Posted:4 days ago|
Platform:
Work from Office
Full Time
Role Title
Threat Modeling & AI Security Lead
Role Purpose
Establish and scale Threat Modeling (new builds, major changes, high risk/regulatory projects) and lead AI Security across AI/LLM/RAG use cases covering methodologies (STRIDE, PASTA, LINDDUN), secure design, controls, policies, and AI incident response.
Key Responsibilities
Threat Modeling:
Implement STRIDE/PASTA/LINDDUN org wide
Build models (architecture diagrams, trust boundaries, data flows, abuse/misuse scenarios, risk scoring)
Collaborate with architects/dev/product to define security requirements in design
Operate SD Elements for patterns & requirements; track in Jira; document in Confluence
Report adoption, coverage, risk reduction. AI Security:
Intake & risk triage for AI use cases
AI threat modeling (prompt injection, jailbreaks, exfiltration, poisoning)
Secure patterns for RAG/agents (prompts, isolation, secrets) with guardrails (allow/deny, content filters, rate limiting, token protections, provenance/watermarking where available)
Data security (PII minimization, classification, retention, masking) Model/provider assessments (internal/open-source/cloud)
AI red teaming/testing MLOps/LLMOps CI/CD gates, policy as code, model registry controls, drift/bias checks (where applicable)
Monitoring & IR playbooks for AI incidents.
Required Skills & Experience
10 12 years in AppSec with deep Threat Modeling and AI Security; tools: SD Elements, Jira, Confluence; familiarity with AI/LLM platforms and observability; strong architecture literacy across microservices/API/web/mobile.
Shift Coverage
Business hours; on call advisory for urgent design changes and AI P1 incidents.
Systems Access & Request Process
SD Elements: Content Admin; Jira request AppSec Manager approval quarterly recert. Jira/Confluence: Project ownership; workflow templates for design risk; documentation controls. AI platforms: read/limited write; change approvals via Architecture + AppSec.
Primary Tools
SD Elements, Jira/Confluence, architecture repositories; AI/LLM platforms & telemetry (as applicable).
Keywords
Threat Modeling, AppSec, Secure Design, STRIDE, PASTA, LINDDUN, Architecture Risk Analysis, Trust Boundaries, Data Flow Diagrams, Abuse Case Analysis, Misuse Case Analysis, Risk Scoring, Security Requirements, SD Elements, Jira, Confluence, Secure Architecture, AI Threat Modeling, LLM Security, Generative AI Security, RAG Security, Agent Security, Prompt Injection, Jailbreaks, Data Exfiltration, Model Poisoning, AI Guardrails, Content Filtering, Rate Limiting, Token Protection, Provenance, Watermarking, Data Security, PII Minimization, Data Classification, Data Masking, Data Retention, Model Risk Assessment, Third-Party AI Risk, Open-Source Model Risk, Cloud AI Security, AI Red Teaming, AI Testing, MLOps Security, LLMOps Security, CI/CD Security Gates, Policy-as-Code, Model Registry Controls, Model Drift, Bias Detection, AI Monitoring, AI Incident Response, IR Playbooks, Microservices Security, API Security, Web Security, Mobile Security, Architecture
GSPANN
Upload Resume
Drag or click to upload
Your data is secure with us, protected by advanced encryption.
Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.
We have sent an OTP to your contact. Please enter it below to verify.
Instantly access job listings, apply easily, and track applications.
hyderabad, gurugram
6.5 - 13.0 Lacs P.A.
8.0 - 13.0 Lacs P.A.
pune, bengaluru, delhi / ncr
10.0 - 20.0 Lacs P.A.
kochi
11.0 - 15.0 Lacs P.A.
chennai, bengaluru
9.0 - 14.0 Lacs P.A.
mumbai, delhi / ncr, bengaluru
5.0 - 8.0 Lacs P.A.
gurugram
13.0 - 17.0 Lacs P.A.
5.0 - 10.0 Lacs P.A.
navi mumbai
13.0 - 17.0 Lacs P.A.
chennai
12.0 - 17.0 Lacs P.A.
