Lead Cybersecurity Architect - Collab & Comms Product Security

Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.

As a Lead Cybersecurity Architect at JPMorgan Chase within the Collab & Comms Product Security Team, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various a broad range of Employee Platforms products and applications. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.

Job responsibilities

• Guides the evaluation of current cybersecurity principles, processes, and controls, and leads the assessment of new technology using existing standards and frameworks
• Independently performs analysis and develops reports to identify security risks to protect data, applications, and infrastructure using modern tools
• Conducts security reviews and produces threat models
• Regularly provides technical guidance and direction to support the business and its engineering teams, product managers and vendors 
• Works with stakeholders and senior leaders to recommend actions to mitigate vulnerabilities and uplift application, platform or tooling security maturity
• Serves as function-wide subject matter expert in one or more areas of product security
• Influences peers and project decision-makers to consider the use and secure deployment of leading-edge technologies and patterns
• Adds to team culture of diversity, equity, inclusion, and respect 

Required qualifications, capabilities, and skills

• Formal training or certification in cybersecurity (e.g., CISSP, CISM, CEH) and 5+ years applied experience across one or more functional product security areas (e.g. threat modeling, vulnerability assessments, encryption, IAM, SDLC, API security, Zero Trust)
• Familiarity across a range of security frameworks and guidelines (e.g. OWASP, NIST, ISO, MITRE) and experience reconciling design documentation and architecture with applicable industry standards and best practices
• Hands-on practical experience delivering enterprise level cybersecurity solutions and controls 
• Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., SaaS, Public Cloud, AI/ML/LLMs, tooling design/development, containerization, DevSecOps, Microservice Architecture)
• Intermediate familiarity with at least one programming language
• Ability to tackle design and functionality problems independently with little to no oversight 
• Ability to evaluate current and emerging technologies to select or recommend the best solutions for future state architecture & enterprise integrations
• Proven experience leading projects from scoping to delivery

Preferred qualifications, capabilities, and skills

• Ability to concisely present and communicate complex technical topics to a wide array of stakeholders
• Experience and/or advanced knowledge of architecture, applications, and technical processes as it relates to enterprise scale applications, tooling and or platform security
• Skill to navigate ambiguous and/or undefined complex problems and develop technical solutions to align security with business objectives.