713
Cloud Security Engineer - Threat Modeling
Must Have Technical/Functional Skills- • 3+ years of experience in cloud security and 2+ years in threat modeling. • Strong understanding of at least one major cloud provider (AWS, Azure, or GCP). • Familiarity with threat modeling frameworks (e.g., STRIDE, DREAD, PASTA, LINDDUN). • Knowledge of cloud architecture patterns, containers, microservices, and serverless technologies. • Hands-on experience with cloud-native security tools (e.g., AWS Security Hub, Azure Defender). • Understanding of secure coding principles, DevSecOps, and IaC (e.g., Terraform, CloudFormation). • Excellent communication and documentation skills.
Roles & Responsibilities • Conduct threat modeling exercises for cloud-native applications, services, and infrastructure. Work closely with DevOps, Cloud Engineering, and Application Security teams to identify potential threats early in the SDLC. • Develop and maintain threat models using tools like Microsoft Threat Modeling Tool, IriusRisk, or equivalent. • Recommend appropriate security controls and mitigation strategies based on modeling outcomes. • Collaborate with architecture and engineering teams to integrate threat modeling into CI/CD pipelines. • Translate technical risks into actionable items for business and technical stakeholders. • Analyze new and existing cloud services for potential misconfigurations or vulnerabilities. • Provide expertise in secure cloud design patterns and reference architectures. • Assist in maintaining compliance with relevant standards such as ISO 27001, SOC 2, NIST, or CIS benchmarks.
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
Must Have Technical/Functional Skills- • 3+ years of experience in cloud security and 2+ years in threat modeling. • Strong understanding of at least one major cloud provider (AWS, Azure, or GCP). • Familiarity with threat modeling frameworks (e.g., STRIDE, DREAD, PASTA, LINDDUN). • Knowledge of cloud architecture patterns, containers, microservices, and serverless technologies. • Hands-on experience with cloud-native security tools (e.g., AWS Security Hub, Azure Defender). • Understanding of secure coding principles, DevSecOps, and IaC (e.g., Terraform, CloudFormation). • Excellent communication and documentation skills.
Roles & Responsibilities • Conduct threat modeling exercises for cloud-native applications, services, and infrastructure. Work closely with DevOps, Cloud Engineering, and Application Security teams to identify potential threats early in the SDLC. • Develop and maintain threat models using tools like Microsoft Threat Modeling Tool, IriusRisk, or equivalent. • Recommend appropriate security controls and mitigation strategies based on modeling outcomes. • Collaborate with architecture and engineering teams to integrate threat modeling into CI/CD pipelines. • Translate technical risks into actionable items for business and technical stakeholders. • Analyze new and existing cloud services for potential misconfigurations or vulnerabilities. • Provide expertise in secure cloud design patterns and reference architectures. • Assist in maintaining compliance with relevant standards such as ISO 27001, SOC 2, NIST, or CIS benchmarks.
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.