Lead Software Engineer - Security Analyst

We have an opportunity to impact your career and provide an adventure where you can push the limits of what's possible.

As a Lead Software Engineer at JPMorgan Chase within Asset and Wealth Management as a part of 55ip, you will be responsible for designing and implementing processes and tools to safeguard the firm's computing environment. Your role involves creating action plans, mitigating risks, and resolving control issues, providing you with valuable insights into the complex risk and regulatory landscape of today. Collaborating with our Cybersecurity and Technology Controls (CTC) team, you will lead innovative efforts to enhance our operations.

• Keeps informed about the latest trends in information technology and security standards and ensures timely communication and management of AO communications
• Identifies and tracks action items that have been raised through FARM findings, breaks logged within ‘CORE’ and all other JPMC platforms. Ensure all identified issues are investigated and remediated in a timely manner
• Collaborates with various teams to implement good security practices, assist with audits and tests to ensure compliance with JPMC control procedures/control objectives
• Proactively monitors Key Rick Indicators (KRIs) to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps
• Initiates and collaborates with key stakeholders to conduct privileged access reviews periodically
• Supports key initiatives within the organization through notifications in AO Comms
• Validates and approves access requests through systems such as RSAM and future replacement
• Ensures timely certification of backup policies to ensure Retention Policies are adhered to and removing non-compliant backups where required
• Manages the prompt execution of vulnerability assessment reports and penetration tests. Review and assess any violations of security and network vulnerabilities and offer training and guidance to prevent recurrence of findings
• Certifies through the removal of old Functional Accounts and plans for Disaster Recovery on an annual basis and create plans in the event of any security breaches

• Formal training or certification on software engineering concepts and 5+ years applied experience
• Experience in cybersecurity, information security, or technology controls, along with a Bachelor\'s degree in a relevant field
• Skilled in the cybersecurity and technology controls domain, with a good understanding of risk management and controls related to AWS Cloud, databases, and Python language
• Strong critical and strategic thinking abilities
• Excellent verbal, written, and interpersonal skills, with the ability to convey technical concepts to non-technical stakeholders
• Knowledge of the Wealth Management industry and cybersecurity regulations, relevant security frameworks (e.g., NIST, ISO 27001) and best practices
• Ability to work independently and as part of a team in a fast-paced environment
• Skilled in project management and presenting complex findings clearly
• Intellectually curious with a passion for learning new skills and capabilities