Sr Lead Cybersecurity Architect
JPMorgan Chase
- Bournemouth
- Permanent
- Full-time
- Proactive, threat-informed testing, simulations, & assessments that validate readiness and drive down residual risk.
- An end-to-end technology resiliency control framework linked to robust governance & reporting structures to ensure appropriate visibility and accountability.
- A multi-year, prioritized resiliency investment strategy focused on uplifting core tooling, capabilities, and controls to enable the Firm's top strategic priorities across key areas such as Public Cloud, Technology Modernization, AI/ML, and ongoing business expansion (among others)
- Ongoing regulatory & financial industry engagement to support the strengthening of sector-level resiliency & readiness
- Proactive threat and vulnerability analyses that ensure the above activities are grounded in the current risk landscape and most plausible disruptive scenarios.
- Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
- Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
- Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
- Serves as function-wide subject matter expert in one or more areas of focus
- Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
- Influences peers and project decision-makers to consider the use and application of leading-edge technologies
- Adds to team culture of diversity, equity, inclusion, and respect
- Work closely with Line of Business architects and Product infrastructure technologists to develop resilient architectures, design patterns and solutions that cover primary Plausible Destructive Event scenarios, ensuring that these are designed and implemented in a resilient manner
- Be key Subject Matter Expert leader across the technology organization on resiliency programs and initiatives
- Provide guidance and oversight in the development and implementation of resiliency controls to provide continuous monitory of the Firms capability to recover from a cyber malware event. As well as ensuring that Cyber recovery playbooks are clearly defined, documented, communicated, adhered to, and are audit compliant
- Define and implement post-mortem / root-cause analysis processes - develop improved testing scenarios based upon analysis
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Advanced in one or more programming languages or applications
- Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- Ability to tackle design and functionality problems independently with little to no oversight
- Practical cloud native experience
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
- Proven leader with successful track record driving large scale technology projects from inception to implementation, including strength in both business and technical requirements analysis
- Ability to think strategically on how to create firm wide solutions to meet business requirements and ability to communicate effectively to both business and technical audiences coupled with strong written and verbal communication skills, including the ability to present to larger audience and manage large working group
- Ability to orchestrate and drive complex strategies and solutions
- Proven ability to build strong, cohesive partnerships with the business, operations, technology & other key stakeholders, including external vendor partners, and work effectively in a matrix organization
- Superior analytical and problem-solving skills, including the ability in conducting security design reviews and recognizing vulnerabilities in systems
- Strong hands-on experiences and technical depth in one, or more technology areas, including Data security, Infrastructure security, Endpoint/Platform security, Distributed Technologies, Replication technology, data security, Cloud or Application Security. Some Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
- Knowledge of network security architecture concepts, including topology, protocols, components, and principles would be advantageous
- Prior experience in cybersecurity design / engineering would be advantageous
- Prior experience in disaster and/or cyber recovery planning and testing would be advantageous.
- Prior experience working with external auditors and regulators would be advantageous
- In depth knowledge of system and application vulnerabilities e.g. OWASP, NIST, SANS…
- Bachelor's degree in Computer Science, or a related field as well as accreditation in CISSP, CISM, CISA, CRISC, AWS would be a bonus