Lead Cloud & Infrastructure Architect

Organization Overview

The Firmwide Technology Resiliency organization is tasked with ensuring the Firm’s technology estate can maintain effective operations and support the ongoing, critical functioning of Essential Business Services in the face of today’s evolving threat landscape. The FTR team partners across all JPMC Lines of Business and Corporate Functions to drive & deliver the following:

• Proactive, threat-informed testing, simulations, & assessments that validate readiness and drive down residual risk.
• An end-to-end technology resiliency control framework linked to robust governance & reporting structures to ensure appropriate visibility and accountability.
• A multi-year, prioritized resiliency investment strategy focused on uplifting core tooling, capabilities, and controls to enable the Firm’s top strategic priorities across key areas such as Public Cloud, Technology Modernization, AI/ML, and ongoing business expansion (among others).
• Ongoing regulatory & financial industry engagement to support the strengthening of sector-level resiliency & readiness.
• Proactive threat and vulnerability analyses that ensure the above activities are grounded in the current risk landscape and most plausible disruptive scenarios.

Job Description

The VP, Lead Cloud & Infrastructure Architect will be responsible for partnering with Cloud Enablement/Engineering, Line of Business Resiliency Leads and technologists across the firm in developing real life failure scenarios and appropriate solutions where gaps exist. Ensuring that resiliency is designed across the life cycle of both On-Prem Private and Public Cloud infrastructure technology and applications, thereby driving the timely and successful execution of the firm wide Recovery and Resiliency strategy.

The ideal candidate has demonstrated experience in at least one or more of the following types of roles, Infrastructure and/or Application engineering architecture or SRE with both Private and Public Cloud, hands-on experience including Design, Assessment, Pattern development, and End-to-End Solution Design.

Job responsibilities

• Work closely with Line of Business architects and Infrastructure Product technologists to develop resilient architectures, design patterns and solutions that cover the Firm’s primary Plausible Disruptive Event scenarios
• Partner with the Firmwide Simulation Utility (FSU), the Firmwide Business Resiliency (FBR), and Infrastructure and Application development teams to develop new testing scenarios and capabilities
• Provide key SME leadership across the technology organization on resiliency programs and initiatives
• Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitoring of the Firm’s capability to recover from a disruptive event
• Define and implement post-mortem / root-cause analysis processes – develop improved controls and testing scenarios based upon analysis
• Partner with Product teams to ensure that products are designed and implemented in a resilient manner and have validation plans in place including continuous improvement plans
• Ensure that recovery playbooks are clearly defined, documented, communicated, adhered to, are audit compliant, and support associated application and business recovery objectives

Required qualifications, capabilities, and skills

• Strong hands-on experience, including technical depth in one or more technology areas, such as: Cloud Enablement Design & Migration, Infrastructure Design, Distributed Technologies, and/or Messaging Technology.
• Knowledge of network architecture concepts, including topology, protocols, components, principles, fault domains and failure modes
• Ongoing understanding of latest cyber threats, attacking techniques and mitigating strategies (ie. blast radius analysis, workload placement)
• Knowledge of software-related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, implicitly / minimization...)
• Familiarity with Terraform and Infrastructure As Code (IaC) principles and tooling
• Skilled in conducting application and infrastructure design reviews/assessment and recognizing weaknesses vulnerabilities in systems
• Prior experience in disaster and/or cyber recovery planning and testing would be advantageous
• Knowledge of system and application vulnerabilities e.g. MITRE Att&ck framework, OWASP, NIST, SANS would be advantageous
• Experience applying expertise and new methods to develop and deliver solutions for complex architecture problems in one or more technical disciplines
• Hands-on experience of developing, engineering or architecting within a public cloud and container based environment
• Skilled in planning, designing, and implementing enterprise level infrastructure solutions

Preferred qualifications, capabilities, and skills

• Prior experience with Data Analysis related to Application Assets and Rules Based control compliance assessment development (Controls as Code)
• Prior experience working with external auditors and regulators would be advantageous
• Some Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
• Accreditation : AWS Solutions Architect, Azure Solutions Architect