Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity & Technology Controls, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. We are looking for an experienced Architect to join our team as a specialist in Cloud and/or AI/ML Security. You will be responsible for designing secure cloud infrastructure architectures for our enterprise AI/ML applications. We are looking for a cloud security leader who is passionate about AI/ML security architecture and can solve complex security configurations through innovation and known security architectural practices. You will be required to apply your in-depth of cloud security knowledge and expertise to all aspects of Artificial Intelligence/Machine Learning development lifecycle, as well as partner continuously with your many product stakeholders on a daily basis to stay focused on common goals. You’ll work in a collaborative, trusting, thought-provoking environment—one that encourages diversity of thought and creative solutions that are in the best interests of our customers . Best yet, you will be joining a team of highly motivated and skilled security architects who will help you to lay the foundations of a great career at JP Morgan Chase.
Job responsibilities
Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
Provide thought leadership for securing on premise and cloud based AI/ML solution architecture
Design comprehensive security architectures for cloud infrastructure projects
Design secure networks and systems based on industry standards and best practices
Identify and address security vulnerabilities, security risks, and other compliance issues
Create and communicate threat models
Partner with product managers to create key objectives and roadmaps
Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
Serves as function-wide subject matter expert in one or more areas of focus
Actively contributes to the engineering community as an advocate of firm wide frameworks, tools, and practices of the Software Development Life Cycle
Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
Formal training or certification on software engineering/architecture concepts and 5+ years applied experience
Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
Advanced in one or more programming languages or applications
Advanced Technical knowledge in architecting, designing, and Integrating security solutions in a large-scale enterprise of highly distributed applications
Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
Strong knowledge of Artificial Intelligence and Machine Learning Security concepts, threats, and vulnerabilities including Generative Large Language Models
Strong understanding of cloud computing concepts and services such as AWS, Azure, GCP, etc
Ability to tackle design and functionality problems independently with little to no oversight
Practical cloud native experience
Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
Preferred qualifications, capabilities, and skillsKnowledge of networking protocols and techniques, such as TCP/IP, routing, DNS, DHCP, etc.
Knowledge of IAM concepts, including but not limited to provisioning, PAM, RBAC, ABAC, SCIM, LDAP, and governance and authorization standards
Experience with federated identity platforms/products
Experience with API security and public cloud APIs and integration
Deep familiarity with frameworks such as NIST 800-53, OWASP, CVSS, the MITRE ATT&CK frame, MITRE Atlas, PCI, and Gramm-Leach-Bliley Act (GLBA).
Experience using cloud infrastructure as code (IaC) using frameworks like Terraform
Experience with microservices designs and implementations including docker, Kubernetes, etc…