Manager, Threat Modeling (GCP) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Synergy Interactive · 3 hours ago

Manager, Threat Modeling (GCP)

positionNew York, NY
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date8+ years exp

Synergy Interactive is seeking a Manager of Threat Modeling to lead the design and execution of the organization's threat modeling capabilities across cloud and application environments. This role involves hands-on security architecture expertise and team leadership to identify security risks and implement effective mitigation strategies.

ConsultingCreative AgencyEmploymentInformation TechnologyMarketingProfessional ServicesRecruitingStaffing Agency

Responsibilities

Lead and scale the threat modeling program across applications, platforms, and cloud services
Manage, mentor, and develop threat modeling engineers, providing technical guidance and career development support
Oversee and conduct threat modeling exercises using established frameworks and methodologies
Review system and application architectures to identify security gaps, exploitable threats, and design weaknesses
Define, track, and manage the lifecycle of identified threats and mitigation controls
Ensure timely delivery of threat models and associated remediation activities across multiple initiatives
Establish standards, processes, and best practices to continuously improve the threat modeling discipline
Partner with engineering and architecture teams to integrate threat modeling into Agile and DevOps workflows
Provide strategic recommendations to reduce risk and improve security posture across cloud and application environments
Present risk assessments, findings, and progress updates to senior leadership and technical stakeholders
Act as a trusted advisor to product, engineering, and platform teams on secure architecture and design decisions
Stay current on emerging threats, attack techniques, and industry trends, incorporating learnings into team practices

Qualification

Threat modeling frameworksGoogle Cloud Platform (GCP)Security architecture principlesCybersecurity experienceTechnical architecture design reviewsInfrastructure as CodeCI/CD pipelinesAnalytical skillsAgile methodologiesCommunication skillsLeadership skills

Required

8+ years of experience across security engineering, architecture, or cybersecurity disciplines
5+ years of hands-on cybersecurity experience with a focus on application and cloud security
Proven experience leading or mentoring security engineers or technical teams
Strong expertise in threat modeling frameworks and methodologies (e.g., STRIDE, PASTA, MITRE ATT&CK)
Deep knowledge of security architecture principles, patterns, and best practices
Strong experience with Google Cloud Platform (GCP) — required
Hands-on experience conducting technical architecture design reviews
Solid understanding of authentication, authorization, encryption, logging/monitoring, infrastructure security, and network segmentation
Experience identifying vulnerabilities using OWASP Top 10 and CWE
Familiarity with REST APIs and modern application architectures
Experience with Infrastructure as Code and scripting (Terraform, CloudFormation, or similar)
Working knowledge of CI/CD pipelines, SDLC, and secure DevOps practices
Familiarity with Jira or similar work management and ticketing tools
Knowledge of containerized and cloud-native architectures (Docker, Kubernetes, serverless, Helm)
Strong analytical skills with a demonstrated adversarial mindset
Excellent written and verbal communication skills with the ability to influence technical and non-technical stakeholders

Preferred

Professional security certifications such as CISSP, CCSP, CISM, CISA, or ITIL
GCP certifications (Professional Cloud Architect, Professional Cloud Security Engineer)
Experience designing and securing solutions in regulated or highly governed environments
Familiarity with industry standards and frameworks (NIST, ISO, CSA)
Exposure to additional cloud platforms (AWS, Azure)
Penetration testing knowledge or experience
Development experience (Python, Node.js)
Experience with GitOps, CDK, and modern cloud security tooling
Exposure to data platforms and developer ecosystems (Snowflake, MongoDB, Databricks, GitHub, Terraform Cloud)
Experience working within Agile, DevOps, SecOps, or Scrum-based teams

Company

Synergy Interactive

twittertwittertwitter
company-logo
Synergy Interactive is a forward-thinking staffing firm that ignites innovation by connecting visionary companies with elite AI and digital talent.
dateFounded in 2008
location
New York, New York, USA
people-size51-200 employees
web-link
https://www.sinyc.com

Funding

Current Stage
Growth Stage

Leadership Team

B
Blake Bhatia
CEO, Founder
linkedin
Company data provided by crunchbase