Security Engineer [Multiple Positions Available]

JPMorganChase•Plano, TX

About The Position

DESCRIPTION: Duties: Report to functional lead of the program and partner with product teams to assess and standardize security practices, raise the security bar on product environments, and harden the product features. Teaching application security and secure development practices. Scope application security assessments and penetration tests. Contribution to security training development and implementation. Lead the evaluation of security controls, such as libraries and frameworks, their development and their deployment. Guidance in the development of prototypes, Proofs of Concept and Reference Models for shared security controls at our Firm. Threat Modeling according to standardized processes. Evaluation of architectural conformance to the firm's security standards. Interpretation of the firm's Control Objectives in the context of novel application architectures. This position requires up to 10% domestic and international travel. QUALIFICATIONS: Minimum education and experience required: Bachelor's degree in Electronic Engineering, Computer Science, Computer Information Systems, Computer Engineering, or related field of study plus 5 years (60 months) of experience in the job offered or as Security Engineer, IT Security Analyst, Information Security, or related occupation. The employer will alternatively accept a Master's degree in Electronic Engineering, Computer Science, Computer Information Systems, Computer Engineering, or related field of study plus 3 years (36 months) of experience in the job offered or as Security Engineer, IT Security Analyst, Information Security, or related occupation. This position requires up to 10% domestic and international travel.

Requirements

Bachelor's degree in Electronic Engineering, Computer Science, Computer Information Systems, Computer Engineering, or related field of study plus 5 years (60 months) of experience in the job offered or as Security Engineer, IT Security Analyst, Information Security, or related occupation.
Master's degree in Electronic Engineering, Computer Science, Computer Information Systems, Computer Engineering, or related field of study plus 3 years (36 months) of experience in the job offered or as Security Engineer, IT Security Analyst, Information Security, or related occupation.
Experience with Security fundamentals including: cryptography, modern memory safety, operating system internals, and web services security
Experience on security threats, including: cloud security, operating system security, hypervisor security, and application security
Utilizing common open standards, including: mTLS, OpenID, and the shared responsibility model
Experience with at least one of the following object-oriented programming languages: Java, C#, or Python
Utilizing Penetration testing
Utilizing DevOps processes in a Cloud or SaaS environment
Operating at least one of the following public cloud environments: Amazon Web Services, Google App Engine, Azure, or Oracle Cloud
Experience with at least one of the following programming languages: Go or Rust
This position requires up to 10% domestic and international travel.

Responsibilities

Report to functional lead of the program and partner with product teams to assess and standardize security practices
Raise the security bar on product environments
Harden the product features
Teaching application security and secure development practices
Scope application security assessments and penetration tests
Contribution to security training development and implementation
Lead the evaluation of security controls, such as libraries and frameworks, their development and their deployment
Guidance in the development of prototypes, Proofs of Concept and Reference Models for shared security controls
Threat Modeling according to standardized processes
Evaluation of architectural conformance to the firm's security standards
Interpretation of the firm's Control Objectives in the context of novel application architectures