hero

Find Your Dream Job Today

Our mission is to help high-achieving LGBTQ+ undergraduates reach their full potential.

Senior Lead Security Engineer - Cloud Security

JPMorganChase

JPMorganChase

Columbus, OH, USA
Posted on Aug 5, 2024

Job Description

Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers.

As a Senior Lead Security Engineer at JPMorgan Chase within the the Cybersecurity & Technology Controls team, you are an integral part of an agile team that works to deliver cloud solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.

Take on a crucial role where you'll be a key part of a high-performing team who ensure the firms central cloud platforms are enabled securely. Make a real impact as you help shape the future of cloud security at one of the world's largest and most influential companies. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions

Job responsibilities

  • Support the execution and enhancement of a long term information risk and control strategy designed to keep the information assets of the public cloud secure.
  • Lead cloud infrastructure platform security review and threat modelling, including code reviews
  • Deliver risk based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components.
  • Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures.
  • Contribute to documentation and agile processes in support of security programs.
  • Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, IAM and network security.
  • Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs
  • Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability
  • Responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events
  • Adds to team culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills

  • Formal training or certification on security engineering concepts and 5+ years applied experience developing, engineering or architecting within a public cloud environment.
  • Skilled in planning, designing, and implementing enterprise-level security solutions
  • Experience following agile practices like Test Driven Development (TDD) and Behavior Driven Development(BDD)
  • Experience engineering with Terraform or infrastructure-as-code and Understanding of DevOps or CI/CD concepts
  • Advanced in one or more programming languages
  • Advanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.)
  • Ability to tackle design and functionality problems independently with little to no oversight
  • Practical cloud native experience (i.e. AWS, Azure and/or GCP)
  • Eagerness to collaborate in a team, and comfortable in both virtual and office environments
  • Self-disciplined, self-managed, self-motivated and strong sense of ownership, urgency, and drive
  • Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders

Preferred qualifications, capabilities, and skills

  • Leadership experience would be advantageous
  • Extensive experience with threat modeling, discovery, vulnerability, and penetration testing
  • Familiarity with Cloud Security Posture Management (CSPM) products (i.e. Wiz, Prisma Cloud, CloudGuard, Orca Security, CrowdStrike Falcon Cloud Security, MS Defender…)
  • Accreditation/Certifications:
    • AWS Certified Practitioner/Cloud Engineer/Software Development Engineer/Cloud Security Engineer/Cloud Security Architect/Application Architect
    • Google Certified Professional Cloud Security Engineer and/or Microsoft Certified: Azure Security Engineer Associate
    • Certified Kubernetes Security Specialist (CKS)
    • CISSP