Cloud Security Engineer III - GCP

JPMorgan Chase & Co. (NYSE: JPM) is a top financial services firm with over $2 trillion in assets, operating in more than 60 countries. As a leader in investment banking and various financial services, the firm's Cybersecurity & Technology Controls (CTC) group partners with all business lines to enhance cybersecurity, access management, and controls. The CTC group focuses on enabling business operations while ensuring protection and resilience.

As a Cloud Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls (CTC) group, your primary responsibility will be to ensure that Public Cloud is adopted in a secure and compliant manner. You will play an important role in identifying and managing risk related issues and actions with respective technology. You will have an eye for detail and an ability to see the big picture across security issues.

• Support the execution and enhancement of a long term information risk and control strategy designed to keep the information assets of the public cloud secure.
• Deliver risk based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components.
• Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures.
• Perform security reviews of infrastructure-as-code for cloud platform development and participating in threat modelling activities.
• Contribute to documentation and agile processes in support of security programs.
• Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, IAM and network security.

• Formal training or certification on Information Security concepts and expanding applied experience.
• Eagerness to collaborate in a team, and comfortable in both virtual and office environments.
• Self-disciplined, self-managed, self-motivated and strong sense of ownership, urgency, and drive.
• Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders.
• Ability to prioritize and work under stringent timelines.

• Keen desire to understand and secure public cloud technology.
• AWS, Azure or Google Cloud certifications would be an advantage.
• Hands on experience of developing, engineering or architecting within a public cloud environment would be an advantage.
• Experience engineering with Terraform or infrastructure-as-code would be an advantage.
• Understanding of DevOps or CI/CD concepts would be an advantage.