Skip to main content

Threat Modeling Specialist

00069074601

Threat Modeling Specialist

Location: Toronto, ON (Hybrid)

About Cognizant

Cognizant is one of the world’s leading professional services companies, helping clients transform their business, operating, and technology models for the digital era. Our unique, industry-based approach helps clients build more innovative and efficient businesses.

At Cognizant, we are committed to fostering a collaborative, inclusive, and high-performing environment where you can grow your career while making a meaningful impact.

Role Overview

We are seeking a Threat Modeling Specialist to strengthen our enterprise security posture by proactively identifying, assessing, and mitigating risks across applications and platforms.

In this role, you will partner closely with engineering teams, application owners, and security leadership to embed secure design principles, threat modeling practices, and DevSecOps capabilities into the software development lifecycle—all while enabling a positive and seamless developer experience.

Key Responsibilities

Threat Modeling & Risk Assessment

  • Conduct threat modeling exercises to identify vulnerabilities, attack vectors, and control gaps
  • Perform security risk assessments across application designs and implementations
  • Develop creative attack scenarios to challenge existing architectures and controls
  • Provide consultative guidance to application teams on secure design practices

Governance & Program Enablement

  • Design, implement, and mature governance processes for threat modeling and application security
  • Develop and maintain documentation, standards, and threat modeling methodologies
  • Partner with security leadership to drive adoption of secure design practices across the enterprise
  • Track remediation plans and ensure security controls are implemented effectively
  • Support audit readiness through validation of controls and security scanning outputs

Engineering Enablement & Best Practices

  • Develop and promote secure design patterns, coding standards, and threat libraries
  • Collaborate with engineering teams to embed security into DevSecOps pipelines
  • Provide training and awareness on emerging threats, vulnerabilities, and best practices
  • Support exception management processes for security standards

Reporting & Continuous Improvement

  • Create dashboards and reports on risk posture, compliance gaps, and remediation progress
  • Define and track security metrics to measure program effectiveness
  • Contribute to enterprise information security strategies and roadmap execution
  • Recommend tools, skills, and capabilities to enhance the security program

Agile Delivery Support

  • Facilitate Agile ceremonies and support Program Increment (PI) planning and execution
  • Partner with Release Train Engineers (RTEs) and delivery teams to ensure security is integrated into development workflows
  • Enable teams to meet both delivery and security objectives

Required Qualifications

  • Bachelor’s degree in Computer Science, Information Systems, or related field
  • 6–9 years of experience in information security or application security
  • Hands-on experience with security risk management and process improvement
  • Experience working with application teams to gather requirements and implement security controls
  • Strong analytical, communication, and stakeholder management skills

Preferred Qualifications

  • Experience with threat modeling frameworks (e.g., STRIDE, CAPEC, MITRE ATT&CK)
  • Strong understanding of application security controls across Web, API, Mobile, and AI platforms
  • Knowledge of security frameworks such as NIST CSF, NIST 800-53, OWASP ASVS
  • Experience integrating security into DevSecOps pipelines
  • Understanding of modern architectures, including:
    • Single Page Applications (SPAs)
    • REST/SOAP APIs
    • Mobile applications
  • Familiarity with:
    • Programming languages: Java, JavaScript
    • Databases: Oracle, SQL Server, DB2, NoSQL
    • Cloud security architecture and operations
    • Identity and Access Management (OAuth 2.0, OIDC, JWT)
    • Cryptographic controls for data protection

Certifications (Preferred)

  • CISSP, CISM, CSSLP, CISA, CRISC, OSCP

Why Cognizant?

  • Opportunity to work on cutting-edge security challenges in a global environment
  • Collaborative culture focused on innovation, learning, and growth
  • Exposure to large-scale enterprise platforms and modern architectures

Benefits – Canada

Cognizant offers a comprehensive and competitive benefits package, including:

  • Health, dental, and vision insurance
  • Retirement savings plans (RRSP) with employer contributions
  • Generous paid time off and statutory holidays
  • Flexible hybrid work environment
  • Employee wellness and assistance programs
  • Learning and development opportunities, including certifications and upskilling
  • Employee recognition and performance bonus programs

Equal Opportunity Statement

Cognizant is an equal opportunity employer. We are committed to fostering an inclusive, accessible environment where all employees feel valued, respected, and supported.

What we offer

  • The chance to work with impact. Here, you’re empowered to bring your biggest thinking to help our company and clients improve everyday life.
  • Ownership over your career. Stay at the top of your game through our award-winning learning and development ecosystem. And when your ambitions change or we offer new opportunities, we help you pivot by providing reskilling, on-the-job learning and guidance to find new roles that might be a better fit.
  • The opportunity to thrive on a high caliber team with heart. We celebrate each other’s experiences and perspectives and promote a sense of belonging through our affinity groups and diversity and inclusion initiatives.
  • A comprehensive total rewards package, including a competitive salary and a pension plan with matching contributions.
  • Flexible health and financial benefits to support you and your eligible dependents—from day one.
  • True work-life balance. Be at your best through paid time off, flexible work arrangements, volunteering opportunities, social events, and so much more.  

About us
Cognizant (Nasdaq: CTSH) is an AI Builder and technology services provider, building the bridge between AI investment and enterprise value by building full-stack AI solutions for our clients. Our deep industry, process and engineering expertise enables us to build an organization’s unique context into technology systems that amplify human potential, realize tangible returns and keep global enterprises ahead in a fast-changing world. See how at www.cognizant.com or @cognizant.

Other employment-related information
Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, provincial or local laws.

If you have a disability that requires reasonable accommodation to search for a job opening or submit an application, please email [email protected] with your request and contact information.

Language requirements vary depending on roles, but we ask that all candidates have basic English proficiency for company-wide communications purposes. For roles based in Quebec, professional English proficiency is required, as you’ll deliver services to and collaborate with stakeholders outside the province who may not speak French.

Your path to Cognizant

Wondering what to expect after you apply? Here’s a peek at our recruitment process—and keep in mind that not all candidates advance through every step and the process may vary depending on your role and location.

Your Application Midnight Blue RGB

Step 1: Application

Find an open role that aligns with your skills and career goals and show us why you’re the person for the job. Consider joining our Talent Community if you don’t find the right opportunity.

Phone Call Midnight Blue RGB

Step 2: Recruiter call

If one of our recruiters sees a fit, they’ll set up a short introductory call to learn more about you and how your experiences and skills align with the role.

Step 3: Interview(s)

If you and our team would like to continue the process, you’ll meet with one of our hiring managers. Some roles may also require technical assessments and/or client interviews.

Step 4: Final decision

Our hiring team will then review each candidates’ potential to succeed in the role. This process may take some time because we want to get it right—but you can count on us to keep you updated.

Benefits that help you thrive and grow

Our teams achieve incredible things when they feel fully supported. That’s why our benefits program is built around the diverse needs of our people—so they can enjoy a fulfilling, balanced and healthy life.

Untitled Design 49
Financial wellbeing

Financial wellbeing

We regularly review market data to ensure compensation is competitive and reflects the value you bring. Your benefits extend beyond pay and may include retirement plans, financial education, discount programs, etc.

1 (1)
Physical and mental wellbeing

Physical and mental wellbeing

We empower you to prioritize your wellbeing through paid time off, flexible working where possible, healthcare plans, counselling, our Mental Health Allyship program and more. 

Your Career, Your Way
Your career, your way

Your career, your way

With 90% of our associates building skills through GenAI training, job shadowing, industry certifications and more, you have everything you need to build a full career.

Professionals
Real-world impact

Real-world impact

Think about the biggest brands you rely on. Chances are, they rely on us to help strengthen their business. Here, you’ll turn bold ideas into solutions that improve lives everywhere.

02.2026 Superlearner Debashish
"Cognizant has one of the best learning ecosystems you can ask for. From sponsored certifications to training platforms to mentorship, we have all that we need to grow.”
Debashish Mishra SAP MM Developer
Laura Reynaud
"Cognizant offers me more than a job; it offers a community. We support each other, collaborate across borders and celebrate wins together. If you’re looking for a culture that values flexibility, diversity and growth, this is the place to be."
Laura Reynaud Lead Counsel
Lucas Hoffman
“I’ve had the chance to work on impactful projects and shadow colleagues, all while getting involved in internal initiatives. The world is your oyster at Cognizant—you just need to take advantage of it!”
Lucas Hoffman Consultant
Sujatha’S Journey Main
“When I first joined, I was quiet and hesitant to share my thoughts. The leadership programs and the mentoring I’ve received have helped me find my voice and grow as a leader.”
Sujatha Gopalakrishnan Portfolio Delivery Lead
Paulo Miguel Epili Main
"Nobody here says ‘that’s not my job.’ People just help. That’s the entrepreneurial culture that makes me stay at Cognizant.”
Paulo Miguel Epili Sr. Process Executive

Haven't yet found the right opportunity?

Receive the latest updates on job opportunities, recruitment events and company news—tailored just for you!

Get the latest updates