Lead Cybersecurity Architect -Employee Experience Technology Product Security

Join our dynamic team and make a meaningful impact by delivering high-quality products that resonate with clients.

As a Lead Cybersecurity Architect at JPMorgan Chase within the Employee Experience Technology Product Security Team of Cybersecurity & Technology Controls, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various a broad range of Employee Experience Channels & Platforms products and applications. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.

Job responsibilities

• Guides the evaluation of current cybersecurity principles, processes, and controls, and leads the assessment of new technology using existing standards and frameworks
• Independently performs analysis and develops reports to identify security risks to protect data, applications, and infrastructure using modern tools
• Conducts security reviews and produces threat models
• Regularly provides technical guidance and direction to support the business and its engineering teams, product managers and vendors 
• Works with stakeholders and senior leaders to recommend actions to mitigate vulnerabilities and uplift application, platform or tooling security maturity
• Serves as function-wide subject matter expert in one or more areas of product security
• Influences peers and project decision-makers to consider the use and secure deployment of leading-edge technologies and patterns
• Adds to team culture of diversity, equity, inclusion, and respect 

Required qualifications, capabilities, and skills

• Formal training or certification in cybersecurity and 5 years applied experience across one or more functional product security areas (e.g. threat modeling, vulnerability assessments, security operations, supply chain risk management, architecture, control design & implementation, API security)
• Familiarity across a range of security frameworks and guidelines (e.g. OWASP, NIST, ISO, MITRE) and experience reconciling design documentation and architecture with approved patterns and/or applicable industry standards and best practices
• Hands-on practical experience delivering enterprise level cybersecurity solutions and controls 
• Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., SaaS, public cloud, AI, ML, LLMs, tooling design/development, containerization, resiliency)
• Ability to tackle design and functionality problems independently with little to no oversight 
• Ability to evaluate current and emerging technologies to select or recommend the best solutions for future state architecture & enterprise integrations
• Proven experience leading projects from scoping to delivery

Preferred qualifications, capabilities, and skills

• Ability to concisely present and communicate complex technical topics to a wide array of stakeholders
• Experience and/or advanced knowledge of architecture, applications, and technical processes as it relates to enterprise scale applications, tooling and/or platform security