Lead Security Engineer Cloud Proxy

Take on a crucial role where youll be a key part of a high-performing team delivering secure scalable cloud network perimeter solutions. Make a real impact as you help shape the future of cloud egress security at one of the worlds largest and most influential companies.

As a Lead Security Engineer at JPMorganChase within the Cloud Edge Proxy team you will help design secure and operate a critical cloud network perimeter platform that governs outbound cloud traffic at enterprise scale. You will work across engineering and business teams to ensure cloud connectivity is secure reliable and compliant while enabling application teams to onboard and operate confidently.

Job Responsibilities

• Designs develops and maintains secure software solutions for cloud network perimeter infrastructure writing high-quality production code and reviewing code written by others across the full development lifecycle

• Uses enterprise-authorized AI capabilities within the work environment to accelerate threat modeling vulnerability analysis synthesis and security documentation validating outputs and ensuring sensitive data is handled appropriately.

• Builds and manages infrastructure-as-code (IaC) to automate the provisioning configuration and scaling of cloud networking and proxy infrastructure in a consistent repeatable and auditable manner

• Manages and operates enterprise-scale proxy infrastructure ensuring high availability performance and security of egress traffic controls across cloud environments
• Develops and maintains automation tooling to streamline network configuration proxy onboarding workflows certificate management and policy enforcement
• Troubleshoots complex network and proxy connectivity issues across cloud environments applying structured diagnostic approaches to identify root cause and drive resolution
• Collaborates with application teams platform engineers and architects to design secure and scalable network connectivity patterns that meet both technical and business requirements
• Minimizes security vulnerabilities by following industry insights and evolving best practices continuously improving network perimeter controls and validating their effectiveness
• Adds to team culture of diversity opportunity inclusion and respect
• Applies reuse-first AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation ensuring traceability/auditability and alignment to resiliency and security expectations.

Required Qualifications Capabilities and Skills

• Formal training or certification in software engineering security engineering or network engineering concepts and 5 years of applied experience in one or more of these disciplines
• Skilled in planning designing and implementing enterprise-level security and/or network solutions within cloud environments
• Develops secure and high-quality production code and reviews and debugs code written by others with a focus on cloud network security automation and infrastructure-as-code
• Minimizes security vulnerabilities by following industry insights and governmental regulations to continuously evolve security protocols including creating processes to determine the effectiveness of current controls
• Works with stakeholders and business leaders to understand secure connectivity requirements and recommend appropriate architectural patterns and modifications during periods of vulnerability or change
• Experience with AWS services including serverless solutions ECS EC2 Lambdas API Gateway and networking services such as VPCs Transit Gateway and PrivateLink
• Ability to review and validate AI-assisted code/security recommendations before adoption escalating uncertainty and ensuring outcomes align to security resiliency and auditability expectations.

• Good communication skills teamwork capabilities and a self-learning attitude

• Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity.

Preferred Qualifications Capabilities and Skills

• Experience with forward or reverse proxy technologies and architectures at enterprise scale (e.g. F5 Squid Envoy or equivalent)
• Hands-on experience with TLS/SSL certificate management PKI mTLS and truststore configuration in cloud-native environments
• Strong understanding of proxy protocols (HTTP CONNECT HTTPS SOCKS5) DNS-based routing and network egress control patterns
• Experience effectively communicating with senior business leaders
• AWS Certifications (e.g. Solutions Architect Security Specialty Advanced Networking Specialty)