State Street

Senior Threat Modeler

State Street  •  $120k - $203k/yr  •  Quincy, MA (Hybrid)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Who We Are Looking For

We are looking for a Senior Threat Modeler You will be responsible for performing threat modeling activities across enterprise applications, cloud platforms, APIs, and emerging technologies to identify security risks early in the development lifecycle and drive secure-by-design outcomes. You will partner with architects, engineers, developers, and cybersecurity teams to strengthen the security posture of critical business systems and technology platforms.

Why This Role Is Important To Us

The team you will be joining is part of the Security Architecture organization, a function that is critical to protecting the firm's applications, data, cloud environments, and technology services. Threat modeling enables the organization to proactively identify security weaknesses, reduce cyber risk, improve architectural resiliency, and ensure security requirements are incorporated into technology solutions from inception through deployment.

What You Will Be Responsible For

As a Senior Threat Modeler, you will:

  • Conduct threat modeling activities for business applications, cloud-native platforms, APIs, and strategic technology initiatives.
  • Analyze application architectures, data flows, trust boundaries, and cloud deployments to identify security threats and design weaknesses.
  • Partner with application development, cloud engineering, and security teams to recommend practical risk mitigation strategies and secure design improvements.
  • Perform security assessments using established methodologies such as STRIDE, MITRE ATT&CK, attack trees, and risk-based analysis techniques.
  • Contribute to the development of threat modeling standards, reusable patterns, training materials, and secure-by-design practices across the enterprise.
  • Strong knowledge of cloud-native architectures and security controls across AWS, Azure, and Google Cloud, with the ability to identify and mitigate risks in distributed, containerized, and platform-based environments.

What We Value

These skills will help you succeed in this role:

  • Strong analytical, problem-solving, and risk assessment skills with the ability to identify complex security threats and vulnerabilities.
  • Deep understanding of application security, cloud security, secure software development, and modern technology architectures.
  • Strong communication and stakeholder management skills, with the ability to influence engineering and architecture teams.
  • Experience working in large-scale, complex environments with diverse technology stacks and distributed teams.
  • Ability to translate technical security findings into actionable recommendations that reduce business risk.

Education & Preferred Qualifications

  • Degree in Computer Science, Cybersecurity, Information Technology, Engineering, or a related discipline.
  • 12 years or more of experience in application security, cloud security, cybersecurity architecture, threat modeling, or related technology disciplines, with at least 7 years of hands-on cybersecurity experience preferred.
  • Demonstrated experience conducting threat modeling exercises for enterprise applications, APIs, cloud platforms, and distributed systems.
  • Strong expertise in application security principles, secure software development lifecycles, OWASP Top 10, API security, and secure coding practices.
  • Experience assessing and securing cloud environments across AWS, Azure, and/or Google Cloud Platform.
  • Knowledge of microservices, containers, Kubernetes, CI/CD pipelines, DevSecOps practices, and modern software architectures.
  • Experience with threat modeling methodologies such as STRIDE, MITRE ATT&CK, attack trees, and adversary-based risk analysis.
  • Professional certifications such as CISSP, CCSP, CSSLP, GWAPT, GWEB, AWS Security Specialty, Azure Security Engineer, or equivalent security certifications are highly desirable.
  • Experience within financial services or other highly regulated industries is preferred.

Additional Requirements

  • Ability to effectively collaborate with development, engineering, architecture, and cybersecurity teams.
  • Strong written and verbal communication skills with the ability to present technical findings to both technical and non-technical audiences.
  • Limited travel may be required based on business needs.

Work Requirement

Hybrid: Expected to work in accordance with State Street's hybrid work model.

Shift: Standard business hours with flexibility to support global stakeholders across multiple time zones.

Salary Range:

$120,000 - $202,500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at StateStreet.com/careers

Read our CEO Statement

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

State Street

About State Street

At State Street, we deliver leading investment platforms, data, expertise, and solutions that accelerate performance and better decision making.

With over 200 years of global financial leadership, we equip institutional investors through a comprehensive suite of capabilities:

Investment Services: Integrated front-to-back solutions across custody, accounting, and operations.

Investment Management: Index and active strategies from one of the world’s largest asset managers.

Markets: Multi-asset trading, FX solutions, and data-driven research to enhance portfolio value.

Who We Are

• 50,000+ employees worldwide

• Active in 100+ markets

• #1 in ETF servicing

What You’ll Find Here

• Executive perspectives and thought leadership

• Timely market commentary and macro insights

• Our views on investment operations, ETFs, private markets, and digital finance

• Stories reflecting our culture, values and commitment to diversity and inclusion

Industry
Finance & Insurance
Company Size
10,000+ employees
Headquarters
Boston, Massachusetts
Year Founded
1792
Social Media