Join a world-class cybersecurity team where your expertise in cryptographic infrastructure and secure hardware directly protects the financial systems trusted by millions of people around the globe.
As a Security Infrastructure Engineer at JPMorganChase within the Cybersecurity & Technology Controls team, you will play a pivotal role in designing, implementing, and maintaining secure, scalable, and resilient infrastructure solutions that support critical payment and cryptographic operations. You will bring deep expertise in Hardware Security Module management and infrastructure architecture to help safeguard the firm's most sensitive systems and data. This role offers the opportunity to work at the forefront of cryptographic security, collaborating with cross-functional teams across a global organization to define standards, drive innovation, and ensure business continuity. If you are passionate about security engineering and thrive in complex, high-stakes environments, this is your opportunity to make a lasting impact.
Job responsibilities
- Design and implement Hardware Security Module solutions, including deployment, configuration, integration, and full lifecycle management across Thales and FutureX platforms
- Support development of detailed architectural diagrams, system documentation, and operational runbooks to ensure operational excellence and knowledge continuity
- Collaborate with cross-functional teams to define infrastructure standards, best practices, and security controls that align with firm-wide policies and industry regulations
- Uses enterprise-authorized AI capabilities within the work environment to accelerate security analysis and vulnerability assessment documentation, validating outputs and ensuring sensitive data is handled appropriately.
- Perform hands on engineering activities supporting migration, upgrade, and consolidation of Hardware Security Module infrastructure, ensuring minimal disruption and maximum security throughout transitions
- Troubleshoot and resolve infrastructure and Hardware Security Module-related issues, performing root cause analysis and implementing corrective actions using monitoring tools
- Participate in risk assessments, audits, and incident response activities related to infrastructure and Hardware Security Module environments
- Apply domain knowledge of payment processes and business resiliency to infrastructure design and operational decision-making
- Applies reuse-first, AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation, ensuring traceability/auditability and alignment to resiliency and security expectations.
Required qualifications, capabilities, and skills
- Bachelor’s Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
- Formal training or certification on security infrastructure engineering supporting HSMs and 3+ years applied experience
- Experience with Hardware Security Modules, including expertise in architecture and system design of highly available infrastructure, disaster recovery, and business continuity strategies
- Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity.
- Proficient in technical troubleshooting and Linux/Unix administration in enterprise environments, with strong knowledge of cryptography, key management, confidential computing, and secure hardware operations.
- Hands-on experience with OpenSSL and certificate-based authentication mechanisms
- Expertise in public cloud key management services and cloud-based Hardware Security Module solutions.
- Exposure to designing and documenting infrastructure architectures using industry-standard tools and methodologies
- Experience with infrastructure automation tools such as Terraform for managing and scaling secure environments
- Ability to review and validate AI-assisted security recommendations before adoption, escalating uncertainty and ensuring outcomes align to security, resiliency, and auditability expectations.
Preferred qualifications, capabilities, and skills
- Experience with network security, firewalls, and secure room operations and key ceremonies
- Hands-on experience with Splunk or equivalent platforms for infrastructure monitoring and troubleshooting
- Strong domain knowledge of payment processes and business resiliency applied to infrastructure design
- Relevant Hardware Security Module platform certifications such as Thales or FutureX credentials
- Familiarity with broader cybersecurity frameworks and their application to cryptographic and payment infrastructure environments
- Ability to influence technical direction and drive alignment across organizational boundaries in a large, complex enterprise
#CTC