JPMorgan Sr Lead Security Engineer 

United States, Texas, Plano 

939776720

As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity and Technology Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

Job responsibilities

• Design, develop, integrate, and maintain custom, data-driven security posture and vulnerability management solutions within the enterprise environment.
• Collaborate with other software engineering teams as necessary to integrate security products and workflows in Java, Python, PowerShell, and other languages.
• Lead or support vulnerability management efforts, including tooling and workflow automation.
• Develop and implement security and risk scoring strategies to guide remediation efforts.
• Conduct security assessments and provide remediation guidance to various teams.
• Identifies and implements tools and processes to allow efficient sharing of data and information to promote business agility while ensuring regulatory compliance
• Evaluates and proposes new security-related products and services
• Assists with forensic analysis of security incidents
• Continually assesses new trends in technology and determines implications on the overall security control process
• Drives security engineering thought leadership within the product line
• Champions the firm’s culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills

• Formal training or certification on software engineering concepts and at least 5 years applied experience
• Experience developing security engineering solutions for public cloud-based applications and infrastructure
• Experience applying expertise and new methods to determine net new solutions for complex technology problems in one or more technical disciplines
• Fluent in one or more scripting languages such as Python, PowerShell, or equivalent.
• Good working knowledge of Microsoft Active Directory and EntraID.
• Experience with ServiceNow, Atlassian Jira, or other security workflow/incident management tools and API integrations.
• Experience integrating vulnerability management tools and processes programmatically.
• Awareness of data management, refinement, and enrichment techniques and implementation strategies
• Strong knowledge of cybersecurity architecture, applications, and technical processes with focus in one or more technical disciplines (e.g., IAM, Data Engineering, etc.)
• Some experience with threat modeling preferred

Preferred qualifications, capabilities, and skills

• Strong understanding of graphing databases (Neo4J, GraphDB, etc.)
• Experience in red/blue/purple teaming or adversary emulation/defense tooling is a significant advantage
• Relevant certifications (e.g., CISSP, CEH, OSCP) are a plus.