DescriptionPlay a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the cyber and tech controls line of business, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications on modern cloud-based technologies. As a core technical contributor, you are responsible for carrying out critical cybersecurity architecture solutions by identifying, creating, and communicating risk, mitigation options, and solutions across multiple technical areas within various business functions in support of project goals.
Job responsibilities
- Utilizes a deep understanding of the threat landscape and risk to build security into products and new features
- Partners with and advise engineering, product, and risk teams on security best practices and help shape the endpoint security strategy for the firm
- Works with vendors to escalate problems and receive timely resolutions
- Enables product strategy and keep the firm safe by analyzing complex data systems, anticipating problems, and finding ways to mitigate risk
- Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
- Defines the technical target state of their cybersecurity product and drives achievement of the strategy
- Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems
- Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
- Leads communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies . Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification on cybersecurity architecture concepts and 5+ years applied experience
- Good understanding of industry frameworks like MITRE ATT&CK, NIST, CIS etc.
- Hands-on experience with infrastructure attacks, including familiarity with red teaming techniques, tradecrafts and tools.
- Ability to make informed decisions related to risks, exclusions and assess scenarios from an attack-centric approach
- Ability to lead and drive meetings with global teams when there is a need
- Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls
- Proficiency in automation and continuous delivery methods
- Practical cloud native experience . Experience effectively communicating with senior business leaders
Preferred qualifications, capabilities, and skills
- Offensive Security skills such as Penetration Testing and/or Security certifications from reputed bodies
- Demonstrable development/scripting/automation experience in at least one of Java, Python, Go, PowerShell
- Knowledge in public cloud environments such as AWS and any relevant certifications
- Prior experience in Threat Modeling
- Thorough knowledge of network protocols
- Willingness to learn and drive to excel