Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

JPMorgan Senior Lead Security Engineer - Cloud 
United States, Ohio, Columbus 
729746127

15.09.2024

Job responsibilities

  • Support the execution and enhancement of a long term information risk and control strategy designed to keep the information assets of the public cloud secure.
  • Lead cloud infrastructure platform security review and threat modelling, including code reviews
  • Deliver risk based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components.
  • Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures.
  • Contribute to documentation and agile processes in support of security programs.
  • Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, IAM and network security.
  • Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs
  • Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability
  • Be responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events
  • Adds to team culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills

  • Formal training or certification on security engineering concepts and 5+ years applied experience developing, engineering or architecting within a public cloud environment.
  • Skilled in planning, designing, and implementing enterprise-level security solutions
  • Experience following agile practices like Test Driven Development (TDD) and Behavior Driven Development(BDD)
  • Experience engineering with Terraform or infrastructure-as-code and Understanding of DevOps or CI/CD concepts
  • Advanced in one or more programming languages
  • Advanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.)
  • Ability to tackle design and functionality problems independently with little to no oversight
  • Practical cloud native experience (i.e. AWS, Azure and/or GCP)
  • Eagerness to collaborate in a team, and comfortable in both virtual and office environments
  • Self-disciplined, self-managed, self-motivated and strong sense of ownership, urgency, and drive
  • Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders

Preferred qualifications, capabilities, and skills

  • Leadership experience would be advantageous
  • Extensive experience with threat modeling, discovery, vulnerability, and penetration testing
  • Familiarity with Cloud Security Posture Management (CSPM) products (i.e. Wiz, Prisma Cloud, CloudGuard, Orca Security, CrowdStrike Falcon Cloud Security, MS Defender…)
  • Accreditation/Certifications:
    • AWS Certified Practitioner/Cloud Engineer/Software Development Engineer/Cloud Security Engineer/Cloud Security Architect/Application Architect
    • Google Certified Professional Cloud Security Engineer and/or Microsoft Certified: Azure Security Engineer Associate
    • CISSP