Security Consultant Job at The Juno Group, Inc., New York State

TEtIZWk3OU5HbnpIS0IwL0tjcW8vSWJRSGc9PQ==
  • The Juno Group, Inc.
  • New York State

Job Description

We are looking for a highly-skilled Security professional with a good aptitude for Threat Modeling, ability to read through (software) architectural documents and requirements from the different business groups and give accurate and actionable recommendations for the engineers to implement.

The Consultant must have a good understanding of software architecture and development for threat modeling purposes—i dentify designs and implementations which go against best practices and security vulnerabilities, analyze the system and break it down into key components based off logic, and speak to security risks, which may be found in each of those components, and apply sound logic and risk determination in relation to risk acceptance and business operation impact.

Job Title: Security Consultant

Location: Hybrid | San Francisco or Sunnyvale, CA; Seattle, WA; New York, NY; Toronto, Canada

Contract: Long-Term

***Independent/Direct Contractors only. NO THIRD-PARTIES, please.

Requirements:

Security Design Review

  • In-depth knowledge of secure software development practices and SDLC
  • Experience with threat modeling techniques and tools
  • Strong understanding of common security frameworks (e.g., OWASP, NIST)
  • Proficiency in identifying and mitigating security vulnerabilities in application designs
  • Familiarity with regulatory compliance standards (e.g., GDPR, HIPAA, PCI-DSS)
  • Ability to analyze complex data flows and identify sensitive data protection needs
  • Experience with security architecture and design patterns
  • Strong communication skills to effectively convey security concepts to technical and non-technical stakeholders
  • Hands-on experience with security tools (e.g. static analysis, DAST, SAST)
  • Proven ability to collaborate with cross-functional teams, including developers and DevOps
  • Experience with integrating security into CI/CD pipelines
  • Knowledge of encryption, authentication, and access control mechanisms
  • Experience in conducting risk assessments and developing mitigation strategies
  • Familiarity with automated security testing and continuous monitoring practices
  • Ability to document and report security findings clearly and effectively
  • Experience with incident response planning and forensic readiness in application design
  • Strong problem-solving skills and attention to detail

Threat Modeling

  • Deep understanding of threat modeling methodologies, particularly STRIDE
  • Proficiency in identifying and categorizing threats, vulnerabilities, and risks
  • Experience with threat modeling tools (e.g., Microsoft Threat Modeling Tool, OWASP Threat Dragon)
  • Strong knowledge of security frameworks and standards (e.g., OWASP, NIST)
  • Ability to map threat models to security requirements and controls
  • Experience in applying STRIDE to various architectural patterns and data flows
  • Familiarity with risk assessment and management practices
  • Ability to work with cross-functional teams to integrate threat modeling into the SDLC
  • Strong analytical skills for identifying potential attack vectors and weaknesses
  • Experience with security architecture and defensive design techniques
  • Effective communication skills to explain threat modeling findings to stakeholders
  • Knowledge of common security vulnerabilities and their mitigations (e.g., SQL injection, XSS)
  • Ability to create and maintain comprehensive threat models for complex systems
  • Experience in developing mitigation strategies based on threat model findings
  • Familiarity with regulatory compliance requirements and their impact on threat modeling
  • Strong documentation skills to create detailed threat model reports
  • Continuous learning mindset to stay updated on emerging threats and modeling techniques

Job Tags

Contract work, For contractors,

Similar Jobs

Georgia Gwinnett College

Political Science (Legal Studies): Assistant Professor - Fall 2025 Job at Georgia Gwinnett College

 ...Political Science (Legal Studies): Assistant Professor - Fall 2025 About Us Since our founding in 2005, Georgia Gwinnett College (GGC) has been dedicated to providing an exceptional educational experience to our students. At GGC, we believe that our students'... 

Lycoming College

Communication Officer (Part-time) Job at Lycoming College

Lycoming College is hiring a part-time Communications Officer to join the Public Safety team. Lycoming College, one of the nations oldest residential liberal arts and sciences colleges, invites candidates for two full-time openings with the Public Safety team as a ...

Workforce

Part Time Stock Cherry Picker Job at Workforce

 ...Mondays and potentially Wednesdays 5:00 pm to 5:00 am Starting rate: $18-20/hour Candidate must safely and efficiently operate cherry picker forklift in order to responsibly move/ relocate materials within the warehouse. The employee is responsible for loading/... 

BUILDING ENCLOSURE SCIENCE

Building Enclosure Consultant Job at BUILDING ENCLOSURE SCIENCE

 ...us, you ask great questions to get to the root of the problem and don't stop asking those questions until you figure it out. As a Consultant with BES, you can build on your strengths and grow a flourishing career for years to come. Benefits: ~ Competitive... 

Netrix Global

Lead Security Consultant- vCISO Job at Netrix Global

 ...About The Opportunity Netrix Global is looking for a Lead Security Consultant - vCISO and leader for our clients, offering strategic direction, risk management, and compliance oversight. This role requires a deep understanding of cybersecurity frameworks, regulatory...