DescriptionYour seniority as a security engineer puts you in the ranks of the top talent in your field. Play a critical role at one of the world's most iconic financial institutions where security is vital.
As a Security Engineer III at JPMorgan Chase within the Cybersecurity and Technology Controls line of business, you serve as a seasoned member of a team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Carry out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions in support of the firm’s business objectives
Job responsibilities
- Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures and applies specialized tools to analyze, correlate, identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities
- Support the execution and enhancement of a long-term information risk and controls strategy designed to keep the information assets of the public cloud secure
- Deliver threat models and risk-based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components
- Perform security reviews of infrastructure-as-code for cloud platform development
- Develop preventive and detective controls to enforce control requirements
- Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, infrastructure access management, and network security
- Executes security solutions design, development, and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e.g., product, platform, application owners)
- Applies specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification on security engineering concepts and 3+ years applied experience
- Experience in developing security engineering, and architecting solutions within public cloud technologies
- Experience with threat modeling
- Knowledge of cloud security posture management (e.g., Wiz, Prisma Cloud, Crowd Strike Falcon Cloud Security, etc.) and experience engineering with infrastructure as code (e.g., Terraform, Cloud Formation, etc.)
- Ability to convey complex security concepts to technical stakeholders
- Cloud native experience (e.g., AWS, Azure, or Google cloud)
- Experience developing security engineering solutions
Preferred qualifications, capabilities, and skills
- Cybersecurity certifications (i.e., Security, CEH, CCSP, GSEC, etc.)
- Cloud certifications would a plus (e.g., AWS, Azure, or GCP)