Sr Lead Cybersecurity Architect

JPMorgan Chase

  • Bournemouth
  • Permanent
  • Full-time
  • 15 days ago
Job Description:Cybersecurity and Technology Controls' Firmwide Technology Resiliency (FTR) organization is tasked with ensuring the Firm's technology estate can maintain effective operations and support the ongoing, critical functioning of Essential Business Services in the face of today's evolving threat landscape. The FTR team partners across all JPMC Lines of Business and Corporate Functions to drive & deliver the following:
  • Proactive, threat-informed testing, simulations, & assessments that validate readiness and drive down residual risk.
  • An end-to-end technology resiliency control framework linked to robust governance & reporting structures to ensure appropriate visibility and accountability.
  • A multi-year, prioritized resiliency investment strategy focused on uplifting core tooling, capabilities, and controls to enable the Firm's top strategic priorities across key areas such as Public Cloud, Technology Modernization, AI/ML, and ongoing business expansion (among others)
  • Ongoing regulatory & financial industry engagement to support the strengthening of sector-level resiliency & readiness
  • Proactive threat and vulnerability analyses that ensure the above activities are grounded in the current risk landscape and most plausible disruptive scenarios.
As a Senior Lead Cybersecurity Architect in FTR, you will be an integral part of a dynamic team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Partnering with other members of Cybersecurity, Line of Business Resiliency Leads and technologists across the firm in developing real life scenarios. Ensuring that resiliency is designed across the life cycle of both infrastructure technology and applications, thereby driving the timely and successful execution of the firmwide Recovery and Resiliency strategy. In addition, you will drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity and resiliency challenges that span multiple technology domains.You should be a strong technologist who is flexible, resilient, an innovative thinker, as well as a natural collaborator with enterprise architects, engineers, developers, and senior management from across the organization. As a Senior Lead Cybersecurity Architect, with a focus on resiliency you would be expected to lead and promote resilient architecture enabling resiliency/agility within our global technology products. In addition, you must possess strong technical leadership skills, the ability to influence at all levels of the organization, demonstrated success in working with teams particularly in a matrix fashion, and communicate effectively through clarity of thought and demonstrated understanding of business and technical requirements. Additionally, you would have been in a cybersecurity engineering / architecture role with some application knowledge.Job responsibilities
  • Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
  • Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
  • Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
  • Serves as function-wide subject matter expert in one or more areas of focus
  • Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
  • Influences peers and project decision-makers to consider the use and application of leading-edge technologies
  • Adds to team culture of diversity, equity, inclusion, and respect
  • Work closely with Line of Business architects and Product infrastructure technologists to develop resilient architectures, design patterns and solutions that cover primary Plausible Destructive Event scenarios, ensuring that these are designed and implemented in a resilient manner
  • Be key Subject Matter Expert leader across the technology organization on resiliency programs and initiatives
  • Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitory of the Firms capability to recover from a cyber malware event. As well as ensuring that Cyber recovery playbooks are clearly defined, documented, communicated, adhered to, and are audit compliant
  • Define and implement post-mortem / root-cause analysis processes - develop improved testing scenarios based upon analysis
Required qualifications, capabilities, and skills
  • Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
  • Advanced in one or more programming languages or applications
  • Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
  • Ability to tackle design and functionality problems independently with little to no oversight
  • Practical cloud native experience
  • Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
  • Proven leader with successful track record driving large scale technology projects from inception to implementation, including strength in both business and technical requirements analysis
  • Ability to think strategically on how to create firm wide solutions to meet business requirements and ability to communicate effectively to both business and technical audiences coupled with strong written and verbal communication skills, including the ability to present to larger audience and manage large working group
  • Ability to orchestrate and drive complex strategies and solutions
  • Proven ability to build strong, cohesive partnerships with the business, operations, technology & other key stakeholders, including external vendor partners, and work effectively in a matrix organization
  • Superior analytical and problem-solving skills, including the ability in conducting security design reviews and recognizing vulnerabilities in systems
Preferred qualifications, capabilities, and skills
  • Strong hands-on experiences and technical depth in one, or more technology areas, including Data security, Infrastructure security, Endpoint/Platform security, Distributed Technologies, Replication technology, data security, Cloud or Application Security. Some Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
  • Knowledge of network security architecture concepts, including topology, protocols, components, and principles would be advantageous
  • Prior experience in cybersecurity design / engineering would be advantageous
  • Prior experience in disaster and/or cyber recovery planning and testing would be advantageous.
  • Prior experience working with external auditors and regulators would be advantageous
  • In depth knowledge of system and application vulnerabilities e.g. OWASP, NIST, SANS…
  • Bachelor's degree in Computer Science, or a related field as well as accreditation in CISSP, CISM, CISA, CRISC, AWS would be a bonus
About Us: J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our for more information about requesting an accommodation.About the Team: Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.

JPMorgan Chase