• Threat Modeler

    Insight Global (Chicago, IL)


    Job Description

    Conduct threat modeling and application security risk assessments across BMOs SDLC

     

    Identify and document security threats and countermeasures for technology initiatives

     

    Produce high-quality threat modeling artifacts and track remediation activities

     

    Collaborate with Security Architects and other teams to align on controls and best practices

     

    Advocate for cybersecurity standards and help mature threat modeling practices

     

    Stay current on technology trends and emerging threats

     

    Support the development of standardized threat modeling practices and tools

     

    Partner with the Security Assessment and Testing group to integrate findings into broader risk analysis

     

    We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf) .

     

    To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

     

    Skills and Requirements

     

    3+ years of experience Threat modeling in application security and security risk management

     

    Proficient in threat modeling methodologies (e.g., STRIDE, PASTA, Attack Trees)

     

    Experience performing architecture risk analysis in hybrid cloud environments

     

    Familiarity with Agile methodologies and DevSecOps practices

     

    Strong understanding of application/system design and decomposition for threat identification

     

    Post-secondary degree in Computer Science, Engineering, Information Systems, or equivalent experience Prior software development experience (e.g., Java, JavaScript, Python)

     

    Experience in 2+ additional security domains (e.g., ethical hacking, cloud security, IAM, network/platform security)

     

    Familiarity with modern cloud services (PaaS, IaaS, SaaS), data platforms, and emerging tech risks

    Experience building or contributing to threat libraries and control catalogs null

    We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].