DescriptionPlay a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Technology Controls’ Firmwide Technology Resiliency (FTR) organization, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.
You should be a strong technologist who is flexible, resilient, an innovative thinker, as well as a natural collaborator with enterprise architects, engineers, developers, and senior management from across the organization. As a Senior Lead Cybersecurity Architect, with a focus on resiliency you would be expected to lead and promote resilient architecture enabling resiliency/agility within our global technology products. In addition, you must possess strong technical leadership skills, the ability to influence at all levels of the organization, demonstrated success in working with teams particularly in a matrix fashion, and communicate effectively through clarity of thought and demonstrated understanding of business and technical requirements. Additionally, you would have been in a cybersecurity engineering / architecture role with some application knowledge
Job responsibilities
- Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
- Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
- Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
- Serves as function-wide subject matter expert in one or more areas of focus
- Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
- Influences peers and project decision-makers to consider the use and application of leading-edge technologies
- Adds to team culture of diversity, equity, inclusion, and respect
- Works closely with Line of Business architects and Product infrastructure technologists to develop resilient architectures, design patterns and solutions that cover primary Plausible Destructive Event scenarios, ensuring that these are designed and implemented in a resilient manner
- Be key Subject Matter Expert leader across the technology organization on resiliency programs and initiatives
- Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitory of the Firms capability to recover from a cyber malware event. As well as ensuring that Cyber recovery playbooks are clearly defined, documented, communicated, adhered to, and are audit compliant
- Define and implement post-mortem / root-cause analysis processes – develop improved testing scenarios based upon analysis
Required qualifications, capabilities, and skills
- Formal training or certification on cybersecurity architecture concepts and 5+ years applied experience
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Advanced in one or more programming languages or applications
- Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- Ability to tackle design and functionality problems independently with little to no oversight
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
- Proven leader with successful track record driving large scale technology projects from inception to implementation, including strength in both business and technical requirements analysis
- Ability to think strategically on how to create firm wide solutions to meet business requirements and ability to communicate effectively to both business and technical audiences coupled with strong written and verbal communication skills, including the ability to present to larger audience and manage large working group
- Ability to orchestrate and drive complex strategies and solutions
- Proven ability to build strong, cohesive partnerships with the business, operations, technology & other key stakeholders, including external vendor partners, and work effectively in a matrix organization
- Superior analytical and problem-solving skills, including the ability in conducting security design reviews and recognizing vulnerabilities in systems
Preferred qualifications, capabilities, and skills
- Strong hands-on experiences and technical depth in one, or more technology areas, including Data security, Infrastructure security, Endpoint/Platform security, Distributed Technologies, Replication technology, data security, Cloud or Application Security. Some Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
- Knowledge of network security architecture concepts, including topology, protocols, components, and principles would be advantageous
- Prior experience in cybersecurity design / engineering would be advantageous
- Prior experience in disaster and/or cyber recovery planning and testing would be advantageous.
- Prior experience working with external auditors and regulators would be advantageous
- In depth knowledge of system and application vulnerabilities e.g. OWASP, NIST, SANS…
- Bachelor's degree in Computer Science, or a related field as well as accreditation in CISSP, CISM, CISA, CRISC, AWS would be a bonus