DescriptionPlay a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Technology Controls organization, your role is pivotal in creating top-notch cybersecurity solutions for a range of software applications and platform products. Your skills and contributions will have a substantial impact on the business, and your profound technical expertise will be utilized to solve a wide variety of cybersecurity issues across multiple technology domains.
Job responsibilities
- Strive to prioritize sustainable controls and driving real risk reduction outcomes.
- Embed threat modelling, solutions architecture, secure code review into product and application teams so they adopt our control products and create products that are secure from the start
- Solve for complex problems on the cutting edge of fields like Payments and banking APIs
- Evaluate current cybersecurity principals, processes, and controls, and new technology using existing standards and frameworks
- Provide technical guidance and direction to support the business and its technical teams, contractors, and vendors
- Work with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
- Serve as a function-wide subject matter expert. Be recognized in your product as the clear point of escalation and subject matter expert for IT Risk and Cyber domains.
- Proactively monitor Key Risk Indicators to ensure issues are identified, quantified, communicated, and managed in a timely manner, including recommendations for resolution and identifying the root cause/key themes.
- Contribute to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Secure Software Development Life Cycle
- Influence peers and project decision-makers to consider the use and application of leading-edge technologies
- Work collaboratively with product, technology, and business colleagues on an on-going basis for business-as-usual audit and regulatory engagements, risk activities and project initiatives.
Required qualifications, capabilities, and skills
- Formal training or certification on software engineering concepts and 5+ years applied experience
- Advanced knowledge of cybersecurity architecture/engineering, applications, and technical processes
- Advanced in one or more programming languages (e.g. Java, Python, C++)
- Hands-on practical experience delivering enterprise level planning, design, and implementation of enterprise-level security solutions and controls related to:
- Modern Security Engineering/Architecture practices (e.g. microservices, containers, orchestration, continuous integration & delivery pipelines, API first, service delivery & integration)
- Technical Service Delivery - Shipping code & features
- Product technologies (i.e., Infrastructure, Application)
- Secure Software Development Life Cycle (SSDLC) (e.g. code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning
- Applicable working experience designing and implementing cloud services (e.g., IaaS, PaaS, SaaS, etc.) offered from public cloud service providers (e.g., AWS, Microsoft Azure, Google etc.)
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
- Able to communicate effectively and authoritatively with technical and non-technical stakeholders.
Preferred qualifications, capabilities, and skills
- Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect)
- Experience in financial services consumer businesses (i.e., Mortgages, Cards or Digital) preferred but not required
- Banking experience preferred but experience in industries with similar risk tolerance is acceptable