Lead Security Engineer

Job Description
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls, and resiliency teams. The team focuses on cybersecurity in Public Clouds. We proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls in Public Cloud Environments.

Lead Security Engineer
As a Lead Security Engineer within the Cybersecurity & Technology Controls group, you will help build solutions relating to Cloud Environment Governance and Protection, Auditing, Monitoring, Remediation, and Reporting. You will develop software solutions to ensure a secure Public Cloud environment and implement sufficient controls to safeguard and protect resources in Public Clouds.

Job Responsibilities

Engage and improve the whole lifecycle of services - from inception and design through deployment, operation and refinement

Develop and build solutions relating to Cloud Environment Governance and Protection, Auditing, Monitoring, Remediation and Reporting

Design, develop and improve services to scale as the firm's cloud usage grows

Develop, test, deploy, maintain and enhance software/tooling solutions

Manage individual project priorities, deadlines and deliverables

Conduct system design and code reviews, ensuring adherence to best practices and security standards.

Champion engineering and operational excellence across cloud security initiatives.

Lead stakeholder engagement, communicate technical designs, and secure buy-in for security solutions.

Mentor and guide junior engineers, fostering a culture of continuous learning and improvement.

Required Qualifications, Capabilities And Skills

Bachelor’s degree in Computer Science or related field, or equivalent practical experience.

Extensive experience architecting and developing cloud-native security solutions using GCP services (e.g., IAM, Cloud Security Command Center, VPC, Cloud Functions, BigQuery, Eventarc, Pub/Sub etc.).

Strong proficiency in Infrastructure as Code (IaC) tools, especially Terraform (GCP modules).

Experience developing enterprise-grade software, with proficiency in Python and other relevant languages.

Hands-on experience with CI/CD pipelines and tools (e.g., GitHub, Jenkins) in cloud environments.

Deep understanding of cloud security best practices, compliance frameworks, and risk management in GCP.

Experience with Agile development methodologies.

Excellent verbal and written communication skills, with the ability to articulate complex technical concepts to diverse audiences.

Proven ability to conceptualize, design, validate, and implement innovative solutions to complex security challenges.

Demonstrated ability to quickly learn and adapt to new cloud architectures and technologies.

Analytical skills to interpret system metrics and data for actionable insights.

Strategic thinker with a focus on long-term technical health and minimizing future tech debt.

Ability to work independently and collaboratively, building strong relationships across teams.

Preferred Qualifications, Capabilities And Skills

Advanced knowledge of cybersecurity principles and practices.

Experience with other public cloud platforms (AWS, Azure) is a plus.

Hands-on experience with container security (Kubernetes, GKE).

Relevant cloud certifications, such as Google Professional Cloud Security Engineer, Google Professional Cloud Architect, or AWS/Azure equivalents.

About Us
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

About The Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.

#J-18808-Ljbffr