at Sapient Corporation in Chicago, Illinois, United States
Job Description
Job Description
As a senior Security Engineer- Threat Modeling (Senior associate/Manager/Senior Manager level), you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modeling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies.
Your Impact:
Conduct thorough threat modeling exercises utilizing established methodologies and frameworks.
Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls.
Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary.
Deliver comprehensive threat models and related tasks within specified timeframes.
Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process.
Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders.
Qualifications
Your Skills and Qualifications:
We are seeking an ideal candidate with 2-5 years of experience in a range of technologies and processes including:
Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.
Experience in Azure- 4+ years
Overall experience in Cybersecurity- 5+ years
Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation
Knowledge of cloud security frameworks
knowledge of Rest API
Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation)
Familiarity with Jira or other ticketing systems - essential
Technical architecture design and review skills - essential
Ability to identify vulnerabilities using CWE or OWASP
Knowledge of operating systems and their hardening techniques
Understanding of development concepts such as CICD, Pipelines, and SDLC
Penetration testing knowledge is also super useful
Familiarity with Cloud Development Kit (CDK) and GitOps
Experience operating in a DevOps/agile team environment
Understanding of docker, Kubernetes, serverless architecture, and Helm
Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks
Strong analytical skills, diligence, and attention to detail
Willingness to conduct research using vendor documentation
Capability to create and maintain high-quality documentation
Possession of an adversary mindset
Continuous learning attitude towards new technologies and methodologies
Strong problem-solving skills
Excellent communication and collaboration abilities
Ability to build and nurture relationships across cross-functional teams
Set Yourself Apart With:
Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
Cloud Computing certifications such as CCSK, Microsoft Certified: Security Operations Analyst Associate, AZ-500 is a plus
Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance... For full info follow application link.
Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity. As digital pioneers with 20,000 people and 53 offices around the globe, our experience spanning technology, data sciences, consulting and customer obsession – combined with our culture of curiosity and relentlessness – enables us to accelerate our clients’ businesses through designing the products and services their customers truly value. Publicis Sapient is the digital business transformation hub of Publicis Groupe. For more information, visit publicissapient.com. As part of our dedication to an inclusive and diverse workforce, Publicis Sapient is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at hiring@publicissapient.com or you may call us at +1-617-621-0200.
