Manager, Cyber Threat Management

About The Position

Requirements

• Minimum five years related work experience with three years experience in IT security or application development. Supervisory experience preferred.
• Undergraduate degree in related field or equivalent combination of training and experience.
• Proven experience of threat modeling, security, or application security
• Strong understanding of threat modeling frameworks (e.g., STRIDE, PASTA)
• Excellent leadership and communication skills

Nice To Haves

• Preferred security certification such as ISC2 CISSP, GIAC Security, Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)

Responsibilities

• Lead Threat Modeling Initiatives: Oversee the development and execution of threat modeling activities across applications, platforms, and infrastructure to identify potential vulnerabilities and recommend mitigations early in the design phase.
• Security Architecture Review: Guide the team in conducting comprehensive security assessments of new and existing assets, ensuring alignment with organizational security standards and industry best practices.
• Tooling and Process Development: Provide senior technical expertise in the selection, implementation, and continuous improvement of threat modeling tools, frameworks, and methodologies.
• Cross-Functional Collaboration: Partner with engineering, architecture, and product teams to integrate threat modeling into agile and DevSecOps workflows, promoting a culture of secure design.
• Risk Analysis and Reporting: Translate technical findings into actionable insights for stakeholders, and contribute to risk management strategies by prioritizing threats based on impact and likelihood.
• Contingency Planning Support: Collaborate with business continuity and incident response teams to ensure threat modeling informs contingency plans for critical systems and services.