Cybersecurity Architect III: Penetration Testing OR Red Teaming

We have an exciting and rewarding opportunity for you to take your career to the next level. 

As a Cybersecurity Architect III at JPMorgan Chase within the Adversarial Insights team in our Cybersecurity & Control team, you will be part of a passionate team dedicated to combating cybersecurity issues and enhancing our security posture. You will join a team of experts conducting design and implementation review workshops from an adversarial perspective. You will perform security reviews and propose technical controls to safeguard our firm’s critical infrastructure against internal and external threats. Your role will involve working with product security and engineering teams to assess strategic solutions for on-premises, cloud, and emerging technologies like Blockchain and AI/ML. You will have the opportunity to balance your workload and engage with stakeholders through architecture reviews, providing a unique opportunity to contribute to our cybersecurity efforts.

The team also conducts in-depth analyses of security and process gaps, providing senior leadership with insights and recommendations. This role involves working with product security and engineering teams to assess strategic solutions for on-premises, cloud, and emerging technologies like Blockchain and AI/ML. The candidate should balance their workload and engage with stakeholders through architecture reviews.

Job responsibilities

• Conduct and facilitate security configuration, deployment, design, and architecture reviews of the firm's products to ensure alignment with organizational policies and standards.
• Collaborate with product teams across various technology domains to review architecture and deployment patterns for compliance with security methodologies.
• Identify security weaknesses in the product's attack surface using an adversary-led approach, verify security controls, and recommend risk mitigation strategies.
• Identify thematic issues and coordinate remediation efforts with stakeholders.
• Provide excellent service to stakeholders during and after architecture reviews.
• Work collaboratively to build meaningful relationships and achieve common goals.
• Contribute to the development of strategic security solutions supporting JPMC businesses.

Required qualifications, capabilities, and skills

• Formal training or certification Cybersecurity concepts and 3+ years applied experience.
• Proficient in application, data, and infrastructure architecture disciplines.
• Demonstrates strong analytical skills with the ability to conduct root cause analysis.
• Hands on experience in offensive security, including penetration testing and red teaming.
• Expertise in security design/architecture reviews and code review/threat modeling at an enterprise level for a minimum of 2 years.
• Experience in areas such as Data Security, Infrastructure Security, Application Security, Cloud Security, Endpoint/Platform Security, Security Analytics, and security testing or compliance frameworks.
• Exhibits strategic thinking with a strong interest in business strategy and processes.

Preferred qualifications, capabilities, and skills

• Proficiency in Python or other scripting languages.
• Familiar with Microservices Architecture, Multi-Cloud environments (AWS, GCP, Azure), and OAuth.

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.