Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

JPMorgan Lead Cybersecurity Architect - PCI Compliance Card Services 
United States, Texas, Plano 
343761436

03.08.2024

Job responsibilities

  • Architect and implement secure software solutions that comply with PCI DSS requirements, focusing on building robust and scalable systems.
  • Design and develop security controls and mechanisms specifically tailored to protect cardholder data and ensure PCI DSS compliance.
  • Collaborate with development teams to integrate security best practices into the software development lifecycle, ensuring PCI compliance from the ground up.
  • Engage technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs for PCI-compliant software products.
  • Define the technical target state of cybersecurity products and drive the achievement of the strategy for secure software solutions.
  • Works with Business Assessment Lead & control owners to define functional scope (tools, processes, etc.)
  • Proactively monitor Key Risk Parameters to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps.
  • Identify opportunities to eliminate or automate remediation of recurring issues to improve the overall cybersecurity of software applications.
  • Lead evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture.
  • Lead communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies.
  • Contribute to a team culture of diversity, equity, inclusion, and respect.

Required qualifications, capabilities, and skills

  • Formal training or certification on software engineering concepts and 5+ years of applied experience in cybersecurity architecture.
  • Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls, specifically for PCI-compliant software and products.
  • Experience with Prior QSA, ISA, or OSA.
  • Hands-on in one or more programming languages (i.e Java, Python, C/C++…)
  • Proficient in automation and continuous delivery methods
  • Proficient in all aspects of the Software Development Life Cycle​
  • Understanding of agile methodologies such as continuous integration and delivery, application resiliency, and security​
  • Demonstrated proficiency in software applications and technical processes within a technical discipline (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
  • In-depth knowledge of the financial services industry and their IT systems
  • Practical cloud native experience (i.e. AWS, Azure, GCP)
  • Ability to evaluate current and emerging technologies to recommend the best solutions for the future state architecture
  • Experience effectively communicating with senior business leaders.

Preferred qualifications, capabilities, and skills

  • PCI Security Standards Council Certifications
    • Internal Security Assessor (ISA)
    • PCI Point-to-Point Encryption (P2PE) Assessor
    • PCI Forensic Investigators (PFIs)
    • Qualified Security Assessor (QSA)
    • Secure Software Assessor (SSA)
    • Secure Software Lifecyle (Secure SLC) Assessor
    • 3DS Assessor