JPMorgan Security Engineer III - AWS Cloud 

United States, Texas, Plano 

223506549

Job responsibilities

• Executes security solutions designing, developing, and technically troubleshooting - with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e.g., product, platform, application owners)
• Creates secure and high-quality production code and maintains algorithms that run synchronously with appropriate systems
• Supports the execution and enhancement of a long-term information risk and controls strategy, designed to keep the information assets of the public cloud secure
• Applies specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities
• Delivers threat model and risk-based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components
• Performs security reviews of infrastructure-as-code for cloud platform development
• Interface with wider CTC teams, ensuring the platform integration with security operations, threat intelligence, infrastructure access management, and network security
• Leads delivery of continuity-related awareness, training, educational activities, and exercises
• Adds to team culture of diversity, opportunity, inclusion, and respect

Required qualifications, capabilities, and skills

• Formal training or certification on security engineering concepts and 3+ years applied experience
• Experience developing security engineering solutions
• Expertise in AWS public cloud
• Proficient in cloud security posture management (e.g., Wiz, Prisma Cloud, Crowd Strike Falcon Cloud Security, etc.) coding in one of more languages
• Experience engineering with infrastructure as code (e.g., Terraform, Cloud Formation, etc.)
• Solid understanding of agile methodologies such as DevOps, CI/CD, application resiliency, and security
• Strong analytical and evaluation skills to identify and address security challenges effectively with both technical and non-technical stakeholders at many levels within and outside of the firm

• Solid understanding of agile methodologies such as CI/CD, application resiliency, and security

• Certifications in AWS, Azure, and/or Google Cloud
• Cybersecurity certifications (i.e., CISSP, CEH, CCSP, GSEC, etc.)