DescriptionYour seniority as a security engineer puts you in the ranks of the top talent in your field. Play a critical role at one of the world's most iconic financial institutions where security is vital.
As a Security Engineer III in Cybersecurity & Tech Control in JP Morgan Chase, you will contribute to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. Leveraging your in-depth understanding of security principles and practices you will be responsible for ensuring the security of sensitive information and systems by managing and reviewing privileged access within the organization. This role involves monitoring, auditing, and validating access rights and permissions to safeguard against unauthorized access and potential security breaches. Your work will have a direct impact on the integrity, confidentiality, and availability of sensitive data and systems within the department, ensuring a secure digital environment for JPMorgan Chase.
Job responsibilities
- Be responsible for activities related to continued security monitoring and is a first line of defense for incident response and vulnerability management.
- Conduct regular reviews of privileged access accounts to ensure compliance with security policies and regulations.
- Monitor and audit privileged access to critical systems and data.
- Analyze access control reports and logs to identify anomalies or unauthorized access.
- Researches, recommends, evaluates, and implements cybersecurity solutions or configurations that identify and/or protect against potential threats, and respond to security violations
- Develop and implement policies and procedures for managing privileged access.
- Ensure compliance with regulatory requirements and industry best practices related to access control.
- Assists with the ongoing gathering of evidence to support compliance with PCI, SOC, internal audit and business controls
Required qualifications, capabilities, and skills
- Formal training or certification on Cyber Security* concepts and 3+ years applied experience
- Strong knowledge of cybersecurity domains, including Communication & Network Security, Identity & Access Management (IAM), Security & Risk Management, Security Assessment & Testing, and Security Operations
- Strong analytical and problem-solving skills to enable effective security incident and problem resolution
- Proficient in coding in one of more languages
Preferred qualifications, capabilities, and skills
- Experience in developing, documenting, and maintaining security procedures and documentation
- Excellent organizational, verbal, and written communication skills
- Maintain or working towards at least one of the following industry certifications: CISSP, CISA, SANS certification or other equivalent certifications