CrawlJobs Logo

Threat Modeling Architect

https://www.roberthalf.com Logo

Robert Half

Location Icon

Location:
United States , Philadelphia

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a highly skilled and experienced Threat Modeling Architect to join our cybersecurity team. This role is critical in helping our organization proactively identify, assess, and mitigate security threats across applications, systems, and infrastructure. You will lead structured threat modeling exercises, collaborate with cross-functional teams, and drive the integration of security into design and development processes.

Job Responsibility:

  • Lead and facilitate threat modeling sessions across diverse technology stacks and business domains
  • Define scope, identify assets, and document potential threats and vulnerabilities
  • Analyze threat impact and likelihood to prioritize mitigation strategies
  • Collaborate with engineering, architecture, and product teams to embed security into system design
  • Evaluate existing security controls and identify gaps or weaknesses
  • Develop and maintain threat model documentation, including architecture diagrams, findings, and action items
  • Continuously monitor and update threat models to reflect evolving threat landscapes
  • Promote a security-conscious culture through awareness and training

Requirements:

  • 5+ years of experience in cybersecurity, with a focus on threat modeling, risk assessment, or security architecture
  • Excellent communication and collaboration skills across technical and non-technical stakeholders
  • Excellent in interpreting architecture diagrams and identifying security design flaws within architectures
  • Ability to prioritize security and privacy remediations using a risk-based approach
  • Strong understanding of application, infrastructure, and networking security principles
  • Demonstrated hands-on development experience in one or more major programming languages
  • Experience with threat modeling methodologies (e.g., STRIDE, DREAD, PASTA, OCTAVE)
  • Ability to quickly learn new technologies and architectures in the AI Security space

Nice to have:

  • Extensive understanding of modern AI technologies and architectures, including large language models (LLMs), Agents, MCP, and retrieval-augmented generation (RAG)
  • Proven experience designing and building enterprise-scale applications using one or more major programming languages (Python, Java, JavaScript, Go, C/C++)
  • Security Certifications like CISSP, AWS Certified Security – Specialty, MS Cyber Architect, GCP Security are good to have
  • Privacy background, including familiarity with privacy threat modeling methodologies and frameworks, and holding relevant certifications (e.g., CIPP, CIPT, or equivalent)
What we offer:
  • medical
  • vision
  • dental
  • life and disability insurance
  • eligible to enroll in our company 401(k) plan

Additional Information:

Job Posted:
February 13, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Robert Half - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Threat Modeling Architect

Principal Security Architect

As a Security Architect, your role involves designing, reviewing, and enhancing ...
Location
Location
United States , San Francisco
Salary
Salary:
164000.00 - 290000.00 USD / Year
ethoslife.com Logo
Ethos
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in Information Security with at least 2 years as a Security Architect
  • Bachelor’s Degree in Computer Science or related field, or an additional 3 years of pertinent work involvement preferred
  • Strong knowledge of prevalent security architectures, frameworks, standards and emerging threats along with strategies and technologies for defense
  • Deep understanding of network protocols, operating systems, databases, applied cryptography, least privilege, zero trust principles, identity & access management, and other core information security concepts
  • Expertise in cloud computing and its associated best security practices encompassing applications, infrastructure, storage, platforms, and data security
  • Ability to conduct threat modeling and risk assessments
  • Ability to come into our San Francisco, CA office once a week
Job Responsibility
Job Responsibility
  • Conduct Threat Modeling & Architectural Assessments to cover all Information Security domains to ensure Security by Design
  • Assess technologies and solutions to develop and enrich security capabilities
  • Identify security gaps and communicate associated business risks to relevant stakeholders
  • Craft solutions that harmonize business needs with security and compliance requirements
  • Verify the effectiveness of security controls in mitigating identified risks
  • Assist engineering projects across the Software Development Life Cycle (SDLC) and collaborate to prioritize product security elements effectively
  • Apply expertise in information security and application development to instigate organizational shifts aimed at managing and resolving security weaknesses and vulnerabilities
  • Contribute to the creation of security policies, standards, and guidelines
  • Devise and implement frameworks for data classification, retention, and disposal to ensure alignment with data privacy regulations
  • Spearhead initiatives for data security awareness and training
  • Fulltime
Read More
Arrow Right

IT Security Consultant

At Bosch, we shape the future by inventing high-quality technologies and service...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years experience within the area of security engineering
  • experience with threat modelling, risk analysis / management, IT software development, or IT infrastructure
  • experience in IT Project Management (agile project experience is a plus)
  • preferred years cloud development/configuration experience (eg. Azure, AWS, ...)
  • Preferred security architect / IT system architect working experience
  • familiar with international security compliance rules or laws (eg. NIST, HIPPA, GDPR,...)
  • certificates in industry standards (eg. CISSP, CISA, DPO, ISO, SAFe, ISFC)
  • Analytical and reliable team player with high degree of customer orientation
  • Excellent verbal and written communication skills for both technical and business topic, experience in working with global teams (onsite/offshore model)
  • Fluent in written and spoken English (C1)
Job Responsibility
Job Responsibility
  • create awareness, identification and addressing of cyber security requirements
  • cyber security engineering, vulnerability handling, and incident response
  • coordination and implementation of cyber security analyses, concepts and documents
  • validation and verification of cyber security measures and the correct handling of risks in accordance with defined technical and organizational measures
What we offer
What we offer
  • annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Complex environment of working, professional support and possibility to share knowledge and best practices
  • Ongoing development opportunities in a multinational environment
  • Broad access to professional trainings (incl. language courses), conferences and webinars
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Fulltime
Read More
Arrow Right

IT Security Consultant

IT Security Consultant role at Bosch focusing on cyber security requirements, en...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years experience within the area of security engineering
  • experience with threat modelling, risk analysis / management, IT software development, or IT infrastructure
  • experience in IT Project Management (agile project experience is a plus)
  • preferred years cloud development/configuration experience (eg. Azure, AWS, ...)
  • Preferred security architect / IT system architect working experience
  • familiar with international security compliance rules or laws (eg. NIST, HIPPA, GDPR,...)
  • certificates in industry standards (eg. CISSP, CISA, DPO, ISO, SAFe, ISFC)
  • Analytical and reliable team player with high degree of customer orientation
  • Excellent verbal and written communication skills for both technical and business topic, experience in working with global teams (onsite/offshore model)
  • Fluent in written and spoken English (C1)
Job Responsibility
Job Responsibility
  • create awareness, identification and addressing of cyber security requirements
  • cyber security engineering, vulnerability handling, and incident response
  • coordination and implementation of cyber security analyses, concepts and documents
  • validation and verification of cyber security measures and the correct handling of risks in accordance with defined technical and organizational measures
What we offer
What we offer
  • annual bonus
  • hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • professional support and possibility to share knowledge and best practices
  • ongoing development opportunities in a multinational environment
  • broad access to professional trainings (incl. language courses), conferences and webinars
  • private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Fulltime
Read More
Arrow Right

Principal Security Operations Engineer - Systems Architect

The Cloud & AI organization accelerates Microsoft’s mission and ambitions to ens...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Own the TCB security architecture: threat model key trust boundaries, define target states, and codify compensating controls
  • Lead risk identification & key results frameworks: quantify breach paths, set objective success criteria, and measure risk residuals
  • Architect isolation patterns (identities, secrets, network paths, compute/storage seams) and drive enforcement with engineering owners
  • Design telemetry baselines and validation loops (coverage, quality, retention) to support operations, and close gaps with productized pipelines
  • Run burndown campaigns: prioritize work, produce decision docs, sequence mitigations, and hold the line on SLAs
  • Fulltime
Read More
Arrow Right

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
  • State-of-the-art security engineering with Go, Python, JavaScript
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
  • Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
  • API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
  • AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
  • Security automation and tooling – automating manual security processes
  • Cloud-native security - securing containerized applications in Kubernetes, service mesh security
  • Incident response and forensics - experience investigating, analyzing, and responding to security incidents
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
  • Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • Fulltime
Read More
Arrow Right

Senior Product Security Low-Level Researcher

As a Product Security Low-Level Researcher at Island, you will focus on deep tec...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
island.io Logo
Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of operating system internals, kernel architectures, or driver development (Linux, Windows, macOS, or mobile OSes)
  • Hands-on experience with low-level programming in C/C++, Rust, or assembly
  • scripting experience (e.g., Python) for tooling and automation
  • Background in kernel vulnerability research, driver auditing, exploit development, or advanced reverse engineering
  • Deep familiarity with low-level vulnerability classes (e.g., UAF, race conditions, logic bugs, privilege escalation, sandbox and isolation bypasses)
  • Experience with kernel debuggers, fuzzers, emulation, or virtualization-based analysis frameworks
  • Strong curiosity and research mindset, with a passion for understanding systems at their lowest layers and breaking assumptions they rely on
Job Responsibility
Job Responsibility
  • Low-Level Vulnerability Research: Research and discover vulnerabilities in operating system kernels, drivers, system services, virtualization layers, and low-level system components relevant to Island’s execution and trust boundaries
  • Kernel & OS Internals Analysis: Analyze kernel subsystems (memory management, scheduling, IPC, filesystems, networking) and OS security primitives to identify design flaws, logic bugs, and exploitation opportunities
  • Exploit Development & Validation: Develop proof-of-concept exploits for kernel- and driver-level issues to validate impact, assess exploitability, and inform mitigation strategies
  • Security Testing & Tooling: Design and build custom tooling for kernel fuzzing, syscall/interface testing, driver analysis, and low-level instrumentation across supported platforms
  • Cryptography & Trust Mechanisms: Assess the implementation and usage of cryptographic primitives, key management, secure boot, attestation, and hardware-backed security features, identifying weaknesses or misuse patterns
  • Threat Modeling at the System Level: Collaborate with architects, platform engineers, and the Product Security Lead to model threats across privilege boundaries, boot chains, isolation mechanisms, and OS-level integrations
  • Research Enablement & Knowledge Sharing: Track emerging exploitation techniques, kernel research, and advanced persistent threat tradecraft
  • contribute findings to internal playbooks, design guidance, and long-term security strategy
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Network Security Architect

We are seeking an experienced Network Security Architect to strengthen the netwo...
Location
Location
United Kingdom
Salary
Salary:
Not provided
xcede.com Logo
Xcede
Expiration Date
March 14, 2026
Flip Icon
Requirements
Requirements
  • Proven background as a Security Architect in complex environments
  • Strong understanding of modern application, infrastructure and cloud architectures
  • Experience conducting design reviews, threat modelling and security assessments
  • Ability to engage constructively with architects, engineers and product teams
  • Comfortable working in evolving, imperfect environments
  • Pragmatic mindset
  • Strong communication skills - able to explain risk and trade-offs clearly
Job Responsibility
Job Responsibility
  • Act as a security advisor to engineering and architecture teams across live initiatives
  • Review solution designs and architectures from a security perspective
  • Perform threat modelling, risk assessments and security design reviews
  • Provide pragmatic guidance that balances security, delivery velocity and business outcomes
  • Identify and articulate security risks in a clear, proportionate way
  • Support teams in remediating security gaps and weaknesses
  • Contribute to the development of lightweight security patterns, standards and documentation
  • Operate as part of an assurance function rather than owning end-to-end solution design
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy