Sr Lead Security Engineer

Overview

Job Description
Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers.

As a Senior Lead Security Engineer at JPMorgan Chase within Cybersecurity and Technology Controls, you are an integral part of an agile team that delivers secure, innovative software solutions. You will leverage your deep technical expertise and problem-solving skills to address a diverse array of cybersecurity challenges spanning multiple technology domains, driving significant business impact and shaping the organization’s security posture in a rapidly evolving threat landscape.

• Independently design, build, and implement advanced security solutions across cloud, hybrid, and on-prem environments, ensuring alignment with the latest industry best practices and regulatory requirements.
• Actively write code, develop automation, and integrate security controls throughout the software development lifecycle, collaborating with engineering teams to embed security from ideation to deployment.
• Facilitate security requirements clarification for multiple networks to enable multi-level security that satisfies organizational needs.
• Conduct hands-on threat hunting and vulnerability assessments, leveraging automation and modern security tools to identify and mitigate risks before they impact the business. Work with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability.
• Drive adoption and direct implementation of emerging cybersecurity technologies (e.g., zero trust architectures, container security, AI/ML-driven security analytics) to enhance the organization’s security posture. Be responsible for triaging based on risk assessments of various threats and managing resources to cover the impact of disruptive events.
• Utilize a deep understanding of the threat landscape and risk to build security into products and new features. Mentor and provide technical guidance to junior engineers through code reviews and knowledge sharing, while remaining an individual contributor.
• Collaborate cross-functionally with product, infrastructure, and business teams to ensure security requirements are understood, prioritized, and implemented effectively. Stay abreast of the latest cybersecurity trends, threat intelligence, and attack techniques, and translate insights into actionable improvements for the organization.
• Develop and maintain incident response playbooks, and lead post-incident reviews to drive continuous improvement from a technical perspective. Represent the organization in external security forums, conferences, or working groups as a technical expert as needed.
• Actively contribute to an inclusive team environment by mentoring and supporting diverse perspectives.

• Formal training or certification on software engineering concepts and 5+ years of applied experience.
• Proven track record in hands-on design, development, and deployment of enterprise-grade security solutions in public cloud environments (AWS, GCP, Azure), with direct experience integrating security controls into cloud-native architectures. Demonstrated ability to perform comprehensive threat modeling and risk assessments for applications, systems, and architectures using frameworks such as STRIDE, DREAD, or PASTA.
• Advanced proficiency in at least one modern programming language (e.g., Python, C/C#, Go, Java) and scripting for automation and security tooling, with a focus on building and deploying solutions.
• Deep understanding of secure software development practices, including code review, static/dynamic analysis, and vulnerability remediation across multiple technology domains (cloud, AI/ML, mobile, etc.). Experience implementing and managing CI/CD pipelines (e.g., Jenkins, Git Hub Actions) with integrated security testing and controls.
• Expertise in version control systems (e.g., Git, Bit Bucket) and agile work management tools (e.g., Jira), with a focus on collaborative, cross-functional engineering environments.
• Ability to independently solve complex…