Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers.

As a Senior Lead Security Engineer at JPMorgan Chase within the Corporate Sector Cybersecurity and Tech controls team, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. The  team is developing cutting edge developer tooling to scan all internally developed applications in the firm for cyber vulnerabilities.  This new application, developed in JAVA & Spring, will replace the incumbent scanning application used by 40k developers firmwide. 

Job responsibilities

Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needsWorks with stakeholders and senior business leaders to recommend business modifications during periods of vulnerabilityBe responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events Adds to team culture of diversity, equity, inclusion, and respectDesign and develop integrations to the firmwide vulnerability code scanning serviceEngage in Application Performance TuningUnderstand Change Procedures and liaison between Development, Quality Assurance and Production Support teams.Provide L4 support including troubleshooting, debugging and performance investigations, for a portfolio of code scanning tooling

· Perform peer code reviews.

·  Conduct documentation of the new enhancements and services

· Present static scanning tools to the technology teams

Required qualifications, capabilities, and skills

Formal training or certification on enterprise-level security solutions concepts and proficient advanced experienceAdvanced in one or more programming languagesAdvanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.)Extensive experience with threat modeling, discovery, vulnerability, and penetration testingAbility to tackle design and functionality problems independently with little to no oversight Practical cloud native experience

·         Experience in Enterprise Level Software Development; Enterprise Level Web development; Java; JavaScript; HTML;

·         Cloud technologies including AWS or equivalent

·         Enterprise Database technologies such as Aurora PostgresSQL or equivalent