Security Architect, Cyber Defense & Fraud Engineering

Job Description

Cyber Defense & Fraud Architect

The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.

Summary:

As an experienced professional in our cybersecurity organization, you won’t just be watching over our data – you’ll be finding innovative new ways to protect it in the future. To do that, you’ll help lead a highly motivated team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. You’ll use your leadership skills to give guidance, advise on best practices and support our business and technology groups. By taking the lead on incident response, risk reviews, vulnerability assessments and identifying threats, you’ll help us deliver cost-effective solutions that put our clients first. You’ll deploy best practices, new policies and emerging trends to strengthen our strategic roadmap. By presenting your findings to senior leaders, you’ll sharpen your communication and presentation skills. As part of our global team of technologists and innovators, your work will have a critical impact on our company, as well as our clients and our business partners around the world.

Joining the Cyber Defense and Fraud Engineering team your key responsibilities will be to:

• Engage and improve the whole lifecycle of CD&F services - from inception and design, through deployment, operation and refinement
• Define, Deliver and maintain the CD&F architecture target state and roadmap
• Provide Subject Matter Expertise for CD&F to multiple LOBs, forums, panels, auditors, senior management and partner organizations.
• Play a lead role in technology and security investigatory exercises related to CD&F
• Introduce improvements in implementation patterns and design concepts
• Be a strong techn ologist and a natural collaborator across the firm
• Research, design and apply advanced security techniques
• Manage individual project priorities, deadlines and deliverables

This role requires a wide variety of strengths and capabilities, including:

• Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
• Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
• Expertise in Agile and can work with at least one of the common frameworks
• Minimum 10+ years of experience in Information security
• 3+ years of scripting/programming experience in Perl/Bash/Java/C#/C++/Python/Ruby/Javascript/HTML is desired.
• 3+ years of Architecture design/building large scale systems is sufficient, being well versed in application secure design principles, OWASP top 10 risks/vulnerabilities/solutions, patterns and framework etc.
• Prior experience in Architecture risk assessment, secure design reviews, Microsoft threat model tool, STRIDE/DREAD concepts, abuse cases, attack trees is desirable. Knowledge of Threat Intel, APT groups, malware analysis, CAPSEC, MITRE models is recommended.
• Experience in risk based authentication and step up protective measures
• Understanding of information security and risk management challenges, issues mitigations and remediation.
• Possess significant breadth across other disciplines (e.g., enterprise security architecture, compute services, storage, networking, virtualization, data center, integration architecture (API), orchestration technologies (Openstack/Cisco), application development lifecycle management (DevOps), and service delivery).
• Demonstrated experience leading security operations centers
• Understanding of intelligence-driven approaches to computer network defense
• Subject matter expert in incident response and network forensics

When you work at JPMorgan Chase & Co., you’re not just working at a global financial institution. You’re an integral part of one of the world’s biggest tech organizations. In our global technology centers, our team of 50,000 technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $11B annual investment in technology enables us to hire people to create innovative solutions that are transforming the financial services industry.

At JPMorgan Chase & Co. we value the unique skills of every employee, and we’re building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you’re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.