IT Security Operations Lead

Job Description

Threat Modeling Program Operations Lead (TMaaS)

Location: Charlotte, NC (Hybrid)

Duration: 12 Month Contract

Position Summary

The Threat Modeling Program Operations Lead is a high-judgment operator responsible for running Threat Modeling as a Service (TMaaS) as a scalable, repeatable, and defensible delivery model. This role orchestrates end-to-end workflows, governs intake and readiness, enforces service boundaries, and eliminates process inefficiencies to drive significant productivity gains.

This individual owns the operational backbone of the threat modeling function, including intake triage, readiness enforcement, scheduling, Waiting-on-Customer-Action (WCA) management, and executive reporting. The role also supports TMaaS enablement across business units by standardizing service tiers, delivery expectations, communication cadences, and performance metrics.

The ideal candidate excels at building executive-ready dashboards, managing cross-cultural delivery across U.S. and India teams, and protecting architect capacity by ensuring only ready, in-scope work enters the system.

Must-Have Qualifications

• Highly organized, proactive, and execution-focused (“get things done” mindset)
• Strong experience in program operations, service delivery, or platform governance
• Proven ability to operate a productized internal service at scale
• Working knowledge of threat modeling concepts and SDLC integration
• High proficiency with Jira, dashboards, and operational reporting tools
• Excellent written and verbal communication skills, including executive-level reporting
• Demonstrated ability to enforce process discipline under pressure and competing priorities

Preferred Experience

• Background in application security (AppSec), AppSec operations, or security service delivery
• Experience launching or operating “X-as-a-Service” models (e.g., Security, Platform, DevEx)
• Familiarity with cloud, identity, and API-centric architectures
• Experience supporting globally distributed teams (U.S. and offshore)
• Prior ownership of metrics, SLAs, or internal service health reporting

Core Responsibilities

1. TMaaS Intake Governance & Service Enforcement

• Manage all incoming threat modeling requests across the enterprise
• Enforce intake standards, eligibility criteria, and defined service scope
• Validate submissions for completeness, accuracy, and alignment
• Route requests to appropriate business units, application teams, and security stakeholders
• Categorize requests by service tier (standard, expedited, exception-based)
• Assign Internal Work Deadlines (IWD) and track External Commitment Deadlines (ECD)
• Enter and track requests within Jira workflows
• Classify model types (cloud, identity-heavy, API-heavy, legacy)
• Segment work by complexity (low, medium, high) for capacity planning
• Initiate and manage the standard 6-week TMaaS delivery lifecycle

2. Readiness Management & Client Enablement

• Enforce readiness gates prior to analysis
• Validate completion of a standardized 10-point readiness checklist
• Assess readiness and identify gaps in required artifacts
• Engage stakeholders to resolve readiness issues proactively
• Execute milestone-based communications (T–6 through T–1)
• Issue formal risk notifications when delivery timelines are at risk
• Facilitate working sessions focused on artifact completion
• Maintain audit-ready documentation of readiness activities and delays

3. Scheduling, Capacity & Demand Management

• Maintain architect capacity models and enforce WIP limits (max three concurrent models per architect)
• Schedule work around PTO, holidays, and sprint cycles
• Adjust timelines dynamically based on readiness and responsiveness
• Drive go/no-go decisions aligned with internal deadlines
• Identify and escalate demand vs. capacity gaps with data-backed insights

4. WCA Tracking & Escalation

• Track all Waiting-on-Customer-Action (WCA) delays and root causes
• Log WCA durations with timestamps for service-level reporting
• Execute structured escalation paths (Champion → Manager → Director → CIO)
• Produce weekly WCA summaries by business unit and application
• Feed WCA insights into executive dashboards to highlight systemic issues

5. TMaaS Communication & Jira Operations

• Maintain Jira workflow accuracy, task management, and reporting hygiene
• Standardize communication templates for updates, reminders, and escalations
• Enforce consistent communication cadences (weekly, milestone-based, executive-level)
• Coordinate meetings only when readiness criteria are met
• Maintain shared delivery timelines and milestone tracking

6. SDLC Alignment & Delivery Assurance

• Align TMaaS delivery with SDLC processes and release cycles
• Ensure threat models map to relevant changes, features, or releases
• Monitor readiness indicators and document exceptions or delays
• Ensure outputs integrate with downstream risk and defect management workflows

7. Reporting, Analytics & Executive Visibility

• Produce weekly reporting on cycle time, throughput, and WCA metrics
• Maintain dashboards tracking SLA adherence, backlog health, and forecasts
• Deliver monthly executive summaries with trend and root cause analysis
• Translate operational metrics into clear, actionable insights for leadership

8. Architect Shielding & Service Integrity

• Act as a buffer between demand intake and architecture teams
• Ensure only ready, in-scope work reaches architects
• Prevent ad hoc requests, premature engagement, and scope creep
• Document upstream issues to protect delivery teams
• Reinforce TMaaS as a structured service model (not ad hoc consulting)