Cyber Subject Matter Expert (SME, Threat Modeling)

Description:

Spatial Front, Inc. (SFI), a two-time USAToday Top Workplaces awardee and Washington Top Workplaces honoree, is seeking a Cyber SME (Threat Modeling) to support our growing team. The ideal candidate will be a Cyber SME (Threat Modeling) to lead threat modeling activities and provide expert guidance on identifying and mitigating security risks in Federal Government IT systems and applications. The best candidate will have deep expertise in threat modeling methodologies and security architecture. As a valued member of the SFI team, you will play a critical role in delivering mission-critical capabilities to our Federal Government customers.

Key Responsibilities:

• Lead and facilitate threat modeling sessions for new and existing systems, applications, and architectures.
• Serve as the Cyber Lead for the App Security Team as needed
• Apply threat modeling methodologies (e.g., STRIDE, PASTA, LINDDUN) to identify and prioritize security threats.
• Develop threat models, data flow diagrams, and attack trees for complex federal IT systems.
• Collaborate with architects, developers, and security engineers to integrate threat modeling into the SDLC.
• Produce threat model reports with identified threats, risk ratings, and recommended mitigations.
• Develop and deliver threat modeling training and workshops for technical teams.
• Maintain a threat intelligence library and incorporate emerging threats into threat modeling activities.
• Other duties as assigned.

Requirements:

• Bachelor's in Computer Science, Cybersecurity, or related field.
• 7 years cybersecurity, 5 years threat modeling.
• Experience with tools such as Splunk and New Relic.
• Demonstrated expertise in: Threat modeling, risk assessment, security architecture, attack vectors, mitigation strategies.
• Must be a U.S. Citizen.
• Must possess an active Secret security clearance or be able to obtain one.

Desired Skills:

• CISSP, CSSLP, or equivalent security architecture certification.
• Experience with threat modeling tools (e.g., Microsoft Threat Modeling Tool, IriusRisk, ThreatModeler).
• Experience with Oracle tech stack including PeopleSoft is a plus
• Familiarity with MITRE ATT&CK framework and its application to threat modeling.
• Experience conducting threat modeling within DoD or federal agency programs.

Additional Information:

• Clearance: Must be a U.S. Citizen with an active Secret security clearance or the ability to obtain one.
• Work Environment: Onsite/Hybrid/Remote as required by the contract.
• This is a full-time, W2 position.
• No agencies, third parties, or Corp-to-Corp submissions.
• Spatial Front Inc. is an Equal Opportunity Employer — all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status.
• SFI participates in E-Verify.