Research JPMorgan Chase before you apply
Check ratings, real-employee reviews, verified pay, and interview difficulty.
Join a high-performing team where your expertise in software security will drive impactful solutions. Grow your career as you help shape the future of secure technology at JPMorganChase.
As a Lead Security Engineer at JPMorganChase within the Cybersecurity and technology controls team, you deliver software solutions that meet functional and user requirements while preventing misuse and malicious behavior. You play a key role in providing critical technology solutions using tamper-proof, audit-defensible methods across multiple technical areas. You are an integral part of a collaborative team, contributing to secure and scalable enterprise-grade solutions.
Job responsibilities
- Execute creative security solutions, design, development, and technical troubleshooting to break down complex technical problems
- Develop secure, high-quality production code; review and debug code written by others, focusing on Python backend development and public cloud (AWS/Azure/GCP)
- Design and develop APIs and backend services using Python modules, ensuring robust and scalable solutions
- Minimize security vulnerabilities by applying industry insights and governmental regulations to evolve security protocols
- Partner with platform and cloud security teams to ensure secure infrastructure configuration and alignment with enterprise security architecture
- Collaborate with stakeholders and business leaders to understand security needs and recommend business modifications during periods of vulnerability
- Uses enterprise-authorized AI capabilities within the work environment to accelerate threat modeling, vulnerability analysis synthesis, and security documentation, validating outputs and ensuring sensitive data is handled appropriately.
- Applies reuse-first, AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation, ensuring traceability/auditability and alignment to resiliency and security expectations.
Required qualifications, capabilities and skills
- Formal training or certification on security engineering concepts and 5+ years applied experience
- Strong engineering foundation with substantial expertise in Python programming and cloud security engineering
- Advanced hands-on programming skills in one or more languages
- Experience with Infrastructure as Code (IaC) tools such as Terraform, AWS CloudFormation, Google Deployment Manager, or Azure Resource Manager
- Skilled in architecture, planning, designing, and implementing enterprise-level applications
- Experience with ideation to production-ready application development
- Proficient across the Software Development Life Cycle (SDLC) in public cloud environments
- Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity.
- Advanced understanding of agile methodologies such as CI/CD, application resiliency, and security
Preferred qualifications, capabilities and skills
- Hands-on experience with AI/ML backend product development
- Cloud computing related certifications with an AWS/Azure/GCP focus, such as AWS Certified Security, Solutions Architect, Developer Engineer, or similar
- Golang programming experience