Synergy Interactive
Get AI-powered advice on this job and more exclusive features.
This range is provided by Synergy Interactive. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range
$140,000.00/yr - $160,000.00/yr Senior Interactive Recruiter & Account Manager at Synergy Interactive with expertise in recruiting and account management
Threat Modeling (GCP Focus) Join Our Team and Secure the Future of Digital Transformation! Are you passionate about building secure cloud environments and proactively identifying potential threats? We're looking for a seasoned Senior Cloud Security Engineer with a strong expertise in threat modeling to join our dynamic, cross-functional team. In this role, you'll be a key player in safeguarding our clients' digital transformations by leveraging your deep understanding of security architecture and threat analysis, particularly within the Google Cloud Platform (GCP). What You'll Do: Lead Proactive Threat Modeling:
Design and execute comprehensive threat modeling exercises using industry-standard methodologies like MITRE ATT&CK, STRIDE, and PASTA. Identify and Mitigate Risks:
Conduct in-depth technical architecture reviews to pinpoint security vulnerabilities, analyze potential threats, and develop effective mitigation strategies. Manage Threat Lifecycle:
Oversee the lifecycle of identified threats and associated security controls, ensuring timely updates and adjustments to maintain optimal security posture. Deliver Actionable Insights:
Produce clear and concise threat models and reports, presenting findings and progress updates to senior leadership and technical stakeholders. Drive Process Improvement:
Provide constructive feedback and contribute to the continuous enhancement of our threat modeling processes. Collaborate and Educate:
Partner with Engineering, Information Security, Program Management, and Development teams to foster a security-first culture and share your expertise. What You Bring: 8+ years of experience in security engineering, with a strong emphasis on cloud security. Proven ability to apply threat modeling methodologies (MITRE ATT&CK, STRIDE, PASTA, etc.). 5+ years of overall experience in Cybersecurity. Strong understanding of security architecture principles, frameworks, and best practices. Proficiency in security practices related to authentication, authorization, logging/monitoring, encryption, infrastructure security, and network segmentation. Experience with REST APIs, scripting languages (e.g., Python), and Infrastructure as Code (Terraform, CloudFormation). Familiarity with Jira or similar ticketing systems. Excellent technical architecture design and review skills. Ability to identify vulnerabilities using CWE or OWASP standards. Solid understanding of operating system hardening techniques. Knowledge of development concepts (CI/CD, pipelines, SDLC). Familiarity with containerization and orchestration technologies (Docker, Kubernetes, Helm). Experience with cloud development kits (CDK) and GitOps practices. Experience working in a DevOps/Agile environment. Strong analytical, problem-solving, and communication skills. An adversary mindset, and a continuous learning attitude. The ability to create excellent technical documentation. Bonus Points: Relevant security certifications (CISSP, CCSP, CISA, CISM, ITIL). GCP certifications (Professional Cloud Architect, Professional Cloud Security Engineer). Knowledge of industry standards (ISO, NIST, CSA). Hands-on experience with cloud security designs on GCP. Experience in regulated environments. Experience with other cloud providers (AWS, Azure). Penetration testing experience. Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Technology, Information and Media
#J-18808-Ljbffr
$140,000.00/yr - $160,000.00/yr Senior Interactive Recruiter & Account Manager at Synergy Interactive with expertise in recruiting and account management
Threat Modeling (GCP Focus) Join Our Team and Secure the Future of Digital Transformation! Are you passionate about building secure cloud environments and proactively identifying potential threats? We're looking for a seasoned Senior Cloud Security Engineer with a strong expertise in threat modeling to join our dynamic, cross-functional team. In this role, you'll be a key player in safeguarding our clients' digital transformations by leveraging your deep understanding of security architecture and threat analysis, particularly within the Google Cloud Platform (GCP). What You'll Do: Lead Proactive Threat Modeling:
Design and execute comprehensive threat modeling exercises using industry-standard methodologies like MITRE ATT&CK, STRIDE, and PASTA. Identify and Mitigate Risks:
Conduct in-depth technical architecture reviews to pinpoint security vulnerabilities, analyze potential threats, and develop effective mitigation strategies. Manage Threat Lifecycle:
Oversee the lifecycle of identified threats and associated security controls, ensuring timely updates and adjustments to maintain optimal security posture. Deliver Actionable Insights:
Produce clear and concise threat models and reports, presenting findings and progress updates to senior leadership and technical stakeholders. Drive Process Improvement:
Provide constructive feedback and contribute to the continuous enhancement of our threat modeling processes. Collaborate and Educate:
Partner with Engineering, Information Security, Program Management, and Development teams to foster a security-first culture and share your expertise. What You Bring: 8+ years of experience in security engineering, with a strong emphasis on cloud security. Proven ability to apply threat modeling methodologies (MITRE ATT&CK, STRIDE, PASTA, etc.). 5+ years of overall experience in Cybersecurity. Strong understanding of security architecture principles, frameworks, and best practices. Proficiency in security practices related to authentication, authorization, logging/monitoring, encryption, infrastructure security, and network segmentation. Experience with REST APIs, scripting languages (e.g., Python), and Infrastructure as Code (Terraform, CloudFormation). Familiarity with Jira or similar ticketing systems. Excellent technical architecture design and review skills. Ability to identify vulnerabilities using CWE or OWASP standards. Solid understanding of operating system hardening techniques. Knowledge of development concepts (CI/CD, pipelines, SDLC). Familiarity with containerization and orchestration technologies (Docker, Kubernetes, Helm). Experience with cloud development kits (CDK) and GitOps practices. Experience working in a DevOps/Agile environment. Strong analytical, problem-solving, and communication skills. An adversary mindset, and a continuous learning attitude. The ability to create excellent technical documentation. Bonus Points: Relevant security certifications (CISSP, CCSP, CISA, CISM, ITIL). GCP certifications (Professional Cloud Architect, Professional Cloud Security Engineer). Knowledge of industry standards (ISO, NIST, CSA). Hands-on experience with cloud security designs on GCP. Experience in regulated environments. Experience with other cloud providers (AWS, Azure). Penetration testing experience. Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks. Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
Technology, Information and Media
#J-18808-Ljbffr