UST Title- Specialist I – Information Security
Who we are:
At UST, we help the world’s best organizations grow and succeed through transformation. Bringing together the right talent, tools, and ideas, we work with our client to co-create lasting change. Together, with over 30,000 employees in 30+ countries, we build for boundless impact—touching billions of lives in the process. Visit us at .
Summary:
We are looking for a detail-oriented and security-focused Threat Modeling Reviewer to help ensure our systems are secure by design. In this critical role, you will lead and support threat modeling reviews, collaborate closely with engineering and product teams, and drive proactive risk mitigation strategies. Ideal candidates will have hands-on experience in threat modeling, strong communication skills, and knowledge of relevant tools and frameworks. Preferred qualifications include expertise in AI-assisted threat modeling and hardware security.
The Opportunity:
UST is looking for Threat Modeling reviewer.
Key Roles & Responsibilities:
We are seeking a detail-oriented and security-savvy Threat Modeling Reviewer to join our team. This role is critical to ensuring that our systems are designed with security in mind from the ground up. You will lead and support threat modeling reviews, collaborate with engineering and product teams, and help drive proactive risk mitigation strategies across the organization. Candidates should have experience in threat modeling, strong communication skills, and familiarity with relevant tools and frameworks, with preferred skills including AI-assisted modeling and hardware security expertise.
Key Responsibilities
· Conduct Threat Modeling Reviews
o Analyze system architecture using data flow diagrams and STRIDE methodology/Framework
o Well versed experience in Security feature in HW side
o Identify, prioritize, and document threats and mitigations
o Validate threat models throughout the development lifecycle
· Facilitate Review Process
o Coordinate review requests via the Threat Modeling Portal (TMP)
o Schedule and lead review meetings with stakeholders
o Ensure all required artifacts (DFDs, source code links, documentation) are submitted and stored centrally
· Collaborate Across Teams
o Work with PMs, developers, and security SMEs to ensure review completeness
o Track action items and follow-ups in ADO or designated systems
o Participate in forums such as HW Security CoE and Security Horizontal
· Tool Proficiency
o Use Microsoft Threat Modeling Tool and Threat Model Copilot
o Leverage AI-driven features for scenario-based analysis and iterative reviews
o Maintain and update templates and stencils for modeling consistency
· Ensure Compliance
o Align reviews with SDL KPIs and governance standards
o Trigger reviews when attack surfaces change or new features are introduced
o Support publishing and documentation workflows for audit readiness
What you need:
· Exposure to AI-assisted threat modeling tools and workflows
· Experience in hardware security or firmware threat modeling
· Ability to interpret and validate complex DFDs and threat lists
· Knowledge of compliance standards and audit processes
Required Skills:
· Proven experience in threat modeling, security architecture, or secure software development
· Strong understanding of STRIDE, SDL, and risk assessment frameworks
· Familiarity with system modeling techniques (e.g., attack trees)
· Excellent communication and documentation skills
· Experience with TMP, ADO, and Microsoft Threat Modeling Tool preferred
· 8-12 Years of domain experience
Desired Skills:
· Experience with AI-assisted threat modeling tools, such as Threat Model Copilot
· Knowledge of hardware security and firmware threat modeling
· Ability to analyze and validate complex Data Flow Diagrams (DFDs) and detailed threat scenarios
· Familiarity with compliance standards, security governance, and audit documentation
· Proficiency in using tools like Microsoft Threat Modeling Tool, TMP, and Azure DevOps (ADO)
· Strong communication and collaboration skills to work effectively with cross-functional teams
Qualification:
• 8-12 Years of domain experience
What we believe:
We’re proud to embrace the same values that have shaped UST since the beginning. Since day one, we’ve been building enduring relationships and a culture of integrity. And today, it's those same values that are inspiring us to encourage innovation from everyone, to champion diversity and inclusion and to place people at the centre of everything we do.
Humility:
We will listen, learn, be empathetic and help selflessly in our interactions with everyone.
Humanity:
Through business, we will better the lives of those less fortunate than ourselves.
Integrity:
We honour our commitments and act with responsibility in all our relationships.
Equal Employment Opportunity Statement
UST is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion, or sexual orientation.
All employment decisions shall be made without regard to age, race, creed, colour, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
UST reserves the right to periodically redefine your roles and responsibilities based on the requirements of the organization and/or your performance.
• To support and promote the values of UST.
• Comply with all Company policies and procedures