Infrastructure Security Architect

Roles & Responsibilities

As an experienced Infrastructure Security Architect, you will be hands-on in managing endpoint security for JPMC's large server estate which powers some of the most innovative business applications in the financial industry globally. You will use your deep understand of the threat landscape and risk to build security into products and new features. You will partner with and advise engineering, product, and risk teams on security best practices and help shape the endpoint security strategy for the firm. You will work with vendors to escalate problems and receive timely resolutions. Your expertise in analyzing complex data systems, anticipating problems, and finding ways to mitigate risk, will be key in enabling the product strategy while keeping the firm safe. While you'll be part of a tight-knit team that shares your passion for technology, you’ll also gain access to the best minds in the business—both as part of the JPMorgan Chase & Co. global technology community, and through our partnerships with some of the most important technology firms in the world.

This role requires a wide variety of strengths and capabilities, including:

• Degree in Computer Science/Information Technology related field or equivalent experience

• 5 years of relevant work experience

• Foundational knowledge of cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities

• Solid experience in managing endpoint security in enterprise environments (Managing Anti-Virus, EDR, Creating and reviewing hardening baselines for Windows & Red Hat Linux servers, configuration drift management)

Good understanding of industry frameworks like MITRE ATT&CK, NIST, CIS etc.

• Demonstrable development/scripting/automation experience in at least one of Java, Python, Go, PowerShell

• Excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences

• A strong foundation in and an in-depth technical knowledge of infrastructure and platform security

• Ability to collaborate with high-performing Agile teams and individuals throughout the firm to accomplish goals

• Ability to lead and drive meetings with global teams when there is a need for troubleshooting issues

• Thorough knowledge of network protocols

• Prior experience in Threat Modeling is preferred

• Experience with usage of SIEM tools is beneficial

• Knowledge in public cloud environments such as AWS and any relevant certifications is an added advantage

• Offensive Security skills such as Penetration Testing and/or Security certifications from reputed bodies would be an added advantage

• Willingness to learn and drive to excel is a must