JPMorgan Lead Security Engineer - AWS Cloud 

United States, Ohio 

416904508

As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity and Technology Controls organization, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

Job responsibilities

• Executes creative security solutions, design, development, and technical troubleshooting with the ability to think beyond routine or conventional approaches to build solutions and break down technical problems
• Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures
• Applies specialized tools to analyze, correlate, identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities
• Support the execution and enhancement of a long-term information risk and controls strategy designed to keep the information assets of the public cloud secure
• Deliver threat models and risk-based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components
• Perform security reviews of infrastructure-as-code for cloud platform development
• Develop preventive and detective controls to enforce control requirements
• Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, infrastructure access management, and network security
• Adds to team culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills

• Formal training or certification on security engineering concepts and 5+ years of applied experience
• Skilled in planning, designing, and implementing enterprise level security solutions.
• Experience with threat modeling, discovery, vulnerability, and penetration testing
• Expertise in AWS public cloud
• Proficiency in cloud security posture management (e.g., Wiz, Prisma Cloud, Crowd Strike Falcon Cloud Security, etc.)
• Experience engineering with infrastructure as code (e.g., Terraform, Cloud Formation, etc.)
• Solid understanding of agile methodologies such as DevOps, CI/CD, application resiliency, and security
• Strong analytical and evaluation skills to identify and address security challenges effectively with both technical and non-technical stakeholders at many levels within and outside of the firm

Preferred qualifications, capabilities, and skills

• Certifications in AWS, Azure, and/or Google Cloud.
• Cybersecurity certifications (i.e., CISSP, CEH, CCSP, GSEC, etc.)