Sr Lead Cybersecurity Architect - Resiliency

Full time
employer logo
JP Morgan
Banking, investment & finance
10,001+ employees
Compare top employers
Apply on company site

Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.

As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Technology Controls’ Firmwide Technology Resiliency organization, you will be an integral part of a dynamic team. You will work on developing high-quality cybersecurity solutions for various software applications and platform products. You will partner with other members of Cybersecurity, Line of Business Resiliency Leads, and technologists across the firm in developing real-life scenarios. Your role will be crucial in ensuring that resiliency is designed across the life cycle of both infrastructure technology and applications, thereby promoting the timely and successful execution of the firmwide Recovery and Resiliency strategy.

Job responsibilities

  • Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
  • Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
  • Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
  • Serves as function-wide subject matter expert in one or more areas of focus
  • Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
  • Influences peers and project decision-makers to consider the use and application of leading-edge technologies
  • Adds to team culture of diversity, equity, inclusion, and respect
  • Work closely with Line of Business architects and Product infrastructure technologists to develop resilient architectures, design patterns and solutions that cover primary Plausible Destructive Event scenarios, ensuring that these are designed and implemented in a resilient manner
  • Be key Subject Matter Expert leader across the technology organization on resiliency programs and initiatives
  • Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitory of the Firms capability to recover from a cyber malware event. As well as ensuring that Cyber recovery playbooks are clearly defined, documented, communicated, adhered to, and are audit compliant
  • Define and implement post-mortem / root-cause analysis processes – develop improved testing scenarios based upon analysis

Required qualifications, capabilities, and skills

  • Formal training or certification on cybersecurity concepts and proficient advanced experienc
  • Advanced in one or more programming languages or applications
  • Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
  • Ability to tackle design and functionality problems independently with little to no oversight
  • Practical cloud native experience
  • Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
  • Proven leader with successful track record driving large scale technology projects from inception to implementation, including strength in both business and technical requirements analysis
  • Ability to think strategically on how to create firm wide solutions to meet business requirements and ability to communicate effectively to both business and technical audiences coupled with strong written and verbal communication skills, including the ability to present to larger audience and manage large working group
  • Ability to orchestrate and drive complex strategies and solutions
  • Proven ability to build strong, cohesive partnerships with the business, operations, technology & other key stakeholders, including external vendor partners, and work effectively in a matrix organization
  • Superior analytical and problem-solving skills, including the ability in conducting security design reviews and recognizing vulnerabilities in systems

Preferred qualifications, capabilities, and skills

  • Strong hands-on experiences and technical depth in one, or more technology areas, including Data security, Infrastructure security, Endpoint/Platform security, Distributed Technologies, Replication technology, data security, Cloud or Application Security. Some Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
  • Knowledge of network security architecture concepts, including topology, protocols, components, and principles would be advantageous
  • Prior experience in cybersecurity design / engineering would be advantageous
  • Prior experience in disaster and/or cyber recovery planning and testing would be advantageous.
  • Prior experience working with external auditors and regulators would be advantageous
  • In depth knowledge of system and application vulnerabilities e.g. OWASP, NIST, SANS…
  • Bachelor's degree in Computer Science, or a related field as well as accreditation in CISSP, CISM, CISA, CRISC, AWS would be a bonus