What are the responsibilities and job description for the Sr Lead Cybersecurity Architect position at JPMorgan Chase?
Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
As a Senior Lead Cybersecurity Architect at JPMorganChase within the Cybersecurity & Tech Controls team, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.
Job responsibilities
- Leads the Threat Modeling Center of Excellence community, driving the strategic vision, development, and implementation of threat modeling practices across the enterprise.
- Collaborates with business, technology, and risk stakeholders to embed threat modeling into the architecture review lifecycle and ensure alignment with organizational security objectives.
- Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
- Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors .
- Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
- Serves as function-wide subject matter expert in one or more areas of focus
- Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
- Influences peers and project decision-makers to consider the use and application of leading-edge technologies
- Adds to team culture of diversity, opportunity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification in software engineering concepts and 5 years applied experience
- Expert Threat Modeler with hands-on experience as a threat model practitioner
- Deep expertise in threat modeling methodologies (e.g., STRIDE-LM, ATT&CK)
- Passion for mentoring and instructing others on threat modeling.
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Advanced in one or more programming languages or applications
- Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- Ability to tackle design and functionality problems independently with little to no oversight
- Practical cloud native experience
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
Preferred qualifications, capabilities, and skills
- Experience working with AI models and complex distributed data sets
- Proficiency in designing and implementing security controls for cloud environments (e.g., AWS, Azure, GCP)
- Hands-on experience with security assessment tools, vulnerability scanning tools, and penetration testing methodologies
- Experience working in finance or another highly regulated industry. Strong understanding of regulatory requirements such as GDPR, HIPAA, PCI-DSS, and SOC 2. CISSP, CISM, or other relevant certifications
- Experience engaging stakeholders across an organization to set strategy, align on priorities and deliver to a roadmap while managing to business needs and requirements
#CTC
