JPMorgan Software Engineer II - Cloud Sec 

India, Karnataka, Bengaluru 

751020902

Job Responsibilities

• Design, write, implement, and review security controls for IaC frameworks (e.g., Terraform, CloudFormation) to ensure secure provisioning and management of cloud resources.
• Collaborate with development teams to integrate security best practices into the IaC and IaC pipelines.
• Develop and implement security controls for Kubernetes clusters, ensuring secure configuration, network policies, authentication, and authorization.
• Conduct regular vulnerability assessments and penetration tests on Kubernetes infrastructure and applications.
• Define and enforce security gates and best practices for continuous integration and continuous deployment (CI/CD) pipelines.
• Automate security checks and code analysis to identify and remediate vulnerabilities early in the development lifecycle.
• Participate in an on-call rotation for security incidents and respond to security events promptly.
• Conduct root cause analysis of security incidents, document lessons learned, and propose improvements to prevent future incidents.
• Assist in conducting security assessments, audits, and compliance reviews to ensure adherence to industry standards and regulatory requirements.
• Implement and maintain security monitoring and logging systems to detect and respond to security events in real-time.

Required Qualifications, Capabilities, and Skills

• Formal training or certification in Cloud Security Engineer concepts and 2+ years of applied experience.
• Strong knowledge of cloud security principles, best practices, and technologies (AWS).
• Hands-on experience with IaC frameworks (Terraform, CloudFormation) and configuration management tools.
• Proficiency in securing Kubernetes clusters, containerization, and microservices architectures.
• Familiarity with CI/CD pipelines, automated security testing, and secure code review practices.
• In-depth understanding of incident response methodologies, including detection, analysis, containment, and recovery.
• Experience with security audits, compliance frameworks, and regulatory requirements.
• Knowledge of network security, firewalls, IDS/IPS, and vulnerability management tools.
• Excellent analytical and problem-solving skills, with a keen attention to detail.

Preferred Qualifications, Capabilities, and Skills

• Proven experience interacting with major institutional Emerging investors.
• Experience with government bond obligations in the region.
• Bachelor's degree in Engineering, Finance, Math, or a related quantitative field.