Security Lead (Threat Modeling)
ConfidentialBengaluru / Bangalore, Hyderabad / Secunderabad, Telangana, Chennai30+ days ago
Job descriptionDevelop and implement security frameworks and threat modeling methodologies (eg, STRIDE, PASTA) specific to cloud-based systems. Establish and promote best practices for applying threat modeling across all stages of the software development lifecycle (SDLC). Drive the adoption of threat modeling tools and automation, integrating them with existing CI / CD pipelines and security workflows. Work closely with the Cloud Security, DevOps, and Engineering teams to ensure that threat modeling is integrated into the architecture review and deployment processes. Support incident response and vulnerability management teams by conducting post-mortem threat assessments following security incidents and breaches. Identify potential attack vectors, misconfigurations, and design flaws in GCP resources and cloud-native architectures. Recommend actionable security improvements based on threat analysis and provide guidance on implementing mitigation strategies. Conduct risk assessments for third-party integrations, APIs, and other cloud service components that could expose security vulnerabilities. Lead training sessions to educate internal teams on threat modeling techniques, security design principles, and secure cloud development practices. Mentor junior security team members and foster a culture of security-first thinking across the organization. Stay current with emerging threats, vulnerabilities, and attack techniques targeting cloud environments, particularly on GCP. Continuously refine and improve threat modeling processes, tools, and methodologies to stay ahead of evolving security challenges. Extensive experience in threat modeling, risk assessment, and vulnerability analysis, with a deep understanding of common threat modeling methodologies (eg, STRIDE, PASTA, ATT&CK). Proven ability to conduct threat assessments on complex cloud architectures and applications, identifying threats and developing mitigation strategies. Strong experience with Google Cloud Platform (GCP) , including core GCP services such as Compute Engine, Kubernetes Engine (GKE), Cloud Storage, BigQuery, IAM, VPC, Cloud Functions, and others. Understanding of GCP-specific security risks, controls, and compliance frameworks (eg, CIS benchmarks, SOC 2, HIPAA, etc). In-depth knowledge of cloud-native security principles, including least privilege access, defense-in-depth, secure configurations, and infrastructure-as-code security. Familiarity with cloud security tools and frameworks for vulnerability management, identity and access management (IAM), and threat detection in GCP. Excellent communication skills with the ability to explain complex security concepts to both technical and non-technical stakeholders. Strong leadership and collaboration skills, with a track record of working across functional teams to influence and drive security initiatives. Relevant certifications such as Google Cloud Professional Cloud Security Engineer , CISSP , CCSP , or similar are strongly preferred. Experience with application security practices, such as static analysis (SAST), dynamic analysis (DAST), and secure code reviews. Familiarity with threat modeling tools (eg, Microsoft Threat Modeling Tool, Threat Dragon), security testing tools (eg, Burp Suite, Checkmarx), and cloud security posture management tools (eg, Prisma Cloud, Aqua Security). Experience in supporting security incident response and conducting forensic investigations in cloud environments. Proficiency in at least one programming or scripting language (eg, Python, Go, Shell) for security automation and tooling is a plus.
Job description
Lead Threat Modeling Efforts :
- Own and lead the threat modeling process, including identifying threats, vulnerabilities, and mitigations for cloud-based applications and systems hosted on GCP.
- Collaborate with architects, engineers, and product teams to design secure, resilient systems by incorporating threat modeling early in the design phase.
- Conduct threat assessments for new and existing GCP services and applications, identifying risk areas and recommending controls to mitigate identified threats.
Security Frameworks & Best Practices :
Cross-Functional Collaboration :
Security Risk Assessment & Mitigation :
Security Training & Awareness :
Continuous Improvement & Innovation :
Skills & Qualifications :
Required :
Threat Modeling Expertise :
In-Depth Knowledge of GCP :
Cloud Security Best Practices :
Collaboration & Communication Skills :
Security Certifications :
Preferred :
Application Security Experience :
Security Tools & Automation :
Incident Response & Forensics :
Programming / Scripting Skills :
Role : Security Architect / Consultant
Industry Type : IT Services & Consulting
Department : IT & Information Security
Employment Type : Full Time, Permanent
Role Category : IT Security
Skills Required
Risk Assessment, Testing Tools, Gcp, Cloud, Soc, Microsoft, Python, Continuous Improvement, Sdlc
Create a job alert for this search
Security Lead • Bengaluru / Bangalore, Hyderabad / Secunderabad, Telangana, Chennai
Related jobs
This role goes beyond traditional detection engineering : you’ll help improve and build our.AI feedback, and quantify detection efficacy at enterprise scale.
Design and maintain modular, high-fideli...Show moreLast updated: 11 days ago
- Promoted
Bridgesoft - SAP Security Lead
BridgesoftHyderabad Job Description : We are seeking a highly skilled and experienced SAP Security Lead to join our team.In this critical ro...Show moreLast updated: 30+ days ago
- Promoted
NetEnrich - Security Implementation Engineer - SIEM Solutions
NetEnrichHyderabad About company : Netenrich boosts the effectiveness of organizations security and digital operations so they can avoid disruption and manag...Show moreLast updated: 30+ days ago
- Promoted
Lead Security Architect (Cloud)
ConfidentialBengaluru / Bangalore, Hyderabad / Secunderabad, Telangana Develop and execute the global cloud security architecture roadmap using a hands-on approach.Formalize security principles and requirements through reference architectures, guardrails, and document...Show moreLast updated: 30+ days ago
- Promoted
Security Tooling IDAM-PAM / IGA
ConfidentialHyderabad / Secunderabad, Telangana Technology Architect / Principal Consultant.IDAM-PAM / IGA (Identity and Access Management - Privileged Access Management / Identity Governance and Administration).
In this role, you will interface wi...Show moreLast updated: 30+ days ago
- Promoted
Lead Security Engineer
ArcanaHyderabad, IN As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between.
You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
- Promoted
Architect - SAP Security
ConfidentialHyderabad / Secunderabad, Telangana Responsibilities : Deliver Growth.Implements SAP security strategic plan and engineers solutions in line with those priorities.
Collaborates with consulting teams on project execution Create Efficien...Show moreLast updated: 30+ days ago
- Promoted
Senior Detection Engineer - MITRE ATT&CK framework - XDR - EDR - AI - Cyber Security Startup - Remot
CareerXperts ConsultingHyderabad, Telangana, India We’re seeking a Senior Detection Engineer to lead the next evolution of AI-augmented threat detection.This role goes beyond traditional detection engineering : you’ll help improve and build our ...Show moreLast updated: 11 days ago
- Promoted
- New!
Apply in 3 Minutes : SAP Security - Mid Level
BridgesoftHyderabad, Telangana, India Job Description : We are seeking a highly skilled and experienced SAP Security Mid-Level to join our team.In this critical role, you will be responsible for designing, implementing, and maintaining...Show moreLast updated: less than 1 hour ago
- Promoted
DLP Security Engineer - Offshore
ConfidentialBengaluru / Bangalore, Hyderabad / Secunderabad, Telangana Work as Engineer / Consultant for Azure Information Protection [AIP] / Microsoft Information protection [MIP] solution.Design, configure and implementation of Data classification labels, policies a...Show moreLast updated: 30+ days ago
- Promoted
Vehicle Security Architect
ConfidentialHyderabad / Secunderabad, Telangana, Bengaluru / Bangalore The Technical 2nd LoD review shall focus on the Cyber Security aspects of the Onboard Elements in the Vehicle (ECUs / units in the Network Architecture) and the Offboard (Mobile Communications and Cl...Show moreLast updated: 30+ days ago
- Promoted
Zensar Technologies - Application Security Risk Architect - SAST / DAST
Zensar TechnologiesHyderabad Job Title : Application Security Risk Architect Experience : 7 - 9 Job Description <...Show moreLast updated: 30+ days ago
- Promoted
SAP Security - Mid Level
BridgesoftHyderabad, Telangana, India We are seeking a highly skilled and experienced SAP Security Mid-Level to join our team.In this critical role, you will be responsible for designing, implementing, and maintaining robust security s...Show moreLast updated: 2 days ago
- Promoted
DLP Security Analyst
ConfidentialBengaluru / Bangalore, Hyderabad / Secunderabad, Telangana Work as Engineer / Consultant for Azure Information Protection [AIP] / Microsoft Information protection [MIP] solution.Design, configure and implementation of Data classification labels, policies a...Show moreLast updated: 30+ days ago
- Promoted
Contractor Security Engineer Level 3 – GRC Tech Solutions
MindlanceHyderabad, IN Remote Role | Contractor Security Engineer Level 3 – GRC Tech Solutions.This position focuses on enabling process clarity, automation, and efficiency while creating insights that empower our busine...Show moreLast updated: 3 days ago
- Promoted
Cyber Security Trainer
Veherehyderabad, telangana, in Vehere is seeking a Cybersecurity Trainer to design, develop, and deliver world-class training for our customers, partners, and internal teams.
You will play a key role in enabling users to master V...Show moreLast updated: 2 days ago
- Promoted
Bridgesoft - SAP Lead - GRC / Security Modules
BridgesoftHyderabad Job Description : We are seeking a highly skilled and experienced SAP Security Lead to join our team.In this critical ro...Show moreLast updated: 30+ days ago
- Promoted
Lead Security Engineer
interface.aisecunderabad, telangana, in Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago
- Promoted
Senior Detection Engineer - MITRE ATT&CK framework - XDR - EDR - AI - Cyber Security Startup - Remote - CTC INR 50 L
CareerXperts Consultinghyderabad, telangana, inRemote