Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

JPMorgan Lead Security Engineer 
United States, Texas, Plano 
639682590

21.09.2024

As a Lead Security Engineer at JPMorgan Chase within the Cyber Security and Tech Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

Job responsibilities

  • Manage the creation and maintenance of Governance & Control and Assessment's breaks and remedies to keep them evergreen and ensure alignment with industry leading practices and regulatory requirements
  • Drive a risk mitigating culture to proactively identify, assess, and manage inherent risks within technology and services .Communicate risk and control management reports to key stakeholders on a timely basis
  • Provide leadership and advice on material remediation activities, ensuring appropriate resolution of issues, action plans, breaks and remedies and support the closure verification process
  • Leverage data analytics, conduct trend analysis to identify thematic issues, determine root causes, and design sustainable control improvements with Product, Technology & Architecture teams, including process enhancements and use of automated data collection techniques. Facilitate SDLC pre-implementation control design reviews
  • Executes standard security solutions in accordance with existing playbooks to satisfy security requirements for internal clients (e.g., product, platform, and application owners)
  • Applies specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize probability and impact of threats when determining specific vulnerabilities . Supports delivery of continuity-related awareness, training, educational activities, and exercises

Required qualifications, capabilities, and skills

  • Formal training or certification on security engineering concepts and 5+ years applied experience.
  • Basic experience developing security engineering solutions
  • Able to contribute to in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation
  • Ability to communicate oral and written ideas in a clear, concise manner, at all levels of the organization
  • Detail oriented self-starter with strong conceptual, analytical, decision making, planning, time management and prioritization skills
  • Experience across the whole Software Development Life Cycle . Exposure to agile methodologies such as CI/CD, application resiliency, and security
  • Working knowledge of information and network security, IT risk management, and architectural concepts and patterns
  • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity

Preferred qualifications, capabilities, and skills

  • Knowledge of controls associated with the key infrastructure capabilities, such as but not limited to:
    • Network perimeters and firewall security configuration
    • System hardening standards and configuration monitoring
    • Remote and local network access management
    • Authentication and Authorization protocols and implementations