Sr. Lead Security Engineer Google Cloud Platform
Job Summary
Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers.
As a Senior Lead Security Engineer at JPMorganChase within the Enterprise Product Security with expertise in Google Cloud artificial intelligence (AI) application security threat modelling and the software development lifecycle (SDLC) youare an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse circumvention and malicious behaviour. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.
Job responsibilities
- Facilitates security requirementsclarificationfor multiple networks toenablemulti-levelsecurity to satisfy organisationalneeds.
- Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability and serve as function-wide subject matter expert in one or more areas of focus
- Be responsible for triaging based on risk assessments of various threats manage resources to cover impact of disruptive events and implement corrective actions to prevent future occurrences.
- Uses enterprise-authorized AI capabilities within the work environment to accelerate security risk analysis and documentation (e.g. synthesising threat assessments) validating outputs and ensuring sensitive data is handled appropriately.
- Applies reuse-first AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation ensuring traceability/auditability and alignment to resiliency and security expectations.
- Develop and enhance threat modelling frameworks processes and documentation tailored to organizational needs. Communicate threat modelling findings and risk mitigation strategies to both technical and non-technical stakeholders including executive leadership.
- Cloud Security: Design implement and manage security solutions in Google Cloud Platform (GCP) to protect sensitive data and applications.
- AI Security: Develop and enforce security controls for AI applications particularly those involving coding assistants ensuring they are resilient against threats and vulnerabilities.
- Application Security: conduct threat modelling code reviews and vulnerability testing for applications to identify and mitigate security risks.
- SDLC Integration: Collaborate with development teams to integrate security practices into the software development lifecycle ensuring security is a fundamental aspect of application design and deployment.
- Policy Development: Develop and maintain security policies standards and procedures to ensure compliance with industry regulations and best practices.
Required qualifications capabilities and skills
- 10 years of experience in security engineering or related field and a bachelors degree in Computer Science Information Technology Cybersecurity or a related field
- Proven experience with Google Cloud Platform (GCP) security services and tools and practical cloud native experience
- Experience with designing building and running security solutions at scale and knowledge of security frameworks and standards (e.g. OWASP NIST ISO 27001).
- Strong understanding of application security principles and practices.
- Experience with the software development lifecycle (SDLC) and secure coding practices.
- Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity.
- Ability to review and validate AI-assisted security recommendations before adoption escalating uncertainty and ensuring outcomes align to security resiliency and auditability expectations.
- Skilled in planning designingand implementing enterprise-level security solutions
- Advanced in one or more programming languages (e.g. Python Java) and advanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g. cloud artificial intelligence machine learning mobile etc.)
- Extensive experience with threat modelling discovery vulnerability and penetration testing
- Strong analytical and problem-solving skills the ability to work independently and as part of a team and excellent communication and collaboration abilities.
Preferred qualifications capabilities and skills
- Relevant certifications such as CISSP CISM CEH or Google Cloud Professional Cloud Security Engineer are a plus.
- Experience with multiple cloud solutions (AWS Azure)
Required Experience:
Senior IC
About Company
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans ov ... View more