Security Lead (Threat Modeling)

Lead Threat Modeling Efforts:

• Own and lead the threat modeling process, including identifying threats, vulnerabilities, and mitigations for cloud-based applications and systems hosted on GCP.
• Collaborate with architects, engineers, and product teams to design secure, resilient systems by incorporating threat modeling early in the design phase.
• Conduct threat assessments for new and existing GCP services and applications, identifying risk areas and recommending controls to mitigate identified threats.

Security Frameworks & Best Practices:

• Develop and implement security frameworks and threat modeling methodologies (eg, STRIDE, PASTA) specific to cloud-based systems.
• Establish and promote best practices for applying threat modeling across all stages of the software development lifecycle (SDLC).
• Drive the adoption of threat modeling tools and automation, integrating them with existing CI/CD pipelines and security workflows.

Cross-Functional Collaboration:

• Work closely with the Cloud Security, DevOps, and Engineering teams to ensure that threat modeling is integrated into the architecture review and deployment processes.
• Support incident response and vulnerability management teams by conducting post-mortem threat assessments following security incidents and breaches.

Security Risk Assessment & Mitigation:

• Identify potential attack vectors, misconfigurations, and design flaws in GCP resources and cloud-native architectures.
• Recommend actionable security improvements based on threat analysis and provide guidance on implementing mitigation strategies.
• Conduct risk assessments for third-party integrations, APIs, and other cloud service components that could expose security vulnerabilities.

Security Training & Awareness:

• Lead training sessions to educate internal teams on threat modeling techniques, security design principles, and secure cloud development practices.
• Mentor junior security team members and foster a culture of security-first thinking across the organization.

Continuous Improvement & Innovation:

• Stay current with emerging threats, vulnerabilities, and attack techniques targeting cloud environments, particularly on GCP.
• Continuously refine and improve threat modeling processes, tools, and methodologies to stay ahead of evolving security challenges.

Skills & Qualifications:

Required:

Threat Modeling Expertise:

• Extensive experience in threat modeling, risk assessment, and vulnerability analysis, with a deep understanding of common threat modeling methodologies (eg, STRIDE, PASTA, ATT&CK).
• Proven ability to conduct threat assessments on complex cloud architectures and applications, identifying threats and developing mitigation strategies.

In-Depth Knowledge of GCP:

• Strong experience with Google Cloud Platform (GCP) , including core GCP services such as Compute Engine, Kubernetes Engine (GKE), Cloud Storage, BigQuery, IAM, VPC, Cloud Functions, and others.
• Understanding of GCP-specific security risks, controls, and compliance frameworks (eg, CIS benchmarks, SOC 2, HIPAA, etc).

Cloud Security Best Practices:

• In-depth knowledge of cloud-native security principles, including least privilege access, defense-in-depth, secure configurations, and infrastructure-as-code security.
• Familiarity with cloud security tools and frameworks for vulnerability management, identity and access management (IAM), and threat detection in GCP.

Collaboration & Communication Skills:

• Excellent communication skills with the ability to explain complex security concepts to both technical and non-technical stakeholders.
• Strong leadership and collaboration skills, with a track record of working across functional teams to influence and drive security initiatives.

Security Certifications:

• Relevant certifications such as Google Cloud Professional Cloud Security Engineer , CISSP , CCSP , or similar are strongly preferred.

Preferred:

Application Security Experience:

• Experience with application security practices, such as static analysis (SAST), dynamic analysis (DAST), and secure code reviews.

Security Tools & Automation:

• Familiarity with threat modeling tools (eg, Microsoft Threat Modeling Tool, Threat Dragon), security testing tools (eg, Burp Suite, Checkmarx), and cloud security posture management tools (eg, Prisma Cloud, Aqua Security).

Incident Response & Forensics:

• Experience in supporting security incident response and conducting forensic investigations in cloud environments.

Programming / Scripting Skills:

• Proficiency in at least one programming or scripting language (eg, Python, Go, Shell) for security automation and tooling is a plus.