JPMorgan Cloud Lead Security Engineer - Greenfield Project 

United Kingdom, England, London 

952253056

As a Cloud Security Engineer at JPMorgan Chase within the Global Banking Platform, you will be a key member of our team. Your role will involve delivering software solutions that meet pre-defined functional and user requirements, with an added focus on preventing misuse, circumvention, and malicious behaviour. You will be responsible for implementing critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions, all in support of the firm's business objectives.

Job Responsibilities

• Provide security expertise and mentorship to engineering teams through the stages of planning, design, and testing of new solutions.
• Co-develop threat models with engineering teams that identify relevant threats and relevant strategies for mitigation
• Design and build cloud native preventative and detective controls that operate at scale
• Build and maintain automation to actively audit and assess infrastructure-as-code and in-place infrastructure
• Develop (in code) security tooling, contribute to third-party security products, and develop updates for existing tooling that is in use in our environment
• Work with cloud engineering and operations teams to develop tooling that maintains our secure operating state in production
• Perform security reviews and security testing
• Contribute to the overall security strategy, security tooling selection and creation
• Operate collaboratively with other internal teams with trust and influence

Required qualifications, capabilities and skills

• Formal training or certification on security engineering concepts and applied experience
• Familiarity with building and deploying containerised applications in public cloud using CI/CD frameworks and infrastructure automation
• Knowledge of cloud networking architecture, cloud operations, security, automation and orchestration
• Familiarity with performing security threat modelling and design reviews
• Knowledge of security in distributed systems
• Familiarity with good security practices with containers and Kubernetes
• Experience with languages such as Go, Python, or other modern programming languages
• Coding experience in the creation, automation, and integration of security tools
• Experience in version control systems such as Git
• Experience with designing, developing, and maintaining security in public cloud environments such as AWS and GCP
• Strong interpersonal and communication skills to support collaboration with other personnel and teams

Preferred qualifications, capabilities and skills

• Existing experience building and operating distributed systems at scale
• Awareness and experience with well-architected cloud security frameworks
• Contributions to the security community (public research, blogging, presentations, etc)
• Experience in performing web application penetration testing and security tooling
• Experience developing tools and interacting with cloud provider APIs.