Lead Security Engineer - Cloud Proxy

JOB DESCRIPTION

Take on a crucial role where you'll be a key part of a high-performing team delivering secure, scalable cloud network perimeter solutions. Make a real impact as you help shape the future of cloud egress security at one of the world's largest and most influential companies.

As a Lead Security Engineer at JPMorgan

Chase within the Cloud Edge Proxy team, you will help design, secure, and operate a critical cloud network perimeter platform that governs outbound cloud traffic at enterprise scale. You will work across engineering and business teams to ensure cloud connectivity is secure, reliable, and compliant, while enabling application teams to onboard and operate confidently.

• Designs, develops, and maintains secure software solutions for cloud network perimeter infrastructure, writing high-quality production code and reviewing code written by others across the full development lifecycle
• Uses enterprise-authorized AI capabilities within the work environment to accelerate threat modeling, vulnerability analysis synthesis, and security documentation, validating outputs and ensuring sensitive data is handled appropriately
• Builds and manages infrastructure-as-code (IaC) to automate the provisioning, configuration, and scaling of cloud networking and proxy infrastructure in a consistent, repeatable, and auditable manner
• Manages and operates enterprise-scale proxy infrastructure, ensuring high availability, performance, and security of egress traffic controls across cloud environments
• Develops and maintains automation tooling to streamline network configuration, proxy onboarding workflows, certificate management, and policy enforcement
• Troubleshoots complex network and proxy connectivity issues across cloud environments, applying structured diagnostic approaches to identify root cause and drive resolution
• Collaborates with application teams, platform engineers, and architects to design secure and scalable network connectivity patterns that meet both technical and business requirements
• Minimizes security vulnerabilities by following industry insights and evolving best practices, continuously improving network perimeter controls and validating their effectiveness
• Adds to team culture of diversity, opportunity, inclusion, and respect
• Applies reuse-first, AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation, ensuring traceability/auditability and alignment to resiliency and security expectations

• Formal training or certification in software engineering, security engineering, or network engineering concepts and 5+ years of applied experience in one or more of these disciplines
• Skilled in planning, designing, and implementing enterprise-level security and/or network solutions within cloud environments
• Develops secure and high-quality production code and reviews and debugs code written by others, with a focus on cloud network security automation and infrastructure-as-code
• Minimizes security vulnerabilities by following industry insights and governmental regulations to continuously evolve security protocols, including creating processes to determine the effectiveness of current controls
• Works with stakeholders and business leaders to understand secure connectivity requirements and recommend appropriate architectural patterns and modifications during periods of vulnerability or change
• Experience with AWS services including serverless solutions, ECS, EC2, Lambdas, API Gateway, and networking services such as VPCs, Transit Gateway, and Private Link
• Ability to review and validate AI-assisted code/security recommendations before adoption, escalating uncertainty and ensuring outcomes align to security, resiliency, and auditability expectations
• Good communication skills, teamwork capabilities, and a self-learning attitude
• Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity

• Experience with forward or reverse proxy technologies and architectures at enterprise scale (e.g., F5, Squid, Envoy, or equivalent)
• Hands-on experience with TLS/SSL certificate management, PKI, mTLS, and trust store configuration in cloud-native environments
• Strong understanding of proxy protocols (HTTP CONNECT, HTTPS, SOCKS5), DNS-based routing, and network egress control patterns
• Experience effectively communicating with senior business leaders
• AWS Certifications (e.g., Solutions Architect, Security Specialty, Advanced Networking Specialty)

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company.

We do not discriminate on the basis of any…