Senior Lead Security Engineer

Join a team at the forefront of securing the future of connected devices and smart environments within a world-renowned company.

As a Senior Lead Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls, you will be an integral part of an agile team delivering software solutions that meet functional and user requirements, with a strong focus on preventing misuse, circumvention, and malicious behavior in IoT environments. You will drive significant business impact through your technical expertise, hands-on development, and problem-solving skills, tackling a diverse array of cybersecurity challenges unique to IoT and related technology domains. In addition to your individual contributions, you will mentor and guide junior engineers, fostering their growth and ensuring high standards in code quality and security practices. As part of the IoT Asset Intelligence team in Cybersecurity & Technology Controls, you will play a crucial role in protecting JPMorgan Chase's expanding Internet of Things (IoT) ecosystem-including interconnected buildings, operational technologies, and networked devices-by delivering innovative, scalable security solutions.

Job Responsibilities

• Facilitates the requirements for the development of security visibility solutions with 3rd party and internal tooling to enable multi-level security to satisfy organizational needs.
• Works with stakeholders and senior business leaders to expand control coverage of novel technologies, including IoT, OT, and BMS platforms throughout the firm.
• Leads the development and execution of technical requirements in the deployment of scalable solution in IoT, OT, and BMS network visibility leveraging cloud-native backend systems and infrastructure-as-code tools, performing code reviews, and providing technical guidance to junior engineers.
• Triage threats based on risk assessments and manage resources to mitigate the impact of disruptive events.
• Mentor junior engineers, supporting their professional development and promoting best practices in secure coding and software design.

• Formal training or certification on security engineering concepts and 5+ years applied experience
• Advanced proficiency in one or more programming languages.
• Advanced knowledge of software application development and technical processes, with considerable expertise in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, IoT, etc.).
• Extensive experience with threat modeling, vulnerability discovery, and penetration testing, including IoT or embedded systems.
• Ability to independently tackle design and functionality problems with minimal oversight.
• Practical experience with cloud-native technologies.

• Experience mentoring or coaching junior engineers.
• Skilled in planning, designing, and implementing enterprise-level security solutions, with experience in IoT or networked device environments.
• Ability to explain complex technical concepts to non-technical stakeholders.
• Familiarity with DevSecOps practices and secure software development lifecycle.
• Experience working in large, complex enterprise environments.
• Relevant certifications (e.g., CISSP, CISM, AWS Certified Security, etc.) are a plus