JD:
Responsibility of / Expectations from the Role
Develop and maintain Data Flow Diagrams identifying trust boundaries, data stores and external entities
Identify and categorize threats using STRIDE methodology and recommend mitigation strategies
Use tools such as MS Threat Modelling Tool and OWASP Threat Dragon for documenting and tracking threats
Prepare threat assessment reports and present risk findings to stakeholders and leadership
Collaborate with architects, developers, and security teams to integrate secure design practices early in SDLC
Conduct structured threat modelling sessions for applications, API's and system architectures.
