Lead Cloud Security Engineer

Full Job Description

JPMorgan Chase & Co.(NYSE: JPM) is a leading Functional financial services firm with assets of > $2 trillion and operations in more than 60 countries. The firm is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity.

The Cybersecurity & Technology Controls (CTC) group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm protected, stable and resilient.

This role is within the CTC Product Security team aligned to the firms Public Cloud platforms. As a Lead Cloud Security Engineer, your primary responsibility will be to ensure that Public Cloud is adopted in a secure and compliant manner. You will play an important role in identifying and managing risk related issues and actions with respective technology. You will have an eye for detail and an ability to see the big picture across security issues.

Responsibilities:

• Support the execution and enhancement of a long term information risk and control strategy designed to keep the information assets of the public cloud secure.
• Lead cloud infrastructure platform security review and threat modelling, including code reviews
• Deliver risk based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components.
• Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures.
• Contribute to documentation and agile processes in support of security programs.
• Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, IAM and network security.

Preferred Skills:

• Keen desire to understand and secure public cloud technology.
• Eagerness to collaborate in a team, and comfortable in both virtual and office environments.
• Self-disciplined, self-managed, self-motivated and strong sense of ownership, urgency, and drive.
• Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders.
• Ability to prioritize and work under stringent timelines.
• Familiarity with Cloud Security Posture Management (CSPM) products.
• AWS, Azure or Google Cloud certifications would be an advantage.
• Hands on experience of developing, engineering or architecting within a public cloud environment would be an advantage.
• Experience following agile practices like Test Driven Development (TDD) and Behaviour Driven Development(BDD) would be an advantage.
• Experience engineering with Terraform or infrastructure-as-code would be an advantage.
• Understanding of DevOps or CI/CD concepts would be an advantage.