Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the Global Architecture and Engineering, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.
Job responsibilities
- Lead the evaluation and implementation of cybersecurity principles, processes, and controls, guiding technology assessments using established security standards and patterns.
- Provide cybersecurity architecture and guidance to support business and regulatory requirements.
- Develop and maintain a comprehensive cybersecurity reference architecture.
- Serve as a subject matter expert in cybersecurity, offering expertise to technology teams and business partners.
- Conduct security assessments, threat modelling, and technical risk assessments on design proposals from technical teams.
- Advocate for firmwide frameworks, tools, and practices within the secure Software Development Life Cycle.
- Influence technology decisions by introducing improvements in implementation patterns and architectural design.
- Ensure the security of modern technologies such as public cloud, AI/ML, mobile, etc.
- Manage project priorities, deadlines, and deliverables, ensuring timely security design and implementation.
- Partner with Global Technology and other teams to oversee security design and implementation.
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification in architecture concepts and 5+ years of applied experience.
- Background in infrastructure, system administration, and secure software development lifecycle is desired.
- Experience in security products, risk management, information security standards, security architecture principles, threat and vulnerability management, including incident response methodologies.
- Advanced proficiency in one or more programming languages or scripts.
- Advanced knowledge of cybersecurity architecture, applications, and technical processes, with considerable in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.).
- Advanced knowledge of enterprise networking and network security controls.
- Understanding of Identity and Access Management systems and processes in an enterprise environment, familiar with Federated Identity Management, SSO, OAuth, SAML, AD & ADFS, Privileged Access Management, RBAC, etc.
- Ability to tackle design and functionality problems independently with little to no oversight.
Preferred qualifications, capabilities, and skills
- Excellent verbal and written communication skills and the ability to interact professionally with a diverse group, executives, managers, and subject matter experts.
- Understand information security and risk management challenges, issues mitigations and remediation in a multi-national enterprise environment.
- Experience in leadership, either by directly managing teams or through mentorship.
- Strong interpersonal skills; excellence in customer service
- Ability to explain and champion security concepts.