Lead Cybersecurity Architect - Threat Modeling | AWS Cloud Security
Join one of the world's most influential companies and leverage your skills in cybersecurity to have a real impact on the financial industry.
As a Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Technology Controls organization, you will be a key player in developing top-notch cybersecurity solutions for various software applications using modern cloud-based technologies.
Your role involves identifying, creating, and communicating risk mitigation options and solutions across multiple technical areas within different business functions to support project objectives.
You will be part of the Application Integration & Streaming Security team, which leads and coordinates all security efforts related to critical integrations across the company.
Our focus is on integrating security controls into our products from the start, ensuring seamless and efficient information flow, and enhancing the experience of our engineers while prioritizing customer satisfaction.
Job responsibilities
- Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
- Defines the technical target state of their cybersecurity product and drives achievement of the strategy
- Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems
- Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
- Leads communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification on Cybersecurity concepts and 5+ years applied experience
- Experience with Terraform and scripting. Hands on experience in architecting, securing, and operating one or more major Cloud technologies (AWS / Azure), with a focus on Security
- Experience designing and establishing baselines and prove security posture against implemented controls along with, risk management processes, principles, architectural requirements, engineering, threats and vulnerabilities, threat intelligence and application security.
- Experience with creating Threat Models and understanding risks associated with complex cloud architectures.
- Understanding of software development lifecycle including design, implementation, and delivery. Practice of Continuous Integration and Continuous Delivery
Preferred qualifications, capabilities, and skills
- Information security professional certifications encouraged, such as CISSP, CCSP, SANS GIAC, AWS Security etc
- Familiarity with Docker, Kubernetes, Micro-services, Kafka, cloud, virtualization, APIs, and modern software languages, understanding or have experience with Agile and lean philosophies
- Able to deliver complex solutions that are easy to repave, automate, as well as with very strong resiliency capabilities.
Experience performing root cause analysis of Production incidents and recommending tactical and strategic solutions to SRE teams.
- Experience with common application flaws, and how to fix them.
- Penetration testing experience