Take your engineering expertise to new heights by joining a team of exceptionally talented professionals and solidify your place among top performers in the industry.
As a Principal Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Technology Controls organization, you provide expertise to enhance and develop architecture platforms based on modern cloud-based technologies as well as support the adoption of strategic global solutions. Leverage your advanced architecture capabilities to identify, communicate, and mitigate risk, and collaborate with colleagues across the organization to drive best-in-class outcomes.
We are looking for an experienced Principal Cybersecurity Architect to join our team as a specialist in Cloud Security. The candidate will be responsible for designing secure cloud infrastructure architectures for our enterprise Artificial Intelligence/Machine Learning (AI/ML) applications. The role requires a cloud security leader who is passionate about AI/ML architecture and can solve complex security configurations through innovation. You will apply your in-depth cloud security knowledge and expertise to all aspects of AI/ML development lifecycle, as well as partner continuously with your many product stakeholders. You’ll work in a collaborative, trusting, thought-provoking environment—one that encourages diversity of thought and creative solutions that are in the best interests of our customers.
Job responsibilities
Provide thought leadership for securing on premise and cloud based AI/ML solution architectureDesign comprehensive security architectures for cloud infrastructure projectsDesign secure networks and systems based on industry standards and best practicesIdentify and address security vulnerabilities, security risks, and other compliance issuesPerform regular audits of all cloud infrastructureParticipate in application and system hardening activitiesDevelop and document security policies, procedures, and processesConduct security risk assessments using various tools and processesCreate and communicate threat modelsPartner with product managers to identify, quantify, and communicate all security risks.Drive innovation and ensure that JPMC maximizes the business benefits while minimizing security risk across your product
Required qualifications, capabilities, and skills
Formal training or certification on software engineering concepts and 10+ years applied experienceAdvanced Technical knowledge in architecting, designing, and Integrating security solutions in a large-scale enterprise of highly distributed applicationsExperience designing/delivering secure cloud infrastructure architectures for our enterprise AI/ML applicationsStrong knowledge of AI/ML security concepts, threats, and vulnerabilities including Generative AI and Large Language ModelsDemonstrated proficiency in software applications and technical processes within artificial intelligence and/or machine learning. Practical cloud native experience with an understanding of cloud computing concepts and services such as AWS, Azure, GCP, etcHands-on practical experience with Threat Models. Advanced in one or more programming languages Advanced understanding of agile methodologies such as continuous integration and delivery, application resiliency, and securityAbility to evaluate current and emerging technologies to recommend the best solutions for the future state architectureAbility to present and effectively communicate with senior leaders and executives
Preferred qualifications, capabilities, and skills
Knowledge of networking protocols and techniques, such as TCP/IP, routing, DNS, DHCP, etc.Knowledge of IAM concepts, including but not limited to: provisioning, RBAC, ABAC, SCIM, LDAP, federated identity platforms/products and Privileged Access ManagementExperience with API security and public cloud API integrationExperience developing and understanding information security architecture, mitigation of threats, and compensating controls.Deep familiarity with frameworks such as NIST 800-53, OWASP, CVSS, the MITRE ATT&CK framework, MITRE Atlas, PCI, and Gramm-Leach-Bliley Act (GLBA).Experience using cloud Infrastructure as Code (IaC) using frameworks like TerraformExperience with microservices designs and implementations including docker, Kubernetes, helm