SDNA Jobs Search

Cloud Security Engineer – Threat Modeling

Must Have Technical/Functional Skills-

• 3+ years of experience in cloud security and 2+ years in threat modeling.

• Strong understanding of at least one major cloud provider (AWS, Azure, or GCP).

• Familiarity with threat modeling frameworks (e.g., STRIDE, DREAD, PASTA, LINDDUN).

• Knowledge of cloud architecture patterns, containers, microservices, and serverless technologies.

• Hands-on experience with cloud-native security tools (e.g., AWS Security Hub, Azure Defender).

• Understanding of secure coding principles, DevSecOps, and IaC (e.g., Terraform, CloudFormation).

• Excellent communication and documentation skills.

Roles & Responsibilities

• Conduct threat modeling exercises for cloud-native applications, services, and infrastructure.

Work closely with DevOps, Cloud Engineering, and Application Security teams to identify potential threats early in the SDLC.

• Develop and maintain threat models using tools like Microsoft Threat Modeling Tool, IriusRisk, or equivalent.

• Recommend appropriate security controls and mitigation strategies based on modeling outcomes.

• Collaborate with architecture and engineering teams to integrate threat modeling into CI/CD pipelines.

• Translate technical risks into actionable items for business and technical stakeholders.

• Analyze new and existing cloud services for potential misconfigurations or vulnerabilities.

• Provide expertise in secure cloud design patterns and reference architectures.

• Assist in maintaining compliance with relevant standards such as ISO 27001, SOC 2, NIST, or CIS benchmarks.

Salary Range- $100,000-$120,000 a year

#LI-SP3

#LI-VX1