Application Security Architect- Threat Modeler
Job Location:
Monthly Salary:
Experience Required:
Posted on:
Vacancies:
Job Summary
Job Title: Application Security Architect- Threat Modeler
We are seeking a Threat Modeler with a strong development background to support secure application design and cloud-native security architecture. The role focuses on embedding security early in the SDLC through threat modeling secure design and DevSecOps practices.
Key Responsibilities:
- Perform threat modeling using frameworks such as STRIDE CAPEC and MITRE ATT&CK
- Identify attack vectors vulnerabilities and security risks across application architectures
- Design and implement application security controls for Web API Mobile and AI-based systems
- Support DevSecOps practices and integrate security into CI/CD pipelines
- Define and enforce secure architecture patterns for cloud-based applications
- Work on cloud security architecture design implementation and operations
- Assess and implement security controls aligned with NIST 800-53 NIST CSF and OWASP ASVS
- Support secure API and application design including REST and SOAP services
- Collaborate with engineering teams on secure full-stack application design
- Conduct security reviews and provide remediation guidance
- Support IAM controls including OAuth 2.0 OIDC and JWT
- Ensure cryptographic standards for data at rest and in transit
- Participate in secure design discussions across distributed Agile teams
Required Skills & Experience:
- Strong experience in Threat Modeling and Application Security Architecture
- Experience with DevSecOps and secure SDLC practices
- Strong understanding of cloud security principles (AWS/Azure/GCP)
- Experience with security frameworks: NIST 800-53 NIST CSF OWASP ASVS
- Knowledge of CAPEC MITRE ATT&CK STRIDE methodologies
- Experience with Web API Mobile and AI application security
- Full-stack architecture understanding (SPA REST APIs SOAP APIs Mobile apps)
- Hands-on experience with Java JavaScript and mobile application development
- Knowledge of databases: Oracle SQL DB2 NoSQL
- Understanding of IAM (OAuth 2.0 OIDC JWT)
- Strong knowledge of cryptography (data at rest & in transit)
Preferred Certifications:
- CISSP
- CISM
- CSSLP
- CISA
- CRISC
- OSCP
Required Skills:
60-70
Required Education:
Backend Engineer Kotlin Microservices & AKSRole Overview:We are seeking a highly skilled backend developer with strong experience in modern programming languages and frameworks with primary expertise in Kotlin and exposure to Java microservices and cloud Skills:Proficiency in Kotlin with additional experience in Java (Spring Boot Spring Security) and JavaScript () 5 years of backend development experience including: oUnit testing frameworks (e.g.
