Lead Security Engineer

LONDON, United KingdomFull-timePosted Jul 13, 2026
Apply

Join us and shape the future of secure software delivery. As a Lead Security Engineer, you’ll work at the intersection of security and platform engineering, designing impactful solutions that enable teams to move fast while managing risk. You’ll collaborate with talented squads, contribute to a culture that values unique perspectives, and foster growth, impact, and innovation. This is your opportunity to make a difference and advance your career in a dynamic, engineering-led environment. We’re committed to helping you thrive and grow.

As a Lead Security Engineer at JPMorgan Chase in the Platform team, you will embed security into engineering workflows and deliver scalable, engineering solutions. You’ll work at the intersection of security and platform engineering, actively designing, building, and implementing security capabilities. Your role is hands-on, collaborating with squads to reduce platform risk and enable secure software delivery. You’ll help shape a modern, engineering-led approach to security, empowering teams to move fast while managing risk. Our culture values unique perspectives and fosters growth, impact, and innovation.

Job Responsibilities:

  • Design, build, and operate scalable security capabilities integrated into engineering workflows
  • Embed security into the software development lifecycle by implementing automated controls
  • Improve software supply chain security through SBOM generation and dependency visibility
  • Analyze and enrich vulnerability data with contextual information for effective remediation
  • Provide actionable insights and guidance to engineering teams to address security issues
  • Collaborate with platform and product engineering teams to drive secure development practices
  • Identify and assess security risks in runtime and cloud environments, supporting remediation
  • Support the development and operation of runtime security tooling for production risk visibility
  • Contribute to security incident response activities, including triage and investigation
  • Develop and maintain incident response processes, runbooks, and detection capabilities
  • Work with risk, governance, and control teams to support reporting and compliance
  • Drives adoption and governance of approved AI-assisted engineering practices across teams to improve code quality, delivery speed, and operational outcomes (e.g., AI-assisted code review/refactoring, test acceleration, release readiness, incident/root-cause analysis), while establishing measurable validation standards (secure coding, peer review, automated testing) and promoting reuse of proven patterns and automation within the SDLC/TLM toolchain.
  • Applies knowledge of tools within the Software Development Life Cycle toolchain, including approved AI-assisted development and automation capabilities, to improve the value realized by automation at scale.

Required Qualifications, Capabilities, and Skills:

  • Hands-on experience in software, platform, or cloud engineering roles deploying systems in public cloud environments
  • Strong ability to design and implement security controls within engineering workflows, especially CI/CD pipelines
  • Proficiency in at least one programming or scripting language for automation and integration
  • Solid understanding of the Software Development Life Cycle and integrating security practices
  • Experience applying security testing and controls within CI/CD pipelines
  • Familiarity with cloud-native technologies, including containerization and orchestration platforms
  • Strong analytical and problem-solving skills to deliver practical security solutions
  • Good understanding of modern engineering practices, including CI/CD, system resilience, and secure software delivery
  • Demonstrated experience leading effective use of enterprise-authorized AI-assisted software development tools within the work environment (e.g., for coding, code review, test acceleration, troubleshooting) with the ability to set team expectations for validating AI outputs for correctness, performance, and security
  • Strong understanding of responsible AI use in engineering workflows, including data sensitivity considerations, secure handling of inputs/outputs, and adherence to resiliency and security expectations; experience coaching senior engineers/leads on compliant usage patterns and controls.

Preferred Qualifications, Capabilities, and Skills:

  • Experience in platform security, DevSecOps, or engineering-led security teams
  • Familiarity with security tools such as Snyk and Wiz
  • Knowledge of software supply chain security concepts, including SBOM, SLSA, and dependency management
  • Cloud certifications, preferably GCP (e.g., Professional Cloud Architect, Professional DevOps Engineer)
  • Experience operating in large-scale enterprise environments within regulated industries
  • Ability to communicate technical risks clearly to engineering teams and senior stakeholders

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free