JPMorgan Lead Security Engineer 

United States, Texas, Plano 

639682590

As a Lead Security Engineer at JPMorgan Chase within the Cyber Security and Tech Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

Job responsibilities

• Manage the creation and maintenance of Governance & Control and Assessment's breaks and remedies to keep them evergreen and ensure alignment with industry leading practices and regulatory requirements
• Drive a risk mitigating culture to proactively identify, assess, and manage inherent risks within technology and services .Communicate risk and control management reports to key stakeholders on a timely basis
• Provide leadership and advice on material remediation activities, ensuring appropriate resolution of issues, action plans, breaks and remedies and support the closure verification process
• Leverage data analytics, conduct trend analysis to identify thematic issues, determine root causes, and design sustainable control improvements with Product, Technology & Architecture teams, including process enhancements and use of automated data collection techniques. Facilitate SDLC pre-implementation control design reviews
• Executes standard security solutions in accordance with existing playbooks to satisfy security requirements for internal clients (e.g., product, platform, and application owners)
• Applies specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize probability and impact of threats when determining specific vulnerabilities . Supports delivery of continuity-related awareness, training, educational activities, and exercises

Required qualifications, capabilities, and skills

• Formal training or certification on security engineering concepts and 5+ years applied experience.
• Basic experience developing security engineering solutions
• Able to contribute to in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation
• Ability to communicate oral and written ideas in a clear, concise manner, at all levels of the organization
• Detail oriented self-starter with strong conceptual, analytical, decision making, planning, time management and prioritization skills
• Experience across the whole Software Development Life Cycle . Exposure to agile methodologies such as CI/CD, application resiliency, and security
• Working knowledge of information and network security, IT risk management, and architectural concepts and patterns
• Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity

Preferred qualifications, capabilities, and skills

• Knowledge of controls associated with the key infrastructure capabilities, such as but not limited to:
  • Network perimeters and firewall security configuration
  • System hardening standards and configuration monitoring
  • Remote and local network access management
  • Authentication and Authorization protocols and implementations