Senior Lead Cybersecurity Architect - Cloud & Infrastructure Resiliency
Plano, TX, United States
JPMorgan Chase & Co.
Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
The Senior Lead Cybersecurity Architect for Cloud & Infrastructure will be responsible for partnering with Cloud Enablement/Engineering, Line of Business Resiliency Leads and technologists across the firm in developing real life failure scenarios and appropriate solutions where gaps exist. Ensuring that resiliency is designed across the life cycle of both On-Prem Private and Public Cloud infrastructure technology and applications, thereby driving the timely and successful execution of the firm wide Recovery and Resiliency strategy.
Job responsibilities
- Work closely with Line of Business architects and Infrastructure Product technologists to develop resilient architectures, design patterns and solutions that cover the Firm’s primary Plausible Disruptive Event scenarios
- Partner with the Firmwide Simulation Utility (FSU), the Firmwide Business Resiliency (FBR), and Infrastructure and Application development teams to develop new testing scenarios and capabilities
- Provide key SME leadership across the technology organization on resiliency programs and initiatives
- Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitoring of the Firm’s capability to recover from a disruptive event
- Define and implement post-mortem / root-cause analysis processes – develop improved controls and testing scenarios based upon analysis
- Partner with Product teams to ensure that products are designed and implemented in a resilient manner and have validation plans in place including continuous improvement plans
- Ensure that recovery playbooks are clearly defined, documented, communicated, adhered to, are audit compliant, and support associated application and business recovery objectivesPlanning, designing, and implementing enterprise level infrastructure solutions
- Guiding the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
- Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
- Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
- Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
Required qualifications, capabilities, and skills
- Formal training or certification on software engineering* concepts and 5+ years applied experience
- Hands-on experience, including technical depth in one or more technology areas, such as: Cloud Enablement Design & Migration, Infrastructure Design, Distributed Technologies, and/or Messaging Technology.
- Knowledge of network architecture concepts, including topology, protocols, components, principles, fault domains and failure modes
- Understanding of latest cyber threats, attacking techniques and mitigating strategies (ie. blast radius analysis, workload placement)
- Knowledge of software-related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, implicitly / minimization...)
- Familiarity with Terraform and Infrastructure As Code (IaC) principles and tooling
- Skilled in conducting application and infrastructure design reviews/assessment and recognizing weaknesses vulnerabilities in systems
- Prior experience in disaster and/or cyber recovery planning and testing would be advantageous
- Knowledge of system and application vulnerabilities e.g. MITRE Att&ck framework, OWASP, NIST, SANS would be advantageous
- Hands-on experience experience of developing, engineering or architecting within a public cloud environment
- Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- Prior experience working with external auditors and regulators would be advantageous
- Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
- Certified as a AWS Solutions Architect, Azure Solutions Architect and/or CISSP
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Artificial Intelligence AWS Azure Banking C CISSP Cloud Java Machine Learning MITRE ATT&CK Monitoring NIST OWASP Python SANS Scala Scripting SDLC SQL Strategy Terraform Vulnerabilities
Perks/benefits: Career development Competitive pay Health care Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs