Lead Security Engineer

Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions.

Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies.

As a Lead Security Engineer at JPMorgan Chase within the (CTC) Cybersecurity and Technology Controls line of business, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior.

As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

Job Responsibilities


* Responsible for activities related to continued security monitoring and is a first line of defense for incident response and vulnerability management.


* Executes security solutions design, development, and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e.g., product, platform, application owners)


* Researches, recommends, evaluates, and implements cybersecurity solutions or configurations that identify and/or protect against potential threats, and respond to security violations.


* Performs configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems.


* Performs development, deployment, administration, management, configuration, testing and integration tasks related to the security of the Offers and Shopping platform.


* Assists with the ongoing gathering of evidence to support compliance with PCI, SOC, internal controls and business controls.


* Work with internal technology team to ensure security and compliance is designed from-the-start for modern technology stacks such as public cloud, containers, API gateways, microservices & serverless platforms.


* Develops and maintains documentation for security systems and procedures

Required Qualifications, Capabilities, and Skills


* Formal training or certification on security engineering concepts and 5+ years applied experience


* Proficient in AWS administration with a focus on security


* Strong knowledge of cybersecurity domains, including Asset Security, Communication & Network Security, Identity & Access Management (IAM), Security & Risk Management, Security Architecture & Engineering, Security Assessment & Testing, Security Operations, and Software Development Security


* Hands-on demonstrated proficiency in scripting languages (Bash, PowerShell and/or Python) for automating security tasks and processes


* Hands-on practical experience delivering system design, application development, testing, and operational stability
...