Sr Lead Security Engineer

JPMorgan Chase JPMorgan Chase · Banking · Plano, TX +1 · Corporate Sector

Senior Lead Security Engineer at JPMorgan Chase focused on integrating and validating AI capabilities within security engineering workflows, including threat assessment and risk analysis, while ensuring data sensitivity and adherence to security and auditability expectations. The role involves developing secure code, providing technical guidance, and applying deep technical expertise to cybersecurity challenges.

What you'd actually do

  1. Applies reuse-first, AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation, ensuring traceability/auditability and alignment to resiliency and security expectations.
  2. Uses enterprise-authorized AI capabilities within the work environment to accelerate security risk analysis and documentation (e.g., synthesizing threat assessments), validating outputs and ensuring sensitive data is handled appropriately.
  3. Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
  4. Develops secure and high-quality production code, and reviews and debugs code written by others
  5. Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs

Skills

Required

  • cloud service development & integration
  • OAuth
  • SAML
  • API security
  • identity federation
  • building high performance API first services
  • integrating tooling
  • planning, designing, and implementing enterprise-level security solutions
  • system design
  • application development
  • testing
  • operational stability
  • C#
  • C++
  • Go
  • Python
  • Java
  • software application development
  • technical processes
  • cloud
  • artificial intelligence
  • machine learning
  • mobile
  • threat modeling
  • discovery
  • vulnerability
  • penetration testing
  • HTTP/HTTPS protocols
  • SSL/TLS inspection
  • traffic interception
  • API gateway patterns
  • enterprise-authorized AI capabilities within the work environment
  • security engineering workflows
  • validation habits
  • data sensitivity
  • review and validate AI-assisted security recommendations

Nice to have

  • SSE
  • CASB
  • SIEM
  • API Gateway Development
  • custom proxy or VPM development

What the JD emphasized

  • AI-assisted practices
  • enterprise-authorized AI capabilities
  • security risk analysis
  • validating outputs
  • data sensitivity
  • security engineering workflows
  • review and validate AI-assisted security recommendations
  • security, resiliency, and auditability expectations