DescriptionThe Firmwide Technology Resiliency organization is tasked with ensuring the Firm’s technology estate can maintain effective operations and support the ongoing, critical functioning of Essential Business Services in the face of today’s evolving threat landscape. The FTR team partners across all JPMC Lines of Business and Corporate Functions to drive & deliver the following:
- Proactive, threat-informed testing, simulations, & assessments that validate readiness and drive down residual risk.
- An end-to-end technology resiliency control framework linked to robust governance & reporting structures to ensure appropriate visibility and accountability.
- A multi-year, prioritized resiliency investment strategy focused on uplifting core tooling, capabilities, and controls to enable the Firm’s top strategic priorities across key areas such as Public Cloud, Technology Modernization, AI/ML, and ongoing business expansion (among others).
- Ongoing regulatory & financial industry engagement to support the strengthening of sector-level resiliency & readiness.
- Proactive threat and vulnerability analyses that ensure the above activities are grounded in the current risk landscape and most plausible disruptive scenarios.
The VP, Cloud Resiliency Testing Engineer, will be responsible for partnering with Cloud, Cybersecurity, Line of Business Resiliency Leads and technologists across the firm in developing real life scenarios and appropriate solutions where gaps exist. Ensuring that resiliency is designed across the life cycle of both infrastructure technology and applications, thereby driving the timely and successful execution of the firm wide Recovery and Resiliency strategy within the Cloud and Cyber Testing arenas.
The ideal candidate has demonstrated experience in at least one or more of the following types of roles, Infrastructure and/or Application engineering architecture or SRE with both Private and Public Cloud, hands-on experience including Design, Assessment, Pattern development, and End-to-End Solution Design.
Job responsibilities
- Providing vision and execution of modernize firm-wide test events
- Acting as the focal point for deploying new testing paradigms across multiple LOBs and all individual groups within Technology (e.g., desktop services, network services, distributed technology, data centers, production services, and risk and security) and their respective organizational technology continuity plan responsibilities.
- Work closely with Line of Business architects and Infrastructure Product technologists to develop resilient architectures, design patterns and solutions that cover the Firm’s primary Plausible Disruptive Event scenarios
- Partner with the Firmwide Simulation Utility (FSU), the Firmwide Business Resiliency (FBR), and Infrastructure and Application development teams to develop new testing scenarios and capabilities
- Provide key SME leadership across the technology organization on resiliency programs and initiatives
- Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitoring of the Firm’s capability to recover from a disruptive event
- Ensure that recovery playbooks are clearly defined, documented, communicated, adhered to, are audit compliant, and support associated application and business recovery objectives
Required qualifications, capabilities, and skills
- 5+ years of strong hands-on experience, including technical depth in one or more technology areas, such as: Cloud Enablement Design & Migration, Infrastructure Design, Data security, Endpoint/Platform security, Distributed TechnologiesMessaging technology, Application Security
- Knowledge of network architecture concepts, including topology, protocols, components, principles, fault domains and failure modes
- Ability to present to larger audience and manage large working group
- Ongoing understanding of latest cyber threats, attacking techniques and mitigating strategies
- Knowledge of software-related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, implicitly / minimization...)
- Familiarity with Terraform and InfrastructureAsCode principles and tooling
- Skilled in conducting application and infrastructure design reviews/assessment and recognizing weaknesses vulnerabilities in systems
- Prior experience in disaster and/or cyber recovery planning and testing would be advantageous
- Prior experience in cybersecurity design / engineering would be advantageous
- Knowledge of system and application vulnerabilities e.g. OWASP, NIST, SANS would be advantageous
- Experience applying expertise and new methods to develop and deliver solutions for complex architecture problems in one or more technical disciplines
- Proven leader with successful track record driving large scale technology projects from inception through execution
- Hands-on experience of developing, engineering or architecting within a public cloud environment
- Skilled in planning, designing, and implementing enterprise level infrastructure solutions
- Strength in both business and technical requirements development and analysis
- Strong written and verbal communication skills
- Superior analytical and problem-solving skills
- Ability to think strategically on how to create firmwide solutions to meet business requirements
- Ability to communicate effectively to both business and technical audiences
- Ability to orchestrate and drive complex strategies and solutions
- Proven ability to build strong, cohesive partnerships with the business, operations, technology & other key stakeholders, including external vendor partners
- Ability to work effectively in a matrix organization
Preferred qualifications, capabilities, and skills
- Prior experience working with external auditors and regulators would be advantageous
- Some Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
- Accreditation : AWS Solutions Architect, Azure Solutions Architect, CISSP