STPA-Sec is a systematic method that allows to analyze system designs and identify vulnerabilities in those designs from the onset and throughout the system lifecycle. We describe a carefully designed metamodel that accommodates the concepts and steps of the method. We translate key concepts from STPA-Sec into a metamodel, with the intention of facilitating a more structured and disciplined application of STPA-Sec. We demonstrate the advantage of using the metamodel in two case studies.