Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers.

As a Senior Lead Security Engineer at JPMorgan Chase within the Cybersecurity Technology and Controls organization, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.

Job responsibilities

 

Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needsWorks at code-level using Python and drives the maturity of the Cybersecurity software development lifecycle with advanced understanding of line of business technology driversPerforms deployment, administration, management, configuration, testing, document, operations and integration tasks related to the Cloud Network Security Platforms and champion a DevOps security model to ensure security is automated and elastic across all platformsLeads and develops new Cloud Security ImplementationsDesigns and develops strategies to provide end-to-end automation, architecture design, performance and monitoring, best practices, proof of concepts, product design, and transition to operationsEnsures quality control of engineering deliverables and ensures firm policies are compliant with strict security standards Drives decision making by analyzing complex data systems, ensures all engineering activities are in conformance with firm policies & objectivesLeverages DevOps tools to build, harden, maintain and develops a comprehensive Cloud-based security orchestration platform for network security and infrastructure as code Develops automated security and compliance capabilities in support of DevOps processes in a large-scale Cloud computing environmentCollaborates with technologists, stakeholders, and senior business leaders to recommend business modifications during periods of vulnerability. Be responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events 

 

Required qualifications, capabilities, and skills

Formal training or certification on Security Engineering concepts and 5+ years applied experienceAdvanced hands-on coding experience in Python/Go and TerraformExpertise with AWS Infrastructure such as networking, EC2, Lambdas, server-less solutions, VPC, routes53, autoscaling, Transit Gateway, API Gateway, Step Functions, secrets manager and storage servicesProficient in core concepts for Networking, IaaC, Public Cloud architecture and Cloud SecurityExpertise developing and designing complex cloud architectures, deploying of scalable solutions, creating and handling CI/CD pipelines, application resiliency, security design and implementation, and triaging issues in Agile Software Development Lifecycle methodologyExtensive experience with threat modeling, discovery, vulnerability, and penetration testingAbility to tackle design and functionality problems independently with little to no oversight Collaborate with cross-functional teams, including IT, development, and operations, to ensure web application security.
Deploy and configure web application firewalls to protect web applications from threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top Ten vulnerabilities. Customize WAF rules and policies to meet the specific security needs of the organization.Experience with WAF technologies such as AWS WAF, Akamai, Cloudflare, or similar.

 

Preferred qualifications, capabilities, and skills

Certifications in AWS, Networking, or Security.