Threat Modeling Associate
3 weeks ago
Sumitomo Mitsui Financial Group, Inc. is seeking a highly skilled Threat Modeling Associate to join our Cyber Resilience team. As a Threat Modeling Associate, you will play a critical role in identifying and mitigating potential threats to our organization's assets and systems.
The ideal candidate will have a deep understanding of enterprise architecture and security architectural elements as they relate to risks and controls. You will be responsible for executing day-to-day activities core to the Threat Modeling program, creating visual representations of assets, controls, threat agents, trust zones, attack paths, and potential attacks. Additionally, you will support other information technology, data management, cybersecurity, and operational resilience activities across businesses.
Key Responsibilities:
- Execute on enterprise Threat Modeling Assessment program
- Perform threat modeling to identify use cases, threat agents, attack vectors, and patterns, design patterns, and compensating controls needed to mitigate risk
- Build Threat Models of enterprise services to identify and refine the attack surface
- Implement, use, and maintain threat modeling technology applications and evidence created in the threat modeling process
- Act as a Cyber Resilience champion of the Threat Modeling Assessment program
- Participate in SDLC process and architecture approval routines related to cyber threat modeling
- Create and deliver reports that capture identified risks, controls, assets, trust zones, and enhancement requirements
- Partner with stakeholders on Threat Modeling Assessment Issues to create action plans identified during fieldwork
- Determine alignment of Cyber Resilience controls in practice with those from authoritative sources such as NIST SP and ISO 27002 to provide holistic insight into current capabilities and risk themes as well as best practices
Requirements:
- Deep understanding of enterprise architecture and security architectural elements as they relate to risks and controls
- Well-versed in Cyber Resilience to include technology, incident response, and cyber risk practices with the ability to connect and align with the firm's processes and frameworks
- 5+ years of direct work experience within the financial services industry with elements of security architecture and cyber threats
- Working knowledge of business and cyber risk management process and controls, industry practices, and frameworks (e.g., NIST 800-53, ISO 27000 family)
- Broad knowledge of cloud technologies (Related certifications a plus)
- Detail-oriented, with proven ability to question the status quo and apply resilience activities to enhance capabilities, as appropriate
- Strong organizational skills, with proven ability to successfully manage multiple, concurrent priorities and team members as the program is built out
- Ability to communicate and work effectively in a matrixed environment and across various organizational levels, where flexibility, collaboration, and adaptability are important at all levels
- Strong analytical skills and attention to detail
- Able to communicate technical issues to a non-technical executive audience
- Foundational knowledge of banking laws and regulations (FFIEC, BCBS, FCA, PRA, BoE, etc.)
- Maintain a business cyber threat mindset to understand underlying risks and weaknesses to properly assist in mitigation and enhancement activities
- Strong desire to continually deliver a quality and meaningful work product in a timely and efficient manner
- BA/BS in Computer Engineering, Computer Science, Information Systems, Cyber Security, Business Administration, or demonstrated relevant industry background and/or military experience
- CCSP Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Microsoft Certified: Cybersecurity Architect Expert (MS SC-100 Exam), Certified Network Defense Architect (CNDA), CREST Registered Technical Security Architect (CRTSA), Global Information Assurance Certifications Defensible Security Architect (GDSA from GIAC) certifications preferred
-
Threat Modeling Associate
4 weeks ago
New York, New York, United States Sumitomo Mitsui Financial Group, Inc. Full timeJob SummarySumitomo Mitsui Financial Group, Inc. is seeking a highly skilled Threat Modeling Associate to join our Cyber Resilience team. As a Threat Modeling Associate, you will play a critical role in identifying and mitigating cyber threats to our enterprise services.Key ResponsibilitiesExecute threat modeling assessments to identify use cases, threat...
-
New York, New York, United States Crescens Full timeJob SummaryCrescens is seeking a highly skilled Cyber Security Threat Modeling Integration Engineer to join our team. The ideal candidate will have a strong background in cyber threat intelligence and experience with threat modeling and integration.Key Responsibilities Enhance prevention, detection, response, and recovery efforts through various technical...
-
New York, New York, United States Crescens Full timeCyber Security Threat Modeling Integration SpecialistThe Cyber Security Threat Modeling Integration Specialist will play a critical role in enhancing the security posture of tools across multiple platforms. This involves designing and implementing solutions that improve the security of these tools, as well as developing security content for tools and...
-
Cyber Security Threat Intelligence Specialist
4 weeks ago
New York, New York, United States RightTalents LLC Full timeCyber Security Threat Intelligence SpecialistAt RightTalents LLC, we are seeking a highly skilled Cyber Security Threat Intelligence Specialist to join our team. The ideal candidate will have at least 8 years of experience in Cyber Threat Intelligence initiatives, including enhancing prevention, detection, response and recovery efforts through various...
-
Cyber Security Threat Intelligence Engineer
4 weeks ago
New York, New York, United States RightTalents LLC Full timeCyber Security Threat Intelligence EngineerRightTalents LLC is seeking a highly skilled Cyber Security Threat Intelligence Engineer to join our team. As a key member of our Cyber Threat Intelligence team, you will play a critical role in enhancing our prevention, detection, response, and recovery efforts through various technical and operational methods.Key...
-
Cyber Security Analyst
4 weeks ago
New York, New York, United States Warner Music Full timeJob Title: Cyber Security AnalystAbout the Role:We are seeking a highly skilled Cyber Security Analyst to join our team at Warner Music Group. As a Cyber Security Analyst, you will be responsible for designing and implementing security solutions to protect our enterprise from cyber threats.Key Responsibilities:Develop and maintain a security architecture...
-
FP&A Associate
4 weeks ago
New York, New York, United States Bowery Farming Full timeAbout the RoleBowery Farming is seeking an FP&A Associate to join our finance team. As a key member of our team, you will provide financial modeling and analysis to support long-range growth and financial planning. You will also analyze key performance indicators and support strategic decisions.We are looking for an experienced FP&A Associate with a...
-
New York, New York, United States BNY Mellon Full timeAbout the RoleWe are seeking a highly skilled Senior Associate to join our Pricing and Data Modelling team at BNY Mellon. As a key member of our team, you will be responsible for implementing and building product and services pricing models, providing costs and revenue control analysis, and developing pricing matrices and rate cards.Key...
-
New York, New York, United States BNY Mellon Full timeWork with UsBny Mellon is a global financial services company that empowers employees to grow and succeed. Our culture is built on innovation, excellence, and inclusivity.As a Senior Associate, Pricing/Data/Deal Modelling, you will be part of our team that touches nearly 20% of the world's investible assets. You will work with our 50,000+ employees to create...
-
Quantitative Risk Modeling Specialist
4 weeks ago
New York, New York, United States Sumitomo Mitsui Banking Corporation Full timeJob SummarySumitomo Mitsui Banking Corporation is seeking a highly skilled Quantitative Risk Specialist to join our team. As a key member of our risk management department, you will be responsible for creating and implementing risk models to help us navigate the complexities of the financial markets.In this role, you will work closely with our treasury,...
-
Quantitative Risk Modeling Specialist
4 weeks ago
New York, New York, United States Sumitomo Mitsui Financial Group, Inc. Full timeJob Title: Quantitative Risk SpecialistSMBC Group is a leading global financial institution with a rich history and diverse range of financial services. As a Quantitative Risk Specialist, you will play a critical role in developing and implementing risk management strategies to ensure the stability and growth of the organization.Key Responsibilities:Create...
-
Senior Model Risk Specialist
3 weeks ago
New York, New York, United States Wells Fargo Full timeAbout the Role:We are seeking a highly skilled Senior Model Risk Specialist to join our Corporate Banking Control team. As a key member of our team, you will be responsible for designing and implementing first-line controls to mitigate risks associated with model development and counterparty credit.Key Responsibilities:Collaborate with leadership to...
-
Senior Structured Products Cashflow Modeler
4 weeks ago
New York, New York, United States Bloomberg Full timeKey Responsibilities: As a Senior Structured Products Cashflow Modeler at Bloomberg, you will be responsible for managing our library of cashflow models to ensure we deliver best-in-class data and analytics across various asset sectors of the structured finance market. You will diagnose complex user-reported issues with our products, working autonomously and...
-
Senior Cybersecurity Specialist
4 weeks ago
New York, New York, United States Certified Kernel Tech LLC (CertiK) Full timeCybersecurity ExpertiseAs a Senior Cybersecurity Specialist at Certified Kernel Tech LLC (CertiK), you will be responsible for designing and implementing robust security solutions to safeguard our networks and systems. Your expertise in threat modeling, security review, and binary analysis will be crucial in detecting and mitigating security threats. You...
-
Coastal Engineer/Coastal Modeler Position
4 weeks ago
New York, New York, United States Stantec Full timeJob Title: Coastal Engineer/Coastal ModelerWe are seeking a highly skilled Coastal Engineer/Coastal Modeler to join our team at Stantec. As a key member of our Coastal Engineering practice, you will be responsible for leading and supporting a wide range of coastal projects across the globe.Key Responsibilities:Complete complex engineering calculations and...
-
Staff Security Architect
3 weeks ago
New York, New York, United States Intuit Inc Full timeJob DescriptionWe are seeking a highly skilled Staff Security Engineer to join our team at Intuit Inc. The ideal candidate will have over 10 years of overall experience, including 5+ years of coding experience, and a robust background in security reviews, threat modeling, and incident response.This role requires a unique combination of advanced software...
-
Cloud Security Architect Leader
3 weeks ago
New York, New York, United States KPMG Full timeJob Summary:KPMG is seeking a highly skilled Cloud Security Architect to join our Global Information Solution Group organization. The ideal candidate will have a strong background in cloud security, with a minimum of ten years of experience in security architecture, threat modeling, identity management, and authentication.Key Responsibilities: Engage with...
-
Cyber Security Specialist
3 weeks ago
New York, New York, United States Tekfortune Inc Full timeTekfortune Inc is a leading consulting firm that specializes in permanent, contract & project-based staffing services for top organizations in various industries.In today's rapidly changing economic landscape, virtual recruiting and remote work are crucial for the future of work.To address the active project demands and skills gaps, our staffing experts can...
-
New York, New York, United States Amazon Full timeAbout the RoleAs a Security Engineer II, you will play a critical role in ensuring the security of Amazon's Stores applications. You will collaborate with software development teams to identify and mitigate security risks, and develop secure coding practices to prevent vulnerabilities.Key Responsibilities Conduct threat modeling and risk assessments for...
-
Cybersecurity Consultant
3 weeks ago
New York, New York, United States Tekfortune Inc Full timeTekfortune Inc is a leading consulting firm that specializes in permanent, contract & project-based staffing services for world's leading organizations in a broad range of industries.In today's rapidly changing economic landscape, virtual recruiting and remote work are critical for the future of work.To support the active project demands and skills gaps, our...