JPMorgan Lead Cybersecurity Architect 

United States, Texas, Houston 

206802715

Job responsibilities

• Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
• Strive to prioritize sustainable controls and driving real risk reduction outcomes
• Embeds threat modelling, solutions architecture, secure code review into product and application teams so they adopt our control products and create products that are secure from the start
• Evaluate current cybersecurity principals, processes, and controls, and new technology using existing standards and frameworks
• Provide technical guidance and direction to support the business and its technical teams, contractors, and vendors
• Work with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
• Serve as a function-wide subject matter expert; Be recognized in your product as the clear point of escalation and subject matter expert for IT Risk and Cyber domains
• Proactively monitor Key Risk Indicators to ensure issues are identified, quantified, communicated, and managed in a timely manner, including recommendations for resolution and identifying the root cause/key themes
• Contribute to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Secure Software Development Life Cycle
• Influence peers and project decision-makers to consider the use and application of leading-edge technologies
• Work collaboratively with product, technology, and business colleagues on an on-going basis for business-as-usual audit and regulatory engagements, risk activities and project initiatives

Required qualifications, capabilities, and skills

• Formal training or certification on Cybersecurity Architecture concepts and 5+ years applied experience. In addition, demonstrated coaching and mentoring experience
• Advanced knowledge of cybersecurity architecture/engineering, applications, and technical processes
• Advanced in one or more programming languages such as Java, Python, or C++
• Hands-on practical experience delivering enterprise level planning, design, and implementation of enterprise-level security solutions and controls related to:
  • Modern Security Engineering/Architecture practices (microservices, containers, orchestration, continuous integration & delivery pipelines, API first, service delivery & integration)
  • Technical Service Delivery - Shipping code & features
  • Product technologies (i.e., Infrastructure, Application)
  • Secure Software Development Life Cycle (SSDLC) including code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning
• Applicable working experience designing and implementing cloud services (IaaS, PaaS, SaaS, etc.) offered from public cloud service providers such as AWS, Microsoft Azure, or Google Cloud Platform
• Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
• Able to communicate effectively and authoritatively with technical and non-technical stakeholders.

• Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect)
• Experience in financial services consumer businesses (i.e., Mortgages, Cards or Digital) preferred but not required
• Banking experience preferred but experience in industries with similar risk tolerance is acceptable