Veracity Software Inc
Application Security Architect
Duration: 12+ Months
Location: Charlotte, NC & Iselin, NJ (Hybrid Role)
Application Security Secure Development is seeking an application security architect to threat model applications, services, and platforms.
Responsibilities
Engage and collaborate with application, service, and platform teams to derive a deep, detailed, and accurate description of their application architectures and the services and platforms they consume.
Model the architectures in our threat modeling tool.
Apply our threat modeling methodology to identify and prioritize threats to those applications and to apply mitigating controls.
Review evidence (designs, configurations, and/or source code) of mitigations to threats.
Propose solutions to mitigate threats.
Publish and present threat modeling results.
Collaborate with Cybersecurity Architecture in the creation of new mitigating controls where a sufficient mitigation does not previously exist for a threat.
Required Qualifications
4+ years of Systems Architecture and/or Systems Development experience
3+ years of Cybersecurity experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education, Cybersecurity certifications.
1+ years of engineering experience with Azure, GCP, or AWS.
1+ years of experience in Python programming.
Proficient in at least one Threat Modeling methodology, such as STRIDE, PASTA, OCTAVE, LINDDUN, or VAST
Experience using Threat Modeler, Microsoft Threat Modeling tool, or OWASP Threat Dragon to develop threat models
Understanding of OWASP Top 10, CAPEC, MITRE Telecom&CK and Secure Design principles
The ability to juggle multiple threat models actively in the work‑in‑progress state, working with a sense of urgency, delivering with short cycle times and a high throughput without sacrificing quality.
Strong collaboration and communication skills, and the ability to work effectively with cross‑functional teams.
Desired Qualifications
Security and cloud certifications, such as CISSP, CCSP and Azure, GCP, or AWS cloud certifications.
3+ years leading Architecture Risk Reviews and building threat models.
1+ years of experience Threat Modeling GenAI.
1+ years of experience leveraging Threat modeling-as-a-Code (TaaC).
#J-18808-Ljbffr
Location: Charlotte, NC & Iselin, NJ (Hybrid Role)
Application Security Secure Development is seeking an application security architect to threat model applications, services, and platforms.
Responsibilities
Engage and collaborate with application, service, and platform teams to derive a deep, detailed, and accurate description of their application architectures and the services and platforms they consume.
Model the architectures in our threat modeling tool.
Apply our threat modeling methodology to identify and prioritize threats to those applications and to apply mitigating controls.
Review evidence (designs, configurations, and/or source code) of mitigations to threats.
Propose solutions to mitigate threats.
Publish and present threat modeling results.
Collaborate with Cybersecurity Architecture in the creation of new mitigating controls where a sufficient mitigation does not previously exist for a threat.
Required Qualifications
4+ years of Systems Architecture and/or Systems Development experience
3+ years of Cybersecurity experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education, Cybersecurity certifications.
1+ years of engineering experience with Azure, GCP, or AWS.
1+ years of experience in Python programming.
Proficient in at least one Threat Modeling methodology, such as STRIDE, PASTA, OCTAVE, LINDDUN, or VAST
Experience using Threat Modeler, Microsoft Threat Modeling tool, or OWASP Threat Dragon to develop threat models
Understanding of OWASP Top 10, CAPEC, MITRE Telecom&CK and Secure Design principles
The ability to juggle multiple threat models actively in the work‑in‑progress state, working with a sense of urgency, delivering with short cycle times and a high throughput without sacrificing quality.
Strong collaboration and communication skills, and the ability to work effectively with cross‑functional teams.
Desired Qualifications
Security and cloud certifications, such as CISSP, CCSP and Azure, GCP, or AWS cloud certifications.
3+ years leading Architecture Risk Reviews and building threat models.
1+ years of experience Threat Modeling GenAI.
1+ years of experience leveraging Threat modeling-as-a-Code (TaaC).
#J-18808-Ljbffr