Sign upLog in
Architecture Jobs

Application Threat Modeling Architect

Mindlance

CHARLOTTE, NC

Apply
JOB DETAILS
SKILLS
Amazon Web Services (AWS), Analysis Skills, Application Programming Interface (API), Applications Security, Artificial Intelligence (AI), Authentication, Automation, Business Solutions, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Cloud Computing, Code Reviews, Communication Skills, Consulting, Continuous Deployment/Delivery, Continuous Integration, Distributed Computing, Embedded Systems, GCP (Good Clinical Practices), GIAC - Global Information Assurance Certification, Go Programming Language (Golang), Identify Issues, Java, JavaScript, Leadership, Microsoft .NET, Microsoft Windows Azure, Node.js, Presentation/Verbal Skills, Production Systems, Python Programming/Scripting Language, Risk Management, Root Cause Analysis, Sales Pipeline, Software Design, Software Engineering, Standards Development, Supply Chain, Threat Modeling, Writing Skills
LOCATION
CHARLOTTE, NC
POSTED
18 days ago
Project Title: Application Threat Modeling Architect
Project Duration: 12+ Month (s) Opportunity for extension or conversion
Project Location: Charlotte (Brevard location), Los Colinas and Chandler
Hybrid: 3 days onsite / 2 days remote
Interview Process: 2 rounds onsite interviews - 1 hour duration

Job Description:
  • In this contingent resource assignment, you may: Consult as an expert to develop or influence initiatives and resources for highly complex business and technical needs across Engineering.
  • Consult on the strategy and resolution of highly complex and unique challenges requiring in-depth evaluation across multiple areas, delivering solutions that are long-term, large-scale and require vision, creativity, innovation, and advanced analytical and inductive thinking.
  • Provide expertise to client senior leadership on innovative Engineering business solutions.
  • Strategically engage with client personnel.

Required Qualifications:
  • 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, education.
  • Role will conduct and automate Application Threat Modeling ( https://owasp.org/www-community/Threat_Modeling_Process ).
  • Candidate must have experience decomposing the architecture of application.
  • Candidate must have experience driving and implementing solutions for automation.
  • 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 7+ years Application Security Engineering
  • 2+ years Threat Modeling Experience
  • Experience building AI/LLM Application Security scalable solutions for enterprise production environments

Desired Qualifications:
  • Demonstrated deep, hands-on expertise in:
  • Secure application architecture and design
  • Secure coding practices and code-level vulnerability analysis
  • Threat modeling and abuse case analysis
  • Authentication, authorization, session management, API security, and secrets management
  • Common application vulnerabilities and exploit patterns (e.g., OWASP Top 10, deserialization, injection, SSRF, access control issues, insecure design, dependency risk)
  • Strong hands-on experience securing applications built in one or more modern technology stacks such as Java, .NET, Python, JavaScript/TypeScript, Node.js, Go, or similar.
  • Experience integrating security into CI/CD pipelines, developer workflows, and engineering platforms.
  • Experience with one or more of the following: SAST, SCA, DAST, IaC scanning, container security, API security testing, code review, threat modeling, runtime protection, or software supply chain security controls.
  • Hands-on experience with AI security, including securing AI-enabled applications or advising engineering teams on the secure use of AI/LLM-based capabilities.
  • Ability to independently investigate complex technical problems, identify root causes, and drive practical remediation.
  • Strong written and verbal communication skills with the ability to influence both engineers and senior stakeholders.
  • Proven ability to operate both strategically and tactically moving from enterprise patterns to code-level detail as needed.
  • Prior experience serving as an Application Security Champion, Security Champion, embedded security lead, or senior engineer responsible for driving security within product/application teams.
  • Experience designing security controls for cloud-native and distributed systems running in Azure, AWS, or GCP.
  • Experience with software supply chain security, including dependency risk management, build pipeline hardening, SBOM, artifact integrity, provenance, and package governance.
  • Experience with runtime application protection, threat detection, or exploit prevention technologies.
  • Familiarity with Zero Trust, secure platform engineering, and policy-as-code approaches.
  • Experience defining standards, playbooks, or secure reference architectures that can be adopted broadly by engineering organizations.
  • Background in software engineering or architecture prior to moving into security.
  • Certifications: CSSLP, GIAC GWEB, CISSP, GIAC GWAPT, CCSP, CCSP.

EEO:
Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.

About the Company

M

Mindlance

Similar Job Searches

Architectural Designer JobsArchitecture Manager JobsBuilding Designer Jobs