JPMorgan Lead Cybersecurity Architect - PCI Compliance Card Services 

United States, Texas, Plano 

343761436

Job responsibilities

• Architect and implement secure software solutions that comply with PCI DSS requirements, focusing on building robust and scalable systems.
• Design and develop security controls and mechanisms specifically tailored to protect cardholder data and ensure PCI DSS compliance.
• Collaborate with development teams to integrate security best practices into the software development lifecycle, ensuring PCI compliance from the ground up.
• Engage technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs for PCI-compliant software products.
• Define the technical target state of cybersecurity products and drive the achievement of the strategy for secure software solutions.
• Works with Business Assessment Lead & control owners to define functional scope (tools, processes, etc.)
• Proactively monitor Key Risk Parameters to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps.
• Identify opportunities to eliminate or automate remediation of recurring issues to improve the overall cybersecurity of software applications.
• Lead evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture.
• Lead communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies.
• Contribute to a team culture of diversity, equity, inclusion, and respect.

Required qualifications, capabilities, and skills

• Formal training or certification on software engineering concepts and 5+ years of applied experience in cybersecurity architecture.
• Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls, specifically for PCI-compliant software and products.
• Experience with Prior QSA, ISA, or OSA.
• Hands-on in one or more programming languages (i.e Java, Python, C/C++…)
• Proficient in automation and continuous delivery methods
• Proficient in all aspects of the Software Development Life Cycle​
• Understanding of agile methodologies such as continuous integration and delivery, application resiliency, and security​
• Demonstrated proficiency in software applications and technical processes within a technical discipline (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
• In-depth knowledge of the financial services industry and their IT systems
• Practical cloud native experience (i.e. AWS, Azure, GCP)
• Ability to evaluate current and emerging technologies to recommend the best solutions for the future state architecture
• Experience effectively communicating with senior business leaders.

Preferred qualifications, capabilities, and skills

• PCI Security Standards Council Certifications
  • Internal Security Assessor (ISA)
  • PCI Point-to-Point Encryption (P2PE) Assessor
  • PCI Forensic Investigators (PFIs)
  • Qualified Security Assessor (QSA)
  • Secure Software Assessor (SSA)
  • Secure Software Lifecyle (Secure SLC) Assessor
  • 3DS Assessor