Play a vital role in shaping the future of an iconic company and make a direct impact in a dynamic environment designed for top achievers.
As a Principal Cybersecurity Architect at JPMorganChase within the Cybersecurity & Tech Controls team, youare an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.
Job responsibilities
Leads the Threat Modeling Center of Excellence community, driving the strategic vision, development, and implementation of threat modeling practices across the enterprise.
Collaborates with business, technology, and risk stakeholders to embed threat modeling into the architecture review lifecycle and ensure alignment with organizational security objectives.
Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors.
Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
Serves as function-wide subject matter expert in one or more areas of focus
Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
Influences peers and project decision-makers to consider the use and application of leading-edge technologies
Adds to team culture of diversity, opportunity, inclusion, and respect
Required qualifications, capabilities, and skills
Formal training or certification in software engineering concepts and 10+ years applied experience
Expert Threat Modeler with hands-on experience as a threat model practitioner
Deep expertise in threat modeling methodologies (e.g., STRIDE-LM, ATT&CK)
Passion for mentoring and instructing others on threat modeling.
Hands‑on practical experience delivering enterprise level cybersecurity solutions and controls
Advanced in one or more programming languages or applications
Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
Ability to tackle design and functionality problems independently with little to no oversight
Practical cloud native experience
Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
Preferred qualifications, capabilities, and skills
Experience working with AI models and complex distributed data sets
Proficiency in designing and implementing security controls for cloud environments (e.g., AWS, Azure, GCP)
Hands‑on experience with security assessment tools, vulnerability scanning tools, and penetration testing methodologies
Experience working in finance or another highly regulated industry. Strong understanding of regulatory requirements such as GDPR, HIPAA, PCI‑DSS, and SOC 2. CISSP, CISM, or other relevant certifications
Experience engaging stakeholders across an organization to set strategy, align on priorities and deliver to a roadmap while managing to business needs and requirements
#J-18808-Ljbffr
As a Principal Cybersecurity Architect at JPMorganChase within the Cybersecurity & Tech Controls team, youare an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.
Job responsibilities
Leads the Threat Modeling Center of Excellence community, driving the strategic vision, development, and implementation of threat modeling practices across the enterprise.
Collaborates with business, technology, and risk stakeholders to embed threat modeling into the architecture review lifecycle and ensure alignment with organizational security objectives.
Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors.
Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
Serves as function-wide subject matter expert in one or more areas of focus
Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle
Influences peers and project decision-makers to consider the use and application of leading-edge technologies
Adds to team culture of diversity, opportunity, inclusion, and respect
Required qualifications, capabilities, and skills
Formal training or certification in software engineering concepts and 10+ years applied experience
Expert Threat Modeler with hands-on experience as a threat model practitioner
Deep expertise in threat modeling methodologies (e.g., STRIDE-LM, ATT&CK)
Passion for mentoring and instructing others on threat modeling.
Hands‑on practical experience delivering enterprise level cybersecurity solutions and controls
Advanced in one or more programming languages or applications
Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
Ability to tackle design and functionality problems independently with little to no oversight
Practical cloud native experience
Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
Preferred qualifications, capabilities, and skills
Experience working with AI models and complex distributed data sets
Proficiency in designing and implementing security controls for cloud environments (e.g., AWS, Azure, GCP)
Hands‑on experience with security assessment tools, vulnerability scanning tools, and penetration testing methodologies
Experience working in finance or another highly regulated industry. Strong understanding of regulatory requirements such as GDPR, HIPAA, PCI‑DSS, and SOC 2. CISSP, CISM, or other relevant certifications
Experience engaging stakeholders across an organization to set strategy, align on priorities and deliver to a roadmap while managing to business needs and requirements
#J-18808-Ljbffr