Security Engineer III - Cloud, Python, Terraform

Your seniority as a security engineer puts you in the ranks of the top talent in your field. Play a critical role at one of the world's most iconic financial institutions where security is vital.

As a Security Engineer III at JPMorgan Chase within the Cybersecurity & Tech Controls team, you serve as a seasoned member of a team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Carry out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions in support of the firm’s business objectives

Job responsibilities

• Executes security solutions design, development, and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e.g., product, platform, application owners)
• Creates secure and high-quality production code and maintains algorithms that run synchronously with appropriate systems
• Applies specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities
• Leads delivery of continuity-related awareness, training, educational activities, and exercises
• Adds to team culture of diversity, equity, inclusion, and respect

Required qualifications, capabilities, and skills

• Formal training or certification on Security Engineering concepts and 3+ years applied experience
• Hands-on experience in developing, engineering, or architecting within a public cloud environment.
• Development experience in Python and engineering with Terraform or infrastructure-as-code.
• Perform security reviews of infrastructure-as-code and Kubernetes platforms, including RBAC configurations.
• Conduct risk-based assessments of secure technology controls for cloud services, platforms, and architectural components
• Assist in executing and enhancing a long-term information risk and control strategy to secure public cloud information assets
• Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders.

• Keen desire to understand and secure public cloud technology.
• Eagerness to collaborate in a team, and comfortable in both virtual and office environments.
• Ability to prioritize and work under stringent timelines.
• AWS, Azure or Google Cloud certifications would be an advantage.
• Understanding of DevOps or CI/CD concepts would be an advantage.