Lead Security Engineer

Social network you want to login/join with:

Job Overview

As a Platform Engineer at JPMorgan Chase within the Platform SDLC team, you will be central to delivering innovative solutions to our customers. We value curiosity, collaboration, passion for technology, and a solution-oriented mindset, especially in fintech. You will work within specialized squads and have opportunities to move across different projects based on your strengths and interests.

We emphasize culture and diversity, believing that varied perspectives foster innovation and reflect the communities we serve. Your role will significantly impact our company, clients, and partners worldwide.

Role Description

Take on a key position in a high-performing team, delivering secure software solutions and shaping the future of software security at one of the world's leading financial institutions.

As a Lead Security Engineer within the Platform team, you will be vital in developing solutions that meet functional and user requirements while preventing misuse and malicious activities. You will carry out technical solutions with tamper-proof, audit-friendly methods across various business functions.

Job Responsibilities

1. Design and enforce security best practices across public cloud platforms (AWS, Azure, GCP).
2. Define and implement infrastructure as Code (IaC), CI/CD pipelines, and automation tools.
3. Integrate security testing (SCA, SAST, DAST) into CI/CD pipelines.
4. Conduct code reviews, threat modeling, and vulnerability assessments.
5. Develop production deployment strategies, thinking beyond routine approaches.
6. Create scripts and automation to enhance security operations, using Python or Go.
7. Collaborate with third-party vendors and internal teams effectively.
8. Update security protocols based on industry insights and regulations.
9. Evaluate security architecture and seek to optimize and automate security measures.
10. Work with stakeholders to understand security needs and suggest modifications during vulnerabilities.
11. Analyze current architecture and processes to improve security and simplicity.
12. Develop frameworks and tools for automated threat detection.
13. Harden security controls through testing and during deployments.
14. Assess technology risks, including cyber security and application threats (OWASP).
15. Build relationships with external teams and share knowledge for mutual benefit.

Minimum Qualifications

• Formal training or certification in Engineering or Cybersecurity, with 5+ years of experience in cloud engineering, DevOps, or similar roles involving enterprise software deployment to public clouds.
• Experience designing and implementing enterprise security solutions.
• Proficiency in scripting or programming languages for automation.
• Knowledge of the Software Development Life Cycle.
• Strong problem-solving skills and analytical thinking.
• Understanding of agile methodologies, CI/CD, resiliency, and security.
• Experience with Security Testing in CI/CD pipelines.
• Knowledge of Cloud Native Security, including Kubernetes and Docker.

Preferred Qualifications

• Cloud certifications focusing on GCP, such as Certified Solutions Architect or DevOps Engineer.
• Experience deploying enterprise software at scale.
• Ability to communicate effectively with senior leadership.