Lead Cybersecurity Architect - Product Security

 

As a Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity & Technology Controls organization, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications on modern cloud-based technologies. As a core technical contributor, you are responsible for carrying out critical cybersecurity architecture solutions by identifying, creating, and communicating risk, mitigation options, and solutions across multiple technical areas within various business functions in support of project goals.

Job responsibilities

 

• Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
• Designs Threat Models for new, emerging, and modernizing technologies, leveraging cybersecurity threat intelligence, data flows, and residual risk analysis
• Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
• Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors 
• Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
• Serves as function-wide subject matter expert in one or more areas of focus  
• Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle 
• Influences peers and project decision-makers to consider the use and application of leading-edge technologies 
• Adds to team culture of diversity, equity, inclusion, and respect

 

Required qualifications, capabilities, and skills

 

• Formal training or certification on Cybersecurity Architecture concepts and 5+ years applied experience
• Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls
• Experience in large-scale or start up role in cybersecurity solutions architecting, controls management, and threat modeling
• Demonstrated experience in conducting code reviews with Architects and Software Engineers, with programming languages such as Java, Python, or C
• Proficiency in automation and continuous delivery methods and the Software Development Lifecycle
• Advanced understanding of agile methodologies such as continuous integration and delivery, application resiliency, and security​ 
• Demonstrated proficiency in software applications and technical processes within public cloud (AWS, Azure, GCP), Mobile, and Tokenization and Data protection in payments, travel, or rewards sectors
• Practical cloud native experience within AWS, Azure, or GCP
• Ability to evaluate current and emerging technologies to recommend the best solutions for the future state architecture
• Experience effectively communicating with senior business leaders

• Certified Information Security System Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), CompTIA Security+, ISACA
• Certified Information Security Manager
• In-depth knowledge of the financial services industry and their IT systems