Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
As a Senior Lead Cybersecurity Architect at JPMorganChase, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.
Job responsibilities
- You will guide the evaluation of current cybersecurity processes, controls and lead the evaluation of new technology using existing standards and frameworks.
- Contribute toward the development of new controls and design patterns for existing or emerging technologies.
- Regularly provide technical guidance and direction to support the business and its technical teams, contractors, and vendors.
- Lead threat modeling for complex applications and platform services (including cloud-native and distributed architectures), document findings, and drive mitigations into architecture decisions and engineering backlogs.
- Serve as function-wide subject matter expert in one or more areas of focus.
- Actively contribute to the engineering community as an advocate of firmwide frameworks, tools, and practices of a secure Software Development Life Cycle.
- Influence peers and project decision-makers to consider the use and application of secure leading-edge technologies.
Required qualifications, capabilities, and skills:
- 6+ years of applied experience in cybersecurity architecture.
- Experience delivering enterprise-level cybersecurity solutions and controls for software applications and/or platforms.
- Experience designing security architecture and controls for modern environments (e.g., public cloud, containers, and distributed systems).
Experience integrating security into the software development lifecycle, including continuous integration and continuous delivery (CI/CD) and DevSecOps workflows. - Demonstrated experience leading threat modeling for complex systems (e.g., cloud-native, containerized, microservices, or distributed platforms) and translating results into actionable security requirements and design changes.
- Experience applying recognized threat modeling methodologies and frameworks (e.g., STRIDE or PASTA) and producing audit-ready artifacts (e.g., threat models, abuse cases, risk statements, mitigation plans).
- Experience modernizing existing security controls for emerging technologies by creating reusable architecture patterns and implementation guidance that engineering teams can adopt.
- Ability to evaluate current and emerging technologies and recommend security architecture options for future-state designs.
- Experience partnering with engineering teams to influence architecture and implementation decisions.
- Experience communicating complex security concepts to senior business leaders and technical stakeholders in writing and verbally.
- Working knowledge of common security standards and frameworks used to assess and design controls (e.g., NIST frameworks).
Preferred qualifications, capabilities, and skills:
- Knowledge of threat landscape for artificial intelligence.
- CISSP, CCSP. Technical Writing.
#CTC