
at J.P. Morgan
Bulge Bracket Investment BanksPosted 13 days ago
No clicks
**Sr Lead Security Engineer** at JPMorganChase directs agile teams delivering secure software solutions. Key responsibilities include: - Technical guidance across business, tech teams, and vendors. - Developing, reviewing, and debugging secure, high-quality code. - Facilitating multi-level security across networks and recommending business modifications during vulnerabilities. - Subject matter expertise, influencing peers with leading-edge security technologies. - AI-assisted practices within SDLC to strengthen security testing and validation, ensuring traceability. - Experienced in cloud service development, proficient in OAuth, SAML, API security, identity federation (5+ years). - Skilled in system design, application development, and threat modeling. - Advanced knowledge in one or more programming languages (C#, C++, Go, Python, Java). - Demonstrated experience with enterprise-authorized AI for security workflows. - Preferred: SSE, CASB, SIEM, API Gateway Development, custom proxy or VPM experience. - Drive significant business impact through innovation and tackle complex cybersecurity challenges.
- Compensation
- Not specified
- City
- Plano
- Country
- United States
Currency: Not specified
Full Job Description
Location: Plano, TX, United States
Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers.
As a Senior Lead Security Engineer at JPMorganChase within the, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.
Job responsibilities
- Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
- Develops secure and high-quality production code, and reviews and debugs code written by others
- Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs
- Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability
- Serves as a function-wide subject matter expert in one or more areas of focus. Influences peers and project decision-makers to consider the use and application of leading-edge technologies
- Applies reuse-first, AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation, ensuring traceability/auditability and alignment to resiliency and security expectations.
- Uses enterprise-authorized AI capabilities within the work environment to accelerate security risk analysis and documentation (e.g., synthesizing threat assessments), validating outputs and ensuring sensitive data is handled appropriately.
Required qualifications, capabilities, and skills
- Formal training or certification with 5+ years of experience incloud service development & integration, proficient in OAuth, SAML, API security, and identity federation. Experience building high performance API first services and integrating tooling
- Skilled in planning, designing, and implementing enterprise-level security solutions. Hands-on practical experience delivering system design, application development, testing, and operational stability
- Advanced in one or more programming languages C#, C++, Go, Python, and Java
- Advanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.). Extensive experience with threat modeling, discovery, vulnerability, and penetration testing
- Ability to tackle design and functionality problems independently with little to no oversight .Deep knowledge of HTTP/HTTPS protocols, SSL/TLS inspection, traffic interception, API gateway patterns
- Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity.
Ability to review and validate AI-assisted security recommendations before adoption, escalating uncertainty and ensuring outcomes align to security, resiliency, and auditability expectations.
- Advanced knowledge of SSE, CASB or SIEM
- Advanced knowledge of API Gateway Development
- Experience with custom proxy or VPM development




