Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

JPMorgan Lead Security Engineer - Vulnerability Management 
United States, Ohio 
613693692

23.11.2024

Job responsibilities

  • Deploy, configure, and manage vulnerability scanning tools to ensure comprehensive security assessments across on-premise and cloud environments.
  • Develop and maintain firewall rules and access requests to facilitate secure and efficient scanning operations.
  • Execute creative security solutions, design, development, and technical troubleshooting with the ability to think beyond routine or conventional approaches to build solutions and break down technical problems.
  • Develop secure and high-quality scripts and automation tools to enhance the efficiency and effectiveness of vulnerability scanning processes.
  • Minimize security vulnerabilities by following industry insights and governmental regulations to continuously evolve security protocols, including creating processes to determine the effectiveness of current controls.
  • Work with stakeholders and business leaders to understand security needs and recommend business modifications to the vulnerability management program.
  • Add to team culture of diversity, equity, inclusion, and respect.

Required qualifications, capabilities, and skills

  • Formal training or certification on software engineering concepts and 5+ years applied experience developing security engineering solutions.
  • Experience with deploying, configuring, and managing vulnerability scanning tools in both on-premise and cloud environments.
  • Strong networking skills, including knowledge of firewall configurations and network protocols.
  • Experience with automation tools and frameworks to streamline vulnerability management processes.
  • Proficient in all aspects of the Software Development Life Cycle
  • Advanced understanding of agile methodologies such as CI/CD, Application Resiliency, and Security.
  • Experience with threat modeling, discovery, vulnerability, and penetration testing.
  • Skilled in planning, designing, and implementing enterprise-level security solutions.

Preferred qualifications, capabilities, and skills

  • Experience effectively communicating with senior business leaders.Familiarity with both on-premise and cloud-based security architectures.
  • Experience with security compliance frameworks and standards, such as PCI-DSS, ISO 27001, and NIST.
  • Strong understanding of network security principles and practices.
  • Knowledge of secure coding practices and secure software development lifecycle (SDLC). Ability to work collaboratively in a team environment and contribute to a culture of diversity, equity, inclusion, and respect.
  • Certifications such as CISSP, CEH, or GIAC are a plus.