DescriptionPlay a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers. As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity & Technology Controls, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. We are looking for an experienced Architect to join our team as a specialist in Cloud and/or AI/ML Security. You will be responsible for designing secure cloud infrastructure architectures for our enterprise AI/ML applications. We are looking for a cloud security leader who is passionate about AI/ML security architecture and can solve complex security configurations through innovation and known security architectural practices. You will be required to apply your in-depth of cloud security knowledge and expertise to all aspects of Artificial Intelligence/Machine Learning development lifecycle, as well as partner continuously with your many product stakeholders on a daily basis to stay focused on common goals. You’ll work in a collaborative, trusting, thought-provoking environment—one that encourages diversity of thought and creative solutions that are in the best interests of our customers . Best yet, you will be joining a team of highly motivated and skilled security architects who will help you to lay the foundations of a great career at JP Morgan Chase.
Job responsibilities
- Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
- Provide thought leadership for securing on premise and cloud based AI/ML solution architecture
- Design comprehensive security architectures for cloud infrastructure projects
- Design secure networks and systems based on industry standards and best practices
- Identify and address security vulnerabilities, security risks, and other compliance issues
- Create and communicate threat models
- Partner with product managers to create key objectives and roadmaps
- Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
- Serves as function-wide subject matter expert in one or more areas of focus
- Actively contributes to the engineering community as an advocate of firm wide frameworks, tools, and practices of the Software Development Life Cycle
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification on software engineering/architecture concepts and 5+ years applied experience
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Advanced in one or more programming languages or applications
- Advanced Technical knowledge in architecting, designing, and Integrating security solutions in a large-scale enterprise of highly distributed applications
- Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- Strong knowledge of Artificial Intelligence and Machine Learning Security concepts, threats, and vulnerabilities including Generative Large Language Models
- Strong understanding of cloud computing concepts and services such as AWS, Azure, GCP, etc
- Ability to tackle design and functionality problems independently with little to no oversight
- Practical cloud native experience
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
Preferred qualifications, capabilities, and skills
- Knowledge of networking protocols and techniques, such as TCP/IP, routing, DNS, DHCP, etc.
- Knowledge of IAM concepts, including but not limited to provisioning, PAM, RBAC, ABAC, SCIM, LDAP, and governance and authorization standards
- Experience with federated identity platforms/products
- Experience with API security and public cloud APIs and integration
- Deep familiarity with frameworks such as NIST 800-53, OWASP, CVSS, the MITRE ATT&CK frame, MITRE Atlas, PCI, and Gramm-Leach-Bliley Act (GLBA).
- Experience using cloud infrastructure as code (IaC) using frameworks like Terraform
- Experience with microservices designs and implementations including docker, Kubernetes, etc…