Principal Security Engineer - IAM | Active Directory

Propel your engineering excellence to new heights by becoming a part of a talented and exceptional team.

Take your place among the best in the industry.

As a Principal Security Engineer at JPMorgan Chase within the Cybersecurity and Technology Controls organization, you provide expertise and engineering excellence as an integral part of an agile team to enhance and develop cybersecurity software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior.

Leverage your advanced technical capabilities and collaborate with colleagues across the organization to drive best-in-class outcomes

We are seeking a Principal Security Engineer to join our dynamic Risk Discovery team.

This role is pivotal in safeguarding our enterprise systems through the implementation of data-driven security and posture management solutions that ensure the security and resilience of our infrastructure.

The Principal Security Engineer will work closely with various teams to improve our security posture through the implementation of advanced, industry-leading products and tooling that identify and disposition risk within the Active Directory realm.

CTC IAM Risk Discovery is focused on enabling secure products in the IAM space that possess a transparent risk posture.

We develop people, process, and technology that help product teams to identify security/privacy and operational risk during their product lifecycle, and surface that risk to inform tactical mitigation, strategic direction, and measurable improvement of product quality.

Job responsibilities


* Design, develop, integrate, and maintain custom, data-driven security posture and vulnerability management solutions within the enterprise environment.


* Collaborate with other software engineering teams as necessary to integrate security products and workflows in Java, Python, PowerShell, and other languages.


* Lead or support vulnerability management efforts, including tooling and workflow automation.


* Develop and implement security and risk scoring strategies to guide remediation efforts.


* Conduct security assessments and provide remediation guidance to various teams.


* Identifies and implements tools and processes to allow efficient sharing of data and information to promote business agility while ensuring regulatory compliance


* Evaluates and proposes new security-related products and services


* Assists with forensic analysis of security incidents


* Continually assesses new trends in technology and determines implications on the overall security control process


* Drives security engineering thought leadership within the product line


* Champions the firm's culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills


* Formal training or certification on software engineering

* concepts and 10+ years applied experience


*...