Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

JPMorgan Senior Lead Cybersecurity Architect 
Singapore 
84812713

Yesterday

Job responsibilities

  • Engages (hands-on) in managing endpoint security for the entire JPMC's server estate which powers some of the most innovative business applications in the financial industry globally
  • Utilizes a deep understanding of the threat landscape and risk to build security into products and new features
  • Partners with and advise engineering, product, and risk teams on security best practices and help shape the endpoint security strategy for the firm
  • Works with vendors to escalate problems and receive timely resolutions
  • Enables product strategy and keep the firm safe by analyzing complex data systems, anticipating problems, and finding ways to mitigate risk
  • Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
  • Defines the technical target state of their cybersecurity product and drives achievement of the strategy
  • Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems
  • Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
  • Leads communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies

Required qualifications, capabilities, and skills

  • Bachelor’s degree in Computer Engineering or equivalent.
  • Formal training or certification on cybersecurity architecture concepts and 5+ years applied experience
  • Solid experience in managing endpoint security in enterprise environments (Managing Anti-Virus, EDR, Creating and reviewing hardening baselines for Windows, Mac OS and Red Hat Linux servers, configuration drift management)
  • Good understanding of industry frameworks like MITRE ATT&CK, NIST, CIS etc.
  • Hands-on experience with infrastructure attacks, including familiarity with red teaming techniques, tradecrafts and tools.
  • Ability to make informed decisions related to risks, exclusions and assess scenarios from an attack-centric approach
  • Demonstrable development/scripting/automation experience in at least one of Java, Python, Go, PowerShell
  • Ability to lead and drive meetings with global teams when there is a need
  • Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls
  • Proficiency in automation and continuous delivery methods

Preferred qualifications, capabilities, and skills

  • Offensive Security skills such as Penetration Testing and/or Security certifications from reputed bodies
  • Knowledge in public cloud environments such as AWS and any relevant certifications
  • Prior experience in Threat Modeling
  • Experience with usage of SIEM tools
  • Thorough knowledge of network protocols
  • Willingness to learn and drive to excel