Threat Modeler

State Street
Quincy, United States of America
6 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 158K

Job location

Quincy, United States of America

Tech stack

API
Amazon Web Services (AWS)
Architectural Patterns
Azure
Cloud Computing Security
Cloud Engineering
Computer Security
Information Systems Security Architecture Professional
Open Web Application Security
Cloud Services
Software Engineering
Data Streaming
Google Cloud Platform
Enterprise Software Applications
Cloud Platform System
Software Security
Mitre Att&ck
Containerization
Kubernetes
Information Technology
Devsecops
Microservices

Job description

We are looking for a Threat Modeler. You will be responsible for supporting threat modeling activities across enterprise applications, cloud platforms, APIs, and emerging technologies. Working closely with architects, engineers, developers, and cybersecurity teams, you will help identify security risks early in the technology lifecycle and contribute to secure-by-design initiatives across the organization.

Why This Role Is Important To Us

The team you will be joining is part of the Security Architecture organization, a function that is critical to safeguarding the firm's applications, cloud environments, data, and technology services. Threat modeling enables the organization to proactively identify security weaknesses, reduce cyber risk, and incorporate security requirements into technology solutions before they are deployed.

What You Will Be Responsible For

As a Threat Modeler, you will:

  • Participate in threat modeling assessments for applications, APIs, cloud platforms, and technology initiatives.
  • Analyze application architectures, data flows, trust boundaries, and cloud deployments to identify potential threats and security weaknesses.
  • Support the development of risk mitigation recommendations and secure design guidance.
  • Collaborate with application development, cloud engineering, and cybersecurity teams to improve security outcomes.
  • Contribute to threat modeling standards, reusable patterns, documentation, and security awareness initiatives.

Requirements

  • Strong analytical, problem-solving, and critical-thinking skills.
  • Knowledge of application security, cloud security, and secure software development principles.
  • Understanding of modern architectures including APIs, microservices, containers, and cloud-native technologies.
  • Strong communication and collaboration skills with technical and non-technical stakeholders.
  • Willingness to learn, adapt, and develop expertise in threat modeling and security architecture., * Degree in Computer Science, Cybersecurity, Information Technology, Engineering, or a related discipline.
  • 10 years or more of experience in application security, cloud security, cybersecurity architecture, threat modeling, or related technology disciplines, with at least 5 years of hands-on cybersecurity experience preferred.
  • Familiarity with threat modeling methodologies such as STRIDE, MITRE ATT&CK, attack trees, or similar security assessment techniques.
  • Understanding of secure software development practices, OWASP Top 10, API security, and cloud security fundamentals.
  • Experience with AWS, Azure, and/or Google Cloud platforms is preferred.
  • Knowledge of DevSecOps, CI/CD pipelines, containers, Kubernetes, or modern application architectures is desirable.
  • Security certifications such as Security+, SSCP, CCSK, AWS Cloud Practitioner, Azure Fundamentals, or equivalent certifications are a plus.

Additional Requirements

  • Strong desire to build expertise in threat modeling, application security, and cloud security.
  • Ability to work effectively in a collaborative, global team environment.
  • Limited travel may be required based on business needs.

Benefits & conditions

Shift: Standard business hours with flexibility to support global stakeholders across multiple time zones.

Salary Range: $90,000 - $157,500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street's comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you'll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

Apply for this position