Mindlance
Advance your career with Mindlance! We have been connecting talented IT professionals with world-class companies since 1999. Mindlance is here to help you to find the perfect fit with just the right company. Currently, we are seeking an Application Security Manager for an exciting career growth opportunity.
Make your next big career move with the kind of position that will allow you to be genuinely passionate about the work you do! Our recruiters will work closely with you to help you get the edge over the competition. Let Mindlance advocate for you – apply today!
“Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of – Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”
Job Title: Senior Cybersecurity Architect/Application Threat Modeler Job Category: 06 Months (Contract to Hire) Industry: Banking Job Location
:
100% Remote Zip Code:
30303 Top 3/5 Skills: Cybersecurity, Application Security, PASTA, STRIDE, “Threat Modeling’ Min & Max Pay Rate (Ex: $90.00 /hr. – $95.00/hr.):
Senior Cybersecurity Architect/Application Threat Modeler Job Description
Role Responsibilities: · The Sr. Cybersecurity Architect conducts threat modeling activities utilizing the Process of Attack Simulation Threat Analysis (PASTA) methodology to create an offensive security perspective for technology delivery teams with the goal of creating visibility and context to threats and vulnerabilities to applications and solutions. · Analyze business requirements, while validating security specifications, and assess security solutions that support core organizational functions, and assure their confidentiality, integrity and high availability. · Principally works, under limited supervision, with Corporate Information Security (CIS) personnel, Line of Business (LOB) personnel, external vendors, and internal IT Services personnel including Enterprise Architects, Application & Data Services personnel and other IT Operations Services teams. · A threat model is an output of an exercise performed on an application or solution to determine weaknesses that could potentially be exploited by a threat actor. · It allows for the application teams to pinpoint design and implementation issues that requires remediation or mitigation.
Job Description
: Essential Duties and Responsibilities
: · Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
Threat Modeling & Risk Identification · Conduct structured threat modeling for applications, APIs, and services across the Technology Delivery Lifecycle (TDLC) · Identify potential threats, attack vectors, design flaws, and vulnerabilities that may impact delivery timelines, system security, or regulatory compliance · Assess risks to confidentiality, integrity, availability, and resiliency of business-critical systems
Integration into TDLC · Embed security-by-design practices into each TDLC phase (requirements, design, build, test, deploy) · Collaborate with delivery teams to ensure security controls and mitigations are defined early and consistently implemented · Track and validate mitigation strategies throughout delivery cycles to ensure secure releases
Risk Communication & Reporting · Document threat models, risk scenarios, and security design considerations in clear, actionable reports. · Deliver tailored risk communication to technical teams, product owners, and executive stakeholders · Provide risk ratings and recommendations to support informed go/no-go release decisions
Collaboration & Influence · Partner with architects, engineers, product managers, and delivery leads to balance security and business objectives. Act as a subject matter expert on secure application design, emerging attack vectors, and industry frameworks (e.g., STRIDE, PASTA, OWASP). · Mentor TDLC team members on threat modeling practices and proactive risk identification.
Continuous Improvement · Refine threat modeling processes, frameworks, and automation for scalability across delivery portfolios. · Incorporate real-world threat intelligence, incident data, and vulnerability management findings into TDLC risk assessments. · Contribute to the creation of reusable playbooks, secure design patterns, and threat libraries for enterprise-wide adoption.
Must Have Skills/Prior Experiences: · The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. · Bachelor's degree in a technical or business field, or equivalent education and related training · Eight years of demonstrated experience of systems engineering and/or architecture in at least one of the information security areas: network security, access management, end point protection, data loss prevention, vulnerability management, application security, forensics, web security, mainframe, incident response and/or cyber threat management in a medium to large corporation · Highly experienced in network security architecture, including design tools, methods, and techniques and the application of Defense-in-Depth principles; knowledge of network design processes, including understanding of security objectives
· Specialized depth and thorough Knowledge of The Open Group Architecture Framework (TOGAF), including infrastructure, data, information security, applications, architectural concepts, and associated disciplines
Make your next big career move with the kind of position that will allow you to be genuinely passionate about the work you do! Our recruiters will work closely with you to help you get the edge over the competition. Let Mindlance advocate for you – apply today!
“Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of – Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”
Job Title: Senior Cybersecurity Architect/Application Threat Modeler Job Category: 06 Months (Contract to Hire) Industry: Banking Job Location
:
100% Remote Zip Code:
30303 Top 3/5 Skills: Cybersecurity, Application Security, PASTA, STRIDE, “Threat Modeling’ Min & Max Pay Rate (Ex: $90.00 /hr. – $95.00/hr.):
Senior Cybersecurity Architect/Application Threat Modeler Job Description
Role Responsibilities: · The Sr. Cybersecurity Architect conducts threat modeling activities utilizing the Process of Attack Simulation Threat Analysis (PASTA) methodology to create an offensive security perspective for technology delivery teams with the goal of creating visibility and context to threats and vulnerabilities to applications and solutions. · Analyze business requirements, while validating security specifications, and assess security solutions that support core organizational functions, and assure their confidentiality, integrity and high availability. · Principally works, under limited supervision, with Corporate Information Security (CIS) personnel, Line of Business (LOB) personnel, external vendors, and internal IT Services personnel including Enterprise Architects, Application & Data Services personnel and other IT Operations Services teams. · A threat model is an output of an exercise performed on an application or solution to determine weaknesses that could potentially be exploited by a threat actor. · It allows for the application teams to pinpoint design and implementation issues that requires remediation or mitigation.
Job Description
: Essential Duties and Responsibilities
: · Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
Threat Modeling & Risk Identification · Conduct structured threat modeling for applications, APIs, and services across the Technology Delivery Lifecycle (TDLC) · Identify potential threats, attack vectors, design flaws, and vulnerabilities that may impact delivery timelines, system security, or regulatory compliance · Assess risks to confidentiality, integrity, availability, and resiliency of business-critical systems
Integration into TDLC · Embed security-by-design practices into each TDLC phase (requirements, design, build, test, deploy) · Collaborate with delivery teams to ensure security controls and mitigations are defined early and consistently implemented · Track and validate mitigation strategies throughout delivery cycles to ensure secure releases
Risk Communication & Reporting · Document threat models, risk scenarios, and security design considerations in clear, actionable reports. · Deliver tailored risk communication to technical teams, product owners, and executive stakeholders · Provide risk ratings and recommendations to support informed go/no-go release decisions
Collaboration & Influence · Partner with architects, engineers, product managers, and delivery leads to balance security and business objectives. Act as a subject matter expert on secure application design, emerging attack vectors, and industry frameworks (e.g., STRIDE, PASTA, OWASP). · Mentor TDLC team members on threat modeling practices and proactive risk identification.
Continuous Improvement · Refine threat modeling processes, frameworks, and automation for scalability across delivery portfolios. · Incorporate real-world threat intelligence, incident data, and vulnerability management findings into TDLC risk assessments. · Contribute to the creation of reusable playbooks, secure design patterns, and threat libraries for enterprise-wide adoption.
Must Have Skills/Prior Experiences: · The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. · Bachelor's degree in a technical or business field, or equivalent education and related training · Eight years of demonstrated experience of systems engineering and/or architecture in at least one of the information security areas: network security, access management, end point protection, data loss prevention, vulnerability management, application security, forensics, web security, mainframe, incident response and/or cyber threat management in a medium to large corporation · Highly experienced in network security architecture, including design tools, methods, and techniques and the application of Defense-in-Depth principles; knowledge of network design processes, including understanding of security objectives
· Specialized depth and thorough Knowledge of The Open Group Architecture Framework (TOGAF), including infrastructure, data, information security, applications, architectural concepts, and associated disciplines