James Rabe

Head of Global Services
@
IriusRisk

Professional Expertise & Experience

James Rabe is the Head of Global Services at IriusRisk, leading the global team responsible for the successful design, implementation, and adoption of threat modeling solutions for customers. His core expertise lies in transforming complex security and compliance challenges into pragmatic, automated processes that support a Secure by Design philosophy.

With over a decade of experience in technology, security, and compliance consulting, James has developed deep insight into the operational challenges of security in rapidly evolving environments. His specific focus areas include:

  • Program Design and Implementation: Building efficient, measurable, and scalable threat modeling programs.
  • Security & Compliance: Applying knowledge gained from multiple certifications across vendors like Qualys, Fortinet, Microsoft, and CompTIA to practical compliance challenges.
  • Value-Driven Security: Helping organizations move from passive security management to active threat modeling that maximizes security value.

Notable Contributions

James is a recognized public speaker and active community member, often addressing the practical and cultural hurdles of application security adoption:

  • Industry Speaker: He presents at key security conferences and events, including ThreatModCon and other industry meetups, on topics such as optimizing the threat modeling journey and "Overcoming Analysis Paralysis" in security design.
  • Community Mentor: He is an active mentor within the Threat Modeling Connect community, providing guidance for the annual Threat Modeling Hackathon.
  • Non-Profit Outreach: James dedicates time to providing free cybersecurity training and assessments to non-profits and small schools in his region, reinforcing his commitment to making robust cybersecurity accessible.
  • Publications: He is a contributing author on thought leadership pieces discussing the stages of effective and efficient threat modeling.
  • Relevant Certifications include: CISSP, CCSP, and GRCP

For some of James' additional content, take a look at his LinkedIn articles.

Blogs by

James Rabe

Threat Modeling
Risk Management
Cloud Security
Secure-by-Design: AWS S3 Buckets
June 25, 2025
Read post
Threat Modeling
Risk Management
Secure-by-Design Topic: Hardware Security Modules (HSMs)
June 5, 2025
Read post
Threat Modeling
Software security
Secure-by-Design Series: Implementing Zero Trust Architecture (ZTA)
May 13, 2025
Read post
Threat Modeling
Secure by Design Introduction
May 7, 2025
Read post
Risk Management
Threat Modeling
Overcoming Analysis Paralysis
September 5, 2022
Read post
Risk Management
Software security
Threat Modeling
Use Case - Threat Modeling SaaS Applications
Read post