Systems Architect 3

Location: Charlotte NC Hybrid Roles Charlotte Irving Raleigh Columbus

Interview Process: In person interview - 2 rounds - 1st 30 minutes and 2nd 1 hour

W2 only Local only

Job Descriptions:

• In this contingent resource assignment you may: Consult on or participate in moderately complex initiatives and deliverables within Systems Architect and contribute to large-scale planning related to Systems Architect deliverables
• Review and analyze moderately complex Systems Architect challenges that require an in-depth evaluation of variable factors
• Contribute to the resolution of moderately complex issues and consult with others to meet Systems Architect deliverables while leveraging solid understanding of the function policies procedures and compliance requirements
• Collaborate with Client personnel in Systems Architect

Required Qualifications:

• 4 years of Systems Architecture experience or equivalent demonstrated through one or a combination of the following: work or consulting experience training military experience education.

Systems Architect 3 - Threat Modeler

Role Summary

• The Senior Threat Modeler is responsible for performing deep architecture informed threat modeling for enterprise applications services and platforms. This role emphasizes system decomposition architectural reasoning and adversarial analysis supported by standardized threat modeling tooling and methodologies.
• This position is designed for practitioners who have built and operated enterprise systems and who can reason about how complex systems behave fail and are misused at scale. Threat enumeration and mitigation libraries are supported by tooling; judgment prioritization and architectural insight remain human responsibilities.

Key Responsibilities

A successful candidate will:

• Engage directly with application service and platform teams to derive a deep accurate understanding of real-world system architectures including implicit dependencies trust boundaries and operational behaviors.
• Decompose complex enterprise systems into components data flows and trust boundaries suitable for formal threat modeling.
• Model application and platform architectures using the enterprise-standard threat modeling tool (ThreatModeler) ensuring completeness accuracy and reuse of patterns where applicable.
• Apply the enterprise threat modeling methodology to identify assess and prioritize threats using tooling-generated threat libraries in combination with human risk judgment.
• Evaluate the plausibility and impact of threats distinguishing theoretical exposure from realistic attack paths.
• Review architectural designs configurations and source code evidence to validate claimed mitigations and control implementations.
• Recommend pragmatic risk informed mitigations favoring architectural and design-level controls where possible.
• Document publish and present threat modeling results in a clear defensible manner suitable for engineering leadership and audit stakeholders.
• Collaborate with Cybersecurity Architecture and platform teams to define or evolve mitigating control patterns when existing controls are insufficient or unavailable.
• Manage multiple threat models concurrently maintaining throughput and quality while working within defined delivery timelines.

Required Qualifications

Core Architecture & Engineering Background (Primary)

• Experience building designing or operating enterprise systems including application development platform engineering or systems architecture.
• Demonstrated experience decomposing complex systems (e.g. distributed services data platforms cloud-native architectures) and reasoning about their behavior under normal and failure conditions.
• Experience working directly with engineering teams on system design and delivery with accountability for outcomes.

Security & Threat Modeling Foundations (Supporting)

• 2 years of experience applying security principles to system design risk analysis or application security or equivalent experience demonstrated through work history.
• Practical understanding of common application security failure modes (e.g. authorization flaws trust boundary violations unsafe data handling).
• Familiarity with at least one structured threat modeling methodology (e.g. STRIDE PASTA or VAST) with the ability to apply it pragmatically rather than mechanically.
• Experience using threat modeling tools (e.g. ThreatModeler Microsoft Threat Modeling Tool OWASP Threat Dragon) to develop and maintain threat models.

Cloud & Technical Literacy

• Hands-on experience with at least one major cloud platform (Azure AWS or GCP) including core primitives such as identity networking and managed services.
• Ability to read and reason about source code infrastructure-as-code or configuration artifacts (deep coding expertise not required).
• Scripting or automation experience (e.g. Python) sufficient to support analysis validation or tooling integration.

Collaboration & Delivery

• Strong communication and facilitation skills with the ability to lead architecture and threat modeling discussions with senior engineers and architects.
• Ability to exercise judgment push back constructively and make defensible risk decisions.
• Comfortable balancing multiple in progress analyses while maintaining delivery discipline.

Desired Qualifications

• Prior experience building or leading architecture risk reviews or threat modeling efforts across multiple applications or platforms.
• Experience threat modeling cloud-native distributed or event-driven architectures.
• Experience threat modeling emerging technologies (e.g. GenAI-enabled systems).
• Familiarity with Threat Modeling as Code (TaaC) or automation-assisted modeling approaches.
• Security or cloud certifications (e.g. CISSP CCSP Azure/AWS/GCP) understood as complementary rather than primary qualifications.