Cybersecurity Threat Modeling Engineer-AWS (Hybrid NYC/Dallas)
Publicis Sapient, New York City, NY, United States
Publicis Sapient- Financial Services team is seeking Senior Engineers- Threat Modeling. You will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modeling; evaluating and governing public cloud services; and conducting security reviews for Public Cloud Providers. Collaborate with Engineering, Information Security, Program Management, and Development teams. You will perform technical architecture reviews to identify security opportunities and exploitable threats; and propose mitigation strategies.
Key Responsibilities
- Conduct thorough threat modeling exercises utilizing established methodologies and frameworks.
- Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls.
- Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary.
- Deliver comprehensive threat models and related tasks within specified timeframes.
- Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process.
- Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders.
Must-Haves:
- ONLY considering U.S. Citizens and Green Cards for this role—NOT accepting H1-B's, OPTs, H4-EAD's, EAD's and other work visa types
- Preference for New York and Dallas-based candidates
- Willing to travel and work out of Client offices in NY at least 2 days/week— HYBRID role
Mandatory skill set required:
- Overall exp in Cybersecurity: 5+ years to 15 years.
- Working proficiency in AWS Cloud – Minimum of 2-3 years exp, should have dealt with AWS, built something on AWS, secured workload with AWS.
- Exp working with Threat Modeling frameworks like MITRE Attack, STRIDE, PASTA, Attack trees, and DREAD (At least one of them).
- Threat Modeling at least 2 years exp plus Vulnerability management or Incident response.
- Someone who has 5 years in Threat Modeling plus GCP/AWS will be the best fit.
- Security wise 5yrs exp and 8 years of full exp; Threat Modelling fair experience to 2yrs. 1yr with Threat Modelling, 1yr with Incident Response, and 1 year with penetration testing will be good
- Knowledge in scripting languages and Infrastructure as Code (Terraform- must have at least 1-2 years of exp, CloudFormation).
- Kubernetes is good to have no mandate.
Qualifications:
We are seeking an ideal candidate with 8+ years of experience in a range of technologies and processes including:
- Strong knowledge of security architecture principles, frameworks, and best practices.
- Security practices encompass authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation.
- Knowledge of Rest API.
- Familiarity with Jira or other ticketing systems.
- Technical architecture design and review skills.
- Ability to identify vulnerabilities using CWE or OWASP.
- Knowledge of operating systems and their hardening techniques.
- Understanding of development concepts such as CICD, Pipelines, and SDLC.
- Penetration testing knowledge like Pen testing, Application, or API will be an asset.
- Familiarity with Cloud Development Kit (CDK) and GitOps.
- Exp operating in a DevOps/agile team environment.
- Understanding of docker, Kubernetes, serverless architecture, and Helm.
- Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks
- Strong analytical skills, diligence, and attention to detail.
- Continuous learning attitude towards new technologies and methodologies.
Set yourself apart with:
- Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL- Good to have.
- Relevant GCP certifications are highly desirable: GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer. Will be an asset.
- Strong knowledge of industry standards as they relate to Cloud and Application security management including ISO, NIST, and Cloud Security Alliance (CSA)
- Hands-on-exp with cloud security designs on AWS
- Exp working in regulated environments
- Exposure to agile development, DevOps, SecOps, and scrum teams
- Exp with another CSP provider: AWS, Azure
- Development exp (python, Node)
- Strong desire to learn and contribute solutions and ideas to a broader team
Additional information:
Annual Pay Range (in USD): $140,000 - $185,000 (varies with work experience)
The ranges shown above represent a grouping of relevant salary ranges currently in use at Publicis Sapient. The actual range for this position may differ based on factors such as location and the specific skill set needed for the role.
Benefits include:
- Flexible vacation (not limited, allocated, or accrued)
- Employee Assistance Program (EAP)
- Health and welfare plans (medical, dental, disability, and life insurance, etc.)
- Healthcare and dependent care
- Unlimited PTO's
- Publicis Bonus Plan
- 15 company paid holidays annually
- Work Your World program
- Parental leave and new parent transition program
- Tuition reimbursement
- Publicis Benefits Connection 401(k)Plan
- Work-Life, Discounts, and Corporate Social Responsibility Benefits
All your information will be kept confidential according to EEO guidelines.