As a Senior Lead Cybersecurity Architect at JPMorgan Chase within Cybersecurity and Technology Controls organization supporting Chase UK and JPMorgan Personal Investing, you will be an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products.
Job responsibilities
- Cultivate a security culturewith your product technology and business colleagues by performing secure design reviews and threat modelling with application teams so they adopt our control products and create products that are secure by design.
- Know your productacross its breadth and depth. Be fluent in your product's strategy and roadmap as well as its key investment programs. Identify unfamiliar technology components, capabilities, and business concepts and be self-motivated to learn all about them, applying critical thinking to identify hidden issues along the way.
- Learn from your peers in product and cybersecurity teams and share best practice in both directions. Be recognized in your product as the clear point of escalation and subject matter expert for Cybersecurity and Technology Controls.
- Partner and influence across your product's supply chain. Work collaboratively with product, technology, and business colleagues on an on-going basis for business-as-usual audit and regulatory engagements, risk activities and project initiatives. Work closely with Third Party Oversight teams to ensure effective technology risk management of vendors engaged by technology partners, with a focus on Cloud computing / emerging technologies.
Required qualifications, capabilities, and skills:
- Ability to design and implement effective cybersecurity and technology controls
- Subject matter expert-level knowledge of Google Cloud Platform, Azure, and/or AWS with how controls are applied to secure data and maintain availability.
- Good knowledge of cloud services such as PaaS, IaaS, and SaaS and Kubernetes solutions (e.g., Anthos, AKS, EKS, etc.).
- Experience with cloud security posture management and cybersecurity vulnerability management.
- Knowledge of security best practices and DevSecOps methodologies.
- Good understanding of network security, network design, firewalls, etc.
- Experience with authorization and authentication implementation and best practices.
- Strong written and verbal communication skill
