GCP Threat Modeling Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Publicis Sapient · 1 day ago

GCP Threat Modeling Engineer

positionNew York, United States
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$140K/yr - $185K/yr
date8+ years exp

Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state. The Senior Engineer - Threat Modeling will focus on Security Architecture and Threat Modeling, conducting security reviews for Public Cloud Providers and collaborating with cross-functional teams to identify and mitigate security threats.

Artificial Intelligence (AI)ConsultingDatabaseEnterprise
check
H1B Sponsor Likelynote

Responsibilities

Conduct thorough threat modeling exercises utilizing established methodologies and frameworks
Maintain a rigorous standard of excellence in identifying potential threats and specifying effective mitigation controls
Manage the lifecycle of identified threats and associated controls, ensuring timely updates and adjustments as necessary
Deliver comprehensive threat models and related tasks within specified timeframes
Offer constructive feedback, support, and suggestions for enhancing the existing threat modeling process
Present findings and progress updates to senior leadership, team members, and relevant technical stakeholders

Qualification

GCPSecurity architecture principlesThreat modeling methodologiesCybersecurity experienceInfrastructure as CodeTechnical architecture designVulnerability identificationCloud security frameworksDevOps/agile environmentAnalytical skillsAdversary mindsetResearch skillsExposure to agile developmentExposure to SecOpsCommunication skillsProblem-solving skillsCollaboration abilitiesContinuous learning attitudeRelationship buildingAttention to detailDocumentation skillsHands-on experience

Required

8+ years of experience in a range of technologies and processes
Proficiency in GCP - essential
Strong knowledge of security architecture principles, frameworks, and best practices
Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc
5+ years Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation
Knowledge of cloud security frameworks
Knowledge of Rest API
Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation)
Familiarity With Jira Or Other Ticketing Systems – Essential
Technical architecture design and review skills – essential
Ability to identify vulnerabilities using CWE or OWASP
Knowledge of operating systems and their hardening techniques
Understanding of development concepts such as CICD, Pipelines, and SDLC
Penetration testing knowledge is also super useful
Familiarity with Cloud Development Kit (CDK) and GitOps
Experience operating in a DevOps/agile team environment
Understanding of docker, Kubernetes, serverless architecture, and Helm
Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks
Strong analytical skills, diligence, and attention to detail
Willingness to conduct research using vendor documentation
Capability to create and maintain high-quality documentation
Possession of an adversary mindset
Continuous learning attitude towards new technologies and methodologies
Strong problem-solving skills
Excellent communication and collaboration abilities
Ability to build and nurture relationships across cross-functional teams

Preferred

Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
Relevant GCP certifications are highly desirable: GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer
Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
Experience working in regulated environments
Exposure to agile development, DevOps, SecOps and scrum teams
Hands-on-experience with cloud security designs on Azure
Development experience (python, Node)
Strong desire to learn and contribute solutions and ideas to broader team

Benefits

Flexible vacation policy; time is not limited, allocated, or accrued
16 paid holidays throughout the year
Generous parental leave and new parent transition program
Tuition reimbursement
Corporate gift matching program

Company

Publicis Sapient

twittertwittertwitter
Glassdoor3.7
company-logo
Publicis sapient is a digital consulting firm that offers consulting, technology, and product management services. It is a sub-organization of Publicis Sapient.
dateFounded in 1990
location
Boston, Massachusetts, USA
people-size10001+ employees
web-link
https://www.publicissapient.com

H1B Sponsorship

Publicis Sapient has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (90)
2024 (90)
2023 (85)
2022 (153)
2021 (235)
2020 (231)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Nigel Vaz
CEO
linkedin
leader-logo
Nathalie Le Bos
Chief Financial Officer
linkedin

Recent News

Financial Sector Technology
Aldermore Bank launches cloud-based treasury platform
2025-12-09
Latest News
Publicis Sapient Achieves the AWS Agentic AI Specialisation
2025-12-03
Financial Sector Technology
FStech and Retail Systems celebrate payments excellence at Payments Awards 2025
2025-11-15
Company data provided by crunchbase