Sr Lead Security Engineer

Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions.

Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies.

As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity and Technology Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior.

As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

CTC IAM Risk Discovery is focused on enabling secure products in the IAM space that possess a transparent risk posture.

We develop people, process, and technology that help product teams to identify security/privacy and operational risk during their product lifecycle, and surface that risk to inform tactical mitigation, strategic direction, and measurable improvement of product quality.

Job responsibilities


* Design, develop, integrate, and maintain custom, data-driven security posture and vulnerability management solutions within the enterprise environment.


* Collaborate with other software engineering teams as necessary to integrate security products and workflows in Java, Python, PowerShell, and other languages.


* Lead or support vulnerability management efforts, including tooling and workflow automation.


* Develop and implement security and risk scoring strategies to guide remediation efforts.


* Conduct security assessments and provide remediation guidance to various teams.


* Identifies and implements tools and processes to allow efficient sharing of data and information to promote business agility while ensuring regulatory compliance


* Evaluates and proposes new security-related products and services


* Assists with forensic analysis of security incidents


* Continually assesses new trends in technology and determines implications on the overall security control process


* Drives security engineering thought leadership within the product line


* Champions the firm's culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills


* Formal training or certification on software engineering concepts and at least 5 years applied experience


* Experience developing security engineering solutions for public cloud-based applications and infrastructure


* Experience applying expertise and new methods to determine net new solutions for complex technology problems in one or more technical disciplines


* Fluent in one or more scripting languages such as Python, PowerShell, or equivalent.


* Good working knowledge of Microsoft Active Directory and EntraID.


* Experience with Serv...