Senior Lead Security Engineer - Storage

As a Senior Lead Security Engineer at JPMorgan Chase within the Storage Product Line, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.

Job responsibilities

• Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs
• Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability
• Managing triage based on risk assessments of various threats and managing resources to cover impact of disruptive events 
• Cultivate security culture with your product technology and business colleagues. Products that have the right security culture will strive to prioritize sustainable controls and driving real risk reduction outcomes.  Embed threat modelling, solutions architecture, secure code review into product and application teams so they adopt our control products and create products that are secure from the start. 
• Know your product across its breadth and depth.  Be fluent in your product’s strategy and roadmap as well as its key investment programs. Identify unfamiliar technology components, capabilities, and business concepts and be self-motivated to learn all about them, applying critical thinking to identify hidden issues along the way.  
• Be your product’s security thought leader.  Learn from your product and cybersecurity teams and share best practice in both directions.  Be recognized in your product as the clear point of escalation and subject matter expert for IT Risk and Cyber domains. 
• Act with urgency managing emerging issues.  Proactively monitor Key Risk Indicators to ensure issues are identified, quantified, communicated, and managed in a timely manner, including recommendations for resolution and identifying the root cause/key themes. 
• Partner and lead end-to-end across your product’s supply chain.  Work collaboratively with product, technology, and business colleagues on an on-going basis for business-as-usual audit and regulatory engagements, risk activities and project initiatives. Work closely with Third Party Oversight teams to ensure effective technology risk management of vendors engaged by technology partners.
• Adds to team culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills

• Formal training or certification on software engineering, computer science, or data science concepts and 5 years applied experience
• Skilled in planning, designing, and implementing enterprise-level security solutions
• Experience in a successful security and risk organization with strong security and technical skills such as Security Solution Architecture, offensive and defensive security, and Technical Service Delivery
• Strong strategic vision mixed with delivery excellence 
• Strong communication and presence - Ability to work with cross functional technology partners – engineering, architecture &  product management
• Strong leader, culture carrier and team player experienced in matrix organizations 
• Demonstrated experience with product technologies (file, object, block storage)
• Modern Architectures – (data, cloud, APIs, micro-services)  
• Able to communicate effectively and authoritatively with technical and non-technical stakeholders  
• Thinks in terms of risks and outcomes  

• Banking experience preferred but experience in industries with similar risk tolerance is acceptable