JPMorgan Senior Lead Security Engineer 

United States, Texas, Plano 

546004032

As a Senior Lead Security Engineer at JPMorgan Chase within Cybersecurity and Tech Controls, you play a crucial role in meeting pre-defined functional and user requirements while also ensuring the prevention of misuse, circumvention, and malicious behavior. Your technical expertise and problem-solving skills will be instrumental in addressing a wide range of cybersecurity challenges across various technology domains, thereby promoting significant business impact.

Job responsibilities

• Design and implement secure provisioning, attestation, and verification processes across the hardware and firmware lifecycle
• Collaborate with silicon vendors, OEM partners, and internal teams to validate trust anchors and lifecycle events
• Contribute to architecture and tooling that supports device integrity verification, secure boot enforcement, and firmware transparency
• Build workflows for firmware and hardware telemetry ingestion, anomaly detection, and audit reporting
• Participate in internal and partner-side supply chain threat modeling, security reviews, and mitigation design
• Maintain awareness of evolving supply chain threats, secure hardware standards, and low-level vulnerability classes
• Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs
• Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability
• Be responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events
• Adds to team culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills

• Formal training or certification on software engineering, computer science, or data science concepts and 5+ years applied experience
• Strong background in security engineering, hardware/firmware systems, or supply chain risk mitigation.
• Deep knowledge of firmware architectures (UEFI, BIOS, BMC, NVMe, etc.).
• Familiarity with open-source firmware projects (e.g., coreboot, U-Boot, OpenBMC).
• Experience with cryptographic primitives used in attestation (e.g., ECC, SHA, PCRs, X.509).
• Proficient in Go, Rust, or C/C++ for low-level systems development.
• Understanding of SBOM, firmware signing, and secure boot workflows.
• Practical knowledge of threat vectors at the silicon/firmware interface.
• Experience implementing secure supply chain workflows.

Preferred qualifications, capabilities, and skills

• Prior Financial Industry experience a plus