AddressPlay a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
The Senior Lead Cybersecurity Architect for Cloud & Infrastructure will be responsible for partnering with Cloud Enablement/Engineering, Line of Business Resiliency Leads and technologists across the firm in developing real life failure scenarios and appropriate solutions where gaps exist. Ensuring that resiliency is designed across the life cycle of both On-Prem Private and Public Cloud infrastructure technology and applications, thereby driving the timely and successful execution of the firm wide Recovery and Resiliency strategy.
Job responsibilities
- Work closely with Line of Business architects and Infrastructure Product technologists to develop resilient architectures, design patterns and solutions that cover the Firm’s primary Plausible Disruptive Event scenarios
- Partner with the Firmwide Simulation Utility (FSU), the Firmwide Business Resiliency (FBR), and Infrastructure and Application development teams to develop new testing scenarios and capabilities
- Provide key SME leadership across the technology organization on resiliency programs and initiatives
- Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitoring of the Firm’s capability to recover from a disruptive event
- Define and implement post-mortem / root-cause analysis processes – develop improved controls and testing scenarios based upon analysis
- Partner with Product teams to ensure that products are designed and implemented in a resilient manner and have validation plans in place including continuous improvement plans
- Ensure that recovery playbooks are clearly defined, documented, communicated, adhered to, are audit compliant, and support associated application and business recovery objectivesPlanning, designing, and implementing enterprise level infrastructure solutions
- Guiding the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
- Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
- Works with stakeholders and Senior Leaders to recommend business modifications during periods of vulnerability
- Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
Required qualifications, capabilities, and skills
- Formal training or certification on software engineering* concepts and 5+ years applied experience
- Hands-on experience, including technical depth in one or more technology areas, such as: Cloud Enablement Design & Migration, Infrastructure Design, Distributed Technologies, and/or Messaging Technology.
- Knowledge of network architecture concepts, including topology, protocols, components, principles, fault domains and failure modes
- Understanding of latest cyber threats, attacking techniques and mitigating strategies (ie. blast radius analysis, workload placement)
- Knowledge of software-related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, implicitly / minimization...)
- Familiarity with Terraform and Infrastructure As Code (IaC) principles and tooling
- Skilled in conducting application and infrastructure design reviews/assessment and recognizing weaknesses vulnerabilities in systems
- Prior experience in disaster and/or cyber recovery planning and testing would be advantageous
- Knowledge of system and application vulnerabilities e.g. MITRE Att&ck framework, OWASP, NIST, SANS would be advantageous
- Hands-on experience experience of developing, engineering or architecting within a public cloud environment
- Advanced knowledge of Cybersecurity Architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- Prior experience working with external auditors and regulators would be advantageous
- Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
- Certified as a AWS Solutions Architect, Azure Solutions Architect and/or CISSP
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans
