Security Engineer III OffensiveDefensive Web Security

Plano, TX - USA

Monthly Salary: Not Disclosed

Posted on: 22 hours ago

Vacancies: 1 Vacancy

Job Summary

Description

Your seniority as a security engineer puts you in the ranks of the top talent in your field. Play a critical role at one of the worlds most iconic financial institutions where security is vital.

As a Security Engineer III at JPMorganChase within the Cybersecurity and Technology Controls Line of Business youserve as a seasoned member of a team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse circumvention and malicious behavior. Carry out critical technology solutions with tamper-proof audit defensible methods across multiple technical areas within various business functions in support of the firms business objectives

Job responsibilities

Executes security solutions design development and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e.g. product platform application owners)
Applies specialized tools ( scanner) to analyzeand correlate incident data toidentify interpret andsummarize the probability andimpact of threats whendetermining specificvulnerabilities
Leads delivery of continuity-related awareness training educational activities andexercises
Manages and maintains security configuration baselines for web hosting and application server infrastructure assets including Apache HTTP Server Apache Tomcat Microsoft IIS IBM HTTP Server WebSphere Application Server Nginx and related technologies
Coordinates with product engineering teams application owners and control domain stakeholders to define implement and monitor secure baseline configurations across multiple platforms.
Conducts annual baseline recertification activities mapping security controls to industry standards (CIS Benchmarks STIGs) and coordinating material changes across engineering monitoring and customer communication teams
Collaborates with configuration drift monitoring teams to develop test and maintain detection policies that ensure compliance with published security configuration standards
Provides technical guidance and remediation support to application teams for security configuration findings
Adds to team culture of diversity opportunity inclusion and respect

Required qualifications capabilities and skills

Formal training or certification on security engineering concepts and 3 years applied experience
Experience developing security engineering solutions
Proficient in coding in one of more languages
Overall knowledge of the Software Development Life Cycle
Solid understanding of agile methodologies such as CI/CD application resiliency and security
Experience with security configuration management baseline hardening and compliance frameworks
Strong analytical and problem-solving skills with ability to interpret technical security requirements and translate them into actionable controls

Preferred qualifications capabilities and skills

Experience with web server and application server technologies (Apache Tomcat IIS WebSphere Nginx)
Familiarity with configuration drift monitoring tools and SIEM platforms
Knowledge of industry security benchmarks and standards (CIS DISA STIGs NIST)
Experience working with cross-functional teams including product engineering SREs and control domain stakeholders
Understanding of cloud and container security configurations
Strong written and verbal communication skills for technical documentation and stakeholder engagement
Certifications such as OSCP or OSCE is a plus

#CTC

Required Experience:

DescriptionYour seniority as a security engineer puts you in the ranks of the top talent in your field. Play a critical role at one of the worlds most iconic financial institutions where security is vital.As a Security Engineer III at JPMorganChase within the Cybersecurity and Technology Controls Li...

Description

Your seniority as a security engineer puts you in the ranks of the top talent in your field. Play a critical role at one of the worlds most iconic financial institutions where security is vital.

Job responsibilities

Executes security solutions design development and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e.g. product platform application owners)
Applies specialized tools ( scanner) to analyzeand correlate incident data toidentify interpret andsummarize the probability andimpact of threats whendetermining specificvulnerabilities
Leads delivery of continuity-related awareness training educational activities andexercises
Manages and maintains security configuration baselines for web hosting and application server infrastructure assets including Apache HTTP Server Apache Tomcat Microsoft IIS IBM HTTP Server WebSphere Application Server Nginx and related technologies
Coordinates with product engineering teams application owners and control domain stakeholders to define implement and monitor secure baseline configurations across multiple platforms.
Conducts annual baseline recertification activities mapping security controls to industry standards (CIS Benchmarks STIGs) and coordinating material changes across engineering monitoring and customer communication teams
Collaborates with configuration drift monitoring teams to develop test and maintain detection policies that ensure compliance with published security configuration standards
Provides technical guidance and remediation support to application teams for security configuration findings
Adds to team culture of diversity opportunity inclusion and respect

Required qualifications capabilities and skills

Formal training or certification on security engineering concepts and 3 years applied experience
Experience developing security engineering solutions
Proficient in coding in one of more languages
Overall knowledge of the Software Development Life Cycle
Solid understanding of agile methodologies such as CI/CD application resiliency and security
Experience with security configuration management baseline hardening and compliance frameworks
Strong analytical and problem-solving skills with ability to interpret technical security requirements and translate them into actionable controls

Preferred qualifications capabilities and skills

Experience with web server and application server technologies (Apache Tomcat IIS WebSphere Nginx)
Familiarity with configuration drift monitoring tools and SIEM platforms
Knowledge of industry security benchmarks and standards (CIS DISA STIGs NIST)
Experience working with cross-functional teams including product engineering SREs and control domain stakeholders
Understanding of cloud and container security configurations
Strong written and verbal communication skills for technical documentation and stakeholder engagement
Certifications such as OSCP or OSCE is a plus

#CTC

Required Experience:

Key Skills

Splunk
IDS
Network security
Computer Networking
Identity & Access Management
PKI
PCI
NIST Standards
Security System Experience
Information Security
Encryption
Siem

Apply Now

About Company

JPMorganChase

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans ov ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click