What you'd actually do

Lead the architecture, design, and documentation of complex Hardware Security Module and cryptographic infrastructure, ensuring alignment with business, resiliency, and security requirements

Uses enterprise-authorized AI capabilities within the work environment to accelerate security risk analysis and documentation (e.g., synthesizing threat assessments), validating outputs and ensuring sensitive data is handled appropriately.

Design and implement Hardware Security Module solutions, including deployment, configuration, integration, and full lifecycle management across Thales and FutureX platforms

Develop and maintain detailed architectural diagrams, system documentation, and operational runbooks to support operational excellence and knowledge continuity

Collaborate with cross-functional teams to define infrastructure standards, best practices, and security controls that align with firm-wide policies and industry regulations

Skills

Required

Formal training or certification on security engineering concepts
5+ years applied experience in security engineering
7 or more years of hands-on engineering experience with Hardware Security Modules
Expertise in architecture and system design of highly available infrastructure, disaster recovery, and business continuity strategies
Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity.
Proficient technical troubleshooting skills
Strong Linux and Unix administration experience in enterprise environments
Strong understanding of cryptographic principles, key management, confidential computing, and secure hardware operations
Hands-on experience with OpenSSL and certificate-based authentication mechanisms
Expertise in public cloud key management services and cloud-based Hardware Security Module solutions
Proficiency in designing and documenting infrastructure architectures using industry-standard tools and methodologies
Experience with infrastructure automation tools such as Terraform for managing and scaling secure environments
Ability to review and validate AI-assisted security recommendations before adoption, escalating uncertainty and ensuring outcomes align to security, resiliency, and auditability expectations.

Nice to have

Experience with network security, firewalls, and secure room operations and key ceremonies
Hands-on experience with Splunk or equivalent platforms for infrastructure monitoring and troubleshooting
Strong domain knowledge of payment processes and business resiliency applied to infrastructure design
Relevant Hardware Security Module platform certifications such as Thales or FutureX credentials
Familiarity with broader cybersecurity frameworks and their application to cryptographic and payment infrastructure environments
Ability to influence technical direction and drive alignment across organizational boundaries in a large, complex enterprise

Join a world-class cybersecurity team where your expertise in cryptographic infrastructure and secure hardware directly protects the financial systems trusted by millions of people around the globe.

As a Sr Lead Security Engineer at JPMorganChase within the Cybersecurity & Technology Controls team, you will play a pivotal role in designing, implementing, and maintaining secure, scalable, and resilient infrastructure solutions that support critical payment and cryptographic operations. You will bring deep expertise in Hardware Security Module management and infrastructure architecture to help safeguard the firm's most sensitive systems and data. This role offers the opportunity to work at the forefront of cryptographic security, collaborating with cross-functional teams across a global organization to define standards, drive innovation, and ensure business continuity. If you are passionate about security engineering and thrive in complex, high-stakes environments, this is your opportunity to make a lasting impact.

Job responsibilities

Lead the architecture, design, and documentation of complex Hardware Security Module and cryptographic infrastructure, ensuring alignment with business, resiliency, and security requirements
Uses enterprise-authorized AI capabilities within the work environment to accelerate security risk analysis and documentation (e.g., synthesizing threat assessments), validating outputs and ensuring sensitive data is handled appropriately.
Design and implement Hardware Security Module solutions, including deployment, configuration, integration, and full lifecycle management across Thales and FutureX platforms
Develop and maintain detailed architectural diagrams, system documentation, and operational runbooks to support operational excellence and knowledge continuity
Collaborate with cross-functional teams to define infrastructure standards, best practices, and security controls that align with firm-wide policies and industry regulations
Oversee the migration, upgrade, and consolidation of Hardware Security Module infrastructure, ensuring minimal disruption and maximum security throughout transitions
Provide expert guidance on cryptographic key management, secure storage, confidential computing, and compliance with industry standards including Payment Card Industry Data Security Standard and Federal Information Processing Standards
Troubleshoot and resolve infrastructure and Hardware Security Module-related issues, performing root cause analysis and implementing corrective actions using monitoring tools
Participate in risk assessments, audits, and incident response activities related to infrastructure and Hardware Security Module environments
Applies reuse-first, AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation, ensuring traceability/auditability and alignment to resiliency and security expectations.
Apply domain knowledge of payment processes and business resiliency to infrastructure design and operational decision-making

Required qualifications, capabilities, and skills

Formal training or certification on security engineering concepts and 5+ years applied experience
7 or more years of hands-on engineering experience with Hardware Security Modules, including expertise in architecture and system design of highly available infrastructure, disaster recovery, and business continuity strategies
Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity.
Proficient technical troubleshooting skills with strong Linux and Unix administration experience in enterprise environments
Strong understanding of cryptographic principles, key management, confidential computing, and secure hardware operations
Hands-on experience with OpenSSL and certificate-based authentication mechanisms
Expertise in public cloud key management services and cloud-based Hardware Security Module solutions
Proficiency in designing and documenting infrastructure architectures using industry-standard tools and methodologies
Experience with infrastructure automation tools such as Terraform for managing and scaling secure environments
Ability to review and validate AI-assisted security recommendations before adoption, escalating uncertainty and ensuring outcomes align to security, resiliency, and auditability expectations.

Preferred qualifications, capabilities, and skills

Experience with network security, firewalls, and secure room operations and key ceremonies
Hands-on experience with Splunk or equivalent platforms for infrastructure monitoring and troubleshooting
Strong domain knowledge of payment processes and business resiliency applied to infrastructure design
Relevant Hardware Security Module platform certifications such as Thales or FutureX credentials
Familiarity with broader cybersecurity frameworks and their application to cryptographic and payment infrastructure environments
Ability to influence technical direction and drive alignment across organizational boundaries in a large, complex enterprise

#CTC