Software Engineer - Security Lead

JP Morgan

Location: Greater London

Job Type: Full time


At JPMorgan, we put our clients at the center. To meet their ever evolving needs we are continuously reinventing our business, incorporating the latest technology and business innovation

In this pursuit we are developing a set of new products and platforms to serve a wide range of clients and purposes and take our business to the entirely new level of flexibility, quality and speed.

Our team is at the heart of building this new venture. We have created a new organization and we are looking for solution-oriented, commercially minded, client-focused engineers, used to working in a true agile environment who want to be a part of something new, built from the ground up as a green-field with zero legacy initiative within a global, diverse and inclusive team.

Culture is as important to us and we are looking for intellectually curious, new technology passionate individuals who would like to expand their skills whilst working on a new exciting venture for the firm. Your work will have a direct impact to our customers as our business expands around the world.

This is a hands-on role for a Software Engineer, Security Lead whowants to be part of flat-structure organization andinfluence the design & developmentof a green-field initiative. As a part of delivering end-to-end cutting-edge solutions in the form of cloud-native microservices architecture applications leveraging the latest technologies and the best industry practices, your responsibilities will include

  • Understanding complex regulatory and internal security requirements and be able to advise on implementation options
  • Guiding & defining the security practices & standards end-to-end, covering external connectivity and internal service communication
  • Interacting with 3rd party vendors on security-related aspects during onboarding
  • Interacting with senior internal stakeholders - internal auditors, firmwide controls, etc
  • Review & constantly improve existing security practices and standards

Your technical skills should include

  • Minimum 5+ years of experience in an engineering role with heavy focus on security
  • Experience with at least 1 high-level programming language (Java, Python, etc)
  • Good understanding of modern SDLC practices and security aspects & tools of CI/CD pipelines (code scanning, container scanning)
  • Excellent knowledge of security best practices at different stages of the development lifecycle
  • Excellent knowledge of methods for authentication, authorization and encryption (AuthN/Z, JWT, RBAC, TLS, OAuth2)
  • Understanding of applied cryptography - understanding of symmetric/asymmetric cryptography
  • Practical experience with TLS certificates setup
  • Understanding of security vulnerabilities and remediation options
  • Excellent knowledge of all of the above concepts in the context of at least one (ideally more!) public cloud provider (AWS,GCP,Azure)
  • Nice to have: knowledge of security/identity SaaS vendors (Okta, Auth0)

Your soft skills should include

  • Ability to work in a collaborative environment and coach other team members on coding practices, design principles, and implementation patterns that lead to high-quality maintainable solutions.
  • Ability to work in a dynamic, agile environment within a geographically distributed team
  • Ability to focus on promptly addressing client and business needs
  • Ability to work within a diverse and inclusive team
  • Technically curious, versatile and solution oriented
  • Excellent written and verbal communication skills in English

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.

You’ve got this!