Upload Button Icon Add office photos

5 M2P Solutions Jobs

Threat Modelling Security Engineer

2-8 years

Chennai

1 vacancy

Threat Modelling Security Engineer

M2P Solutions

posted 1mon ago

Job Role Insights

5 Days Working·Flexible timing·Day Shift

Job Description

  • As a Threat Modelling Security Engineer, you will be responsible for identifying potential security threats and vulnerabilities in software applications and systems
  • Your primary focus will be on analyzing these threats, assessing their potential impact, and devising strategies to mitigate or eliminate them
  • You will collaborate closely with cross-functional teams including developers, architects, and system administrators to ensure that security measures are integrated throughout the development lifecycle
  • Conduct comprehensive analysis to identify potential security threats and vulnerabilities in software applications, networks, and systems.
  • Evaluate the potential impact of identified threats and vulnerabilities on the confidentiality, integrity, and availability of systems and data.
  • Develop threat models that outline potential attack vectors and scenarios, considering both internal and external threats.
  • Collaborate with development teams to devise effective strategies for mitigating identified threats and vulnerabilities, including the implementation of security controls and best practices.
  • Conduct security reviews of software designs, architectures, and implementations to ensure compliance with security requirements and industry standards.
  • Document threat models, risk assessments, and mitigation strategies to facilitate communication and knowledge sharing across teams.
  • Provide guidance and training to development teams on security best practices, secure coding techniques, and threat mitigation strategies.
  • Assist in incident response activities, including analyzing security incidents, identifying root causes, and recommending remediation measures.
  • Stay updated on emerging security threats, vulnerabilities, and technologies, and proactively research and recommend innovative solutions to enhance security posture.
What you need to have?
  • Good Experience in Security of Threat Modelling Framework like STRIDE, PASTA,TRIKE
  • Good Experience in Privacy of Threat Modelling Framework like LINDDUN
  • A strong understanding of threat modelling, threat monitoring, threat remediation, threat mitigation:
    • Known threats
    • Emergent threats (0-Days)
    • Threats against development processes / lifecycles / people / infrastructure
    • Threats against supply chains
    • Threats targeting technology stacks
  • Proactively report on progress, risks, and issues
  • A strong understanding of existing and emerging Security, Compliance and Threat information and automation standards, and how they are related/ may work together.
    • MITRE ATT and CK, ATLAS, System of Trust, RiskMap.
    • NIST Security Content Automation Protocol (SCAP), InSpec.
    • CISA Guidance (Kubernetes Hardening).
    • CIS Benchmarks.
    • UCF Compliance Mappings.
  • In-depth knowledge of security architecture design and best practices, including secure design patterns, access control, and data protection
  • Knowledge of cloud security frameworks (e.g., AWS Well-Architected Framework, Azure Security Benchmark) to assess and improve security measures.
  • Ability to conduct risk assessments to evaluate the potential impact and likelihood of security risks and provide risk mitigation strategies.
  • Familiarity with security testing tools like vulnerability scanners, penetration testing tools, and code analysis tools.
  • Understanding of network and system architecture, protocols, and configurations to assess security at the infrastructure level.
  • Experience and expertise in confidential computing technologies, employed as controls in operational security architectures and existing compliance attestations.

Employment Type: Full Time, Permanent

Functional Areas: Software/Testing/Networking

Read full job description

Security Engineer Interview Questions and Tips

Prepare for Security Engineer jobs with interviews advice from real interviews

View all interview questions

Discover interview dos and don'ts from real experiences

What people at M2P Solutions are saying

What M2P Solutions employees are saying about work life

based on 34 employees
78%
90%
56%
100%
Flexible timing
Monday to Friday
Within city
Day Shift
View more insights

M2P Solutions Benefits

Cafeteria
Work From Home
Health Insurance
Team Outings
Soft Skill Training
Job Training +6 more
View more benefits

Compare M2P Solutions with

Samunnati Financial Intermediation and Services

4.5
Compare

Stock Holding Corporation of India

3.5
Compare

TransUnion

4.0
Compare

Fexprime Finance

4.5
Compare

Kalkine

4.0
Compare

ICRA

3.1
Compare

Biz 2 Credit Info Services

3.5
Compare

Teamspace Financial Services

4.3
Compare

IQ BackOffice

3.5
Compare

Poonawalla Housing Finance

3.7
Compare

ICICI Direct

3.8
Compare

OneAssist Consumer Solutions

4.1
Compare

PC Financial Services

3.9
Compare

National Securities Depository

3.3
Compare

Namdev Finvest

4.4
Compare

Toyota Financial Services

3.7
Compare

Manappuram Home Finance

3.9
Compare

Eclat Health Solutions

4.3
Compare

Lentra AI

3.0
Compare

Ummeed Housing Finance

4.0
Compare

Similar Jobs for you

Security at IBM India Pvt. Limited

Mumbai

4-6 Yrs

Not Disclosed

Security at IBM India Pvt. Limited

Navi Mumbai

4-7 Yrs

Not Disclosed

Security Engineer at Accenture Solutions Pvt Ltd

Bangalore / Bengaluru

3-5 Yrs

Not Disclosed

Security Engineer at XenonStack Private Ltd

Mohali

2-4 Yrs

Not Disclosed

Security Engineer at Myrsa Technology Solutions

Thane

2-6 Yrs

Not Disclosed

Security Engineer at Accenture Solutions Pvt Ltd

Bangalore / Bengaluru

5-7 Yrs

Not Disclosed

Security Engineer at Accenture Solutions Pvt Ltd

Hyderabad / Secunderabad

3-5 Yrs

Not Disclosed

Security Engineer at Ventuno Technologies

Chennai

3-8 Yrs

Not Disclosed

Security Engineer at MNR Solutions

Bangalore / Bengaluru, Chennai + 1

5-7 Yrs

₹ 10-16 LPA

Security Engineer at TOPPAN MERRILL TECHNOLOGY SERVICES PRIVATE LIMITED

Chennai, Gurgaon / Gurugram + 1

3-7 Yrs

Not Disclosed

Threat Modelling Security Engineer

2-8 Yrs

Chennai

Automation, Testing tools, Coding +7 more

1mon ago·via naukri.com

Principal Security Architect

8-12 Yrs

Chennai

Information security, Coding, Financial services +6 more

1mon ago·via naukri.com

Tech Support - L2

3-7 Yrs

Mumbai

Oracle, Unix, Linux +7 more

2mon ago·via naukri.com

Tech Support - L1

3-7 Yrs

Mumbai

Unix, Linux, CRM +7 more

2mon ago·via naukri.com

Lead SDE - Java Development

8-12 Yrs

Chennai

MySQL, Apache, Data structures +6 more

2mon ago·via naukri.com