JPMorgan Senior Lead Cybersecurity Architect - Cloud & Infrastructure Resiliency 

United States, Texas, Plano 

194862958

Job responsibilities

• Work closely with Line of Business architects and Infrastructure Product technologists to develop resilient architectures, design patterns and solutions that cover the Firm’s primary Plausible Disruptive Event scenarios
• Partner with the Firmwide Simulation Utility (FSU), the Firmwide Business Resiliency (FBR), and Infrastructure and Application development teams to develop new testing scenarios and capabilities
• Provide key SME leadership across the technology organization on resiliency programs and initiatives
• Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitoring of the Firm’s capability to recover from a disruptive event
• Define and implement post-mortem / root-cause analysis processes – develop improved controls and testing scenarios based upon analysis
• Partner with Product teams to ensure that products are designed and implemented in a resilient manner and have validation plans in place including continuous improvement plans
• Ensure that recovery playbooks are clearly defined, documented, communicated, adhered to, are audit compliant, and support associated application and business recovery objectivesPlanning, designing, and implementing enterprise level infrastructure solutions
• Guiding the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
• Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
• Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
• Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle

Required qualifications, capabilities, and skills

• Formal training or certification on software engineering* concepts and 5+ years applied experience
• Hands-on experience, including technical depth in one or more technology areas, such as: Cloud Enablement Design & Migration, Infrastructure Design, Distributed Technologies, and/or Messaging Technology.
• Knowledge of network architecture concepts, including topology, protocols, components, principles, fault domains and failure modes
• Understanding of latest cyber threats, attacking techniques and mitigating strategies (ie. blast radius analysis, workload placement)
• Knowledge of software-related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, implicitly / minimization...)
• Familiarity with Terraform and Infrastructure As Code (IaC) principles and tooling
• Skilled in conducting application and infrastructure design reviews/assessment and recognizing weaknesses vulnerabilities in systems
• Prior experience in disaster and/or cyber recovery planning and testing would be advantageous
• Knowledge of system and application vulnerabilities e.g. MITRE Att&ck framework, OWASP, NIST, SANS would be advantageous
• Hands-on experienceexperience of developing, engineering or architecting within a public cloud environment
• Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)

• Prior experience working with external auditors and regulators would be advantageous
• Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
• Certified as a AWS Solutions Architect, Azure Solutions Architect and/or CISSP