Take on a crucial role where you'll be a key part of a high-performing team who ensure the firms central cloud platforms are enabled securely. Make a real impact as you help shape the future of cloud security at one of the world's largest and most influential companies.
As a Sr Lead Cloud Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls team, you are an integral part of team that works to deliver public cloud solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.
Job responsibilities
1. Support the execution and enhancement of a long term information risk and control strategy designed to keep the information assets of the public cloud secure.
2. Lead cloud infrastructure platform security review and threat modelling, including code reviews
3. Deliver risk based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components.
4. Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures.
5. Contribute to documentation and agile processes in support of security programs.
6. Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, IAM and network security.
Required qualifications, capabilities, and skills
7. Formal training or certification on security engineering concepts
8. Keen desire to understand and secure public cloud technology
9. Eagerness to collaborate in a team, and comfortable in both virtual and office environments
10. Self-disciplined, self-managed, self-motivated and strong sense of ownership, urgency, and drive
11. Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders
12. Hands on experience of developing, engineering or architecting within a public cloud environment
13. Leadership experience would be advantageous
14. Experience following agile practices like Test Driven Development (TDD) and Behavior Driven Development(BDD)
15. Experience engineering with Terraform or infrastructure-as-code and Understanding of DevOps or CI/CD concepts
Preferred qualifications, capabilities, and skills
16. Familiarity with Cloud Security Posture Management (CSPM) products
17. AWS, Azure or Google Cloud certifications would be an advantage