Security Consultant

This is a remote position.

• Indepth knowledge of secure software development practices and SDLC
  
• Experience with threat modeling techniques and tools
  
• Strong understanding of common security frameworks (e.g. OWASP NIST)
  
• Proficiency in identifying and mitigating security vulnerabilities in application designs
  
• Familiarity with regulatory compliance standards (e.g. GDPR HIPAA PCIDSS)
  
• Ability to analyze complex data flows and identify sensitive data protection needs
  
• Experience with security architecture and design patterns
  
• Strong communication skills to effectively convey security concepts to technical and nontechnical stakeholders
  
• Handson experience with security tools (e.g. static analysis DAST SAST)
  
• Proven ability to collaborate with crossfunctional teams including developers and DevOps
  
• Experience with integrating security into CI/CD pipelines
  
• Knowledge of encryption authentication and access control mechanisms
  
• Experience in conducting risk assessments and developing mitigation strategies
  
• Familiarity with automated security testing and continuous monitoring practices
  
• Ability to document and report security findings clearly and effectively
  
• Experience with incident response planning and forensic readiness in application design
  
• Strong problemsolving skills and attention to detail
  

• Deep understanding of threat modeling methodologies particularly STRIDE
  
• Proficiency in identifying and categorizing threats vulnerabilities and risks
  
• Experience with threat modeling tools (e.g. Microsoft Threat Modeling Tool OWASP Threat Dragon)
  
• Strong knowledge of security frameworks and standards (e.g. OWASP NIST)
  
• Ability to map threat models to security requirements and controls
  
• Experience in applying STRIDE to various architectural patterns and data flows
  
• Familiarity with risk assessment and management practices
  
• Ability to work with crossfunctional teams to integrate threat modeling into the SDLC
  
• Strong analytical skills for identifying potential attack vectors and weaknesses
  
• Experience with security architecture and defensive design techniques
  
• Effective communication skills to explain threat modeling findings to stakeholders
  
• Knowledge of common security vulnerabilities and their mitigations (e.g. SQL injection XSS)
  
• Ability to create and maintain comprehensive threat models for complex systems
  
• Experience in developing mitigation strategies based on threat model findings
  
• Familiarity with regulatory compliance requirements and their impact on threat modeling
  
• Strong documentation skills to create detailed threat model reports
  
• Continuous learning mindset to stay updated on emerging threats and modeling techniques