Senior Lead Security Engineer

Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers.

As a Senior Lead Security Engineer at JPMorgan Chase within Cybersecurity and Tech Controls, you play a crucial role in meeting pre-defined functional and user requirements while also ensuring the prevention of misuse, circumvention, and malicious behavior.

Your technical expertise and problem-solving skills will be instrumental in addressing a wide range of cybersecurity challenges across various technology domains, thereby promoting significant business impact.

Job responsibilities


* Design and implement secure provisioning, attestation, and verification processes across the hardware and firmware lifecycle


* Collaborate with silicon vendors, OEM partners, and internal teams to validate trust anchors and lifecycle events


* Contribute to architecture and tooling that supports device integrity verification, secure boot enforcement, and firmware transparency


* Build workflows for firmware and hardware telemetry ingestion, anomaly detection, and audit reporting


* Participate in internal and partner-side supply chain threat modeling, security reviews, and mitigation design


* Maintain awareness of evolving supply chain threats, secure hardware standards, and low-level vulnerability classes


* Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs


* Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability


* Be responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events


* Adds to team culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills


* Formal training or certification on software engineering, computer science, or data science concepts and 5+ years applied experience


* Strong background in security engineering, hardware/firmware systems, or supply chain risk mitigation.


* Deep knowledge of firmware architectures (UEFI, BIOS, BMC, NVMe, etc.).


* Familiarity with open-source firmware projects (e.g., coreboot, U-Boot, OpenBMC).


* Experience with cryptographic primitives used in attestation (e.g., ECC, SHA, PCRs, X.509).


* Proficient in Go, Rust, or C/C++ for low-level systems development.


* Understanding of SBOM, firmware signing, and secure boot workflows.


* Practical knowledge of threat vectors at the silicon/firmware interface.


* Experience implementing secure supply chain workflows.

Preferred qualifications, capabilities, and skills



* Prior Financial Industry experience a plus

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and...