Lead Security Engineer

As a Lead Security Engineer at JPMorganChase within the Cybersecurity & Technology Controls, you will support our Endpoint Detection and Response (EDR) capabilities as part of the Cybersecurity Operations (CyberOps) organization. CyberOps comprises Operations and Product teams - Operations holds the 24/7 global remit to protect the firm from cyber threats as they arise, while Product builds, enhances, and sustains strategic cybersecurity capabilities, tools, and controls to detect and defend the bank against cyber attack. In this role, you will be part of the Product organization, leveraging matrixed Product, Technology, and Operations teams to deliver solutions that secure the JPMorganChase environment, protect confidential information, and safeguard the firm's technological assets and intellectual property. You are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

Job responsibilities

• Develop secure, high-quality production code, review and debug code written by others, and implement complex business logic using Python, Bash, PowerShell, and other scripting languages.
• Support the engineering and deployment of Endpoint Detection and Response (EDR) solutions, ensuring comprehensive threat detection, prevention, and response capabilities across the enterprise.
• Oversee the design, implementation, and maintenance of security solutions for enterprise-scale deployments protecting approximately 800,000 endpoints across the firm.
• Execute on key deliverables in the security engineering space. Design and develop production deployments with the ability to think beyond routine or conventional approaches in order to deliver technology solutions for key stakeholders.
• Serve as a cross-functional contributor across systems engineering, integration, and administration, leveraging deep expertise in Windows and Linux systems internals.
• Develop and enforce robust change management practices to ensure system integrity and security.
• Proactively identify opportunities to enhance operational efficiency within the team, develop scalable solutions, and drive their implementation - including the automation of manual processes and workflows.
• Minimize security vulnerabilities by following industry insights and government regulations to continuously evolve security protocols, including creating processes to determine the effectiveness of current controls.
• Provide technical leadership, mentorship, and guidance to a global security engineering team of 10-15 engineers spanning 3-4 regions.
• Engage effectively with third-party vendors and communicate and collaborate with stakeholders across the globe.

Required qualifications, capabilities, and skills

• Bachelor's Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
• Formal training or certification on Engineering and Cybersecurity concepts and 5+ years applied experience as a software engineer, cloud engineer, DevOps engineer, or equivalent role.
• Demonstrated skills in planning, designing, and implementing enterprise-level security solutions.
• Strong proficiency in one or more programming or scripting languages (e.g., Python, Bash, PowerShell) for automation and integration tasks.
• Proficiency in all aspects of the Software Development Life Cycle.
• Strong analytical experience with a problem-solving mindset and the ability to solve complex challenges.
• Advanced understanding of agile development practices, CI/CD pipelines, application resiliency principles, and security best practices.
• Experience deploying commercial software at scale in an enterprise environment.
• Proven experience defining and implementing Infrastructure as Code (IaC), working with CI/CD pipelines, and leveraging associated automation tooling.

Preferred qualifications, capabilities, and skills

• Cloud computing related certifications with an AWS focus, such as Certified Solutions Architect, DevOps Engineer, or similar.
• Experience with AWS services and infrastructure in an enterprise environment.
• Experience with Terraform for infrastructure provisioning and management.
• Python for automation, scripting, and integration tasks.
• Experience with data orchestration and transformation platforms such as Kestra, dbt, Apache Trino, or similar tools
• Experience effectively communicating with senior business leaders.
• Experience in financial services or highly regulated environments.

#CTC