Senior Security Software Engineer (Cryptography and Threat Modeling)
Remote in Armenia, & 3 others
Security.Engineering& 4 others
Looking for something else?
Find a vacancy that works for you. Send us your CV to receive a personalized offer.
Find me a jobChoose an option
We are seeking a Senior Security Software Engineer specializing in Cryptography and Threat Modeling to drive cryptographic inventory initiatives and support FIPS 140-3 compliance across products. This role involves close collaboration with Security and product engineering teams to facilitate threat modeling workshops and deliver comprehensive security documentation.
Responsibilities
- Drive the creation of a crypto inventory using IBM QSE and agentic validation
- Review findings and issues related to FIPS 140-3 compliance
- Define, coordinate and track mitigation plans with engineering teams
- Facilitate threat modeling workshops for cloud applications
- Produce clear and actionable threat modeling reports
- Contribute to broader Secure Development and Operations Lifecycle (SDOL) activities
- Deliver a complete crypto inventory including FIPS 140-3 compliance reports
- Track progress on cryptographic mitigation plans in collaboration with engineering teams
- Prepare handover documentation and support knowledge transfer to the Security Team
Requirements
- 3+ years of hands-on experience in software security with end-to-end implementation of security initiatives
- Expertise in FIPS 140-3 compliance and cryptographic inventory management
- Capability to work independently and take ownership of security initiatives with minimal supervision
- Skills in driving topics to completion within complex security projects
- Proficiency in documentation, communication and stakeholder management
- Background in facilitating threat modeling workshops and producing security reports
- Upper-Intermediate English language proficiency (B2+)
Nice to have
- Familiarity with IBM QSE
- Background in cryptography
- Capability to apply agentic AI in hands-on projects
- Proficiency in using Jira for task and project tracking
- Understanding of security requirements in highly regulated environments such as FedRAMP
