DescriptionJoin one of the world's most influential companies and leverage your skills in cybersecurity to have a real impact on the financial industry.
As a Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity Technology Controls (CTC) Product Security, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications on modern cloud-based technologies. As a core technical contributor, you are responsible for carrying out critical cybersecurity architecture solutions by identifying, creating, and communicating risk, mitigation options, and solutions across multiple technical areas within various business functions in support of project goals.
This role will support security architecture initiatives across the Employee Platforms' Content Communication & Collaboration space with a focus on M365 security.
Job responsibilities
- Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
- Defines the technical target state of their cybersecurity product and drives achievement of the strategy
- Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems
- Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
- Leads communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification in cybersecurity and 5+ years applied experience across one or more platform centric security areas (e.g. threat modeling, vulnerability assessments, encryption, IAM, network protocols, software development, API integration)
- Familiarity across a range of security frameworks and guidelines (e.g. OWASP, NIST, ISO) and experience reconciling design documentation and architecture with applicable industry standards and best practices
- Experience securing MS Azure & M365 environments including advanced understanding of Microsoft cloud-based security tools (Purview, Defender for Office, etc…)
- Understanding of SaaS-based security and controls.
- Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls
- Advanced understanding of agile methodologies such as continuous integration and delivery, application resiliency, and security
- Demonstrated proficiency in software applications and technical processes within a technical discipline (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- Ability to evaluate current and emerging technologies to recommend the best solutions for the future state architecture
- Experience effectively communicating with senior business leaders
Preferred qualifications, capabilities, and skills
- Strong communication skills to work with partners across multiple lines of business.
- Ability to effectively communicate security threats and risk to a wide audience.
- Experience or knowledge of implementing SaaS security technology (CASB, SSPM, etc…)
- Strong understanding of the M365 product line (Teams, SPO, CoPilot, Delve, EXO, etc...).
- Certifications applicable to this role: CISSP, CISM, CASP, & MSFT SC & AZ series.
- Experience operating and collaborating in a global enterprise environment.
- Understanding of regulatory and compliance challenges in a global enterprise.