Software Engineer II - Cloud Sec

Are you ready to elevate your career in the rapidly growing field of cloud security? Join our Aumni Cloud Security team, where your expertise in Infrastructure as Code (IaC), Kubernetes, and CI/CD security gates will drive innovation and protect our mission-critical systems. We offer unparalleled opportunities for career growth and a collaborative environment where you can thrive and contribute to meaningful projects.

As a Cloud Security Engineer at JPMorgan Chase within the Aumni Cloud Security team, your primary responsibility will be to safeguard the security, availability, and integrity of our cloud-based infrastructure and applications. You will work in collaboration with different teams to enforce stringent security protocols, detect potential vulnerabilities, and manage security incidents efficiently. Your role will be instrumental in preserving our organization's confidential data and upholding a strong security stance in the constantly changing cloud environment.

Job Responsibilities

• Design, write, implement, and review security controls for IaC frameworks (e.g., Terraform, CloudFormation) to ensure secure provisioning and management of cloud resources.
• Collaborate with development teams to integrate security best practices into the IaC and IaC pipelines.
• Develop and implement security controls for Kubernetes clusters, ensuring secure configuration, network policies, authentication, and authorization.
• Conduct regular vulnerability assessments and penetration tests on Kubernetes infrastructure and applications.
• Define and enforce security gates and best practices for continuous integration and continuous deployment (CI/CD) pipelines.
• Automate security checks and code analysis to identify and remediate vulnerabilities early in the development lifecycle.
• Participate in an on-call rotation for security incidents and respond to security events promptly.
• Conduct root cause analysis of security incidents, document lessons learned, and propose improvements to prevent future incidents.
• Assist in conducting security assessments, audits, and compliance reviews to ensure adherence to industry standards and regulatory requirements.
• Implement and maintain security monitoring and logging systems to detect and respond to security events in real-time.

Required Qualifications, Capabilities, and Skills

• Formal training or certification in Cloud Security Engineer concepts and 2+ years of applied experience.
• Strong knowledge of cloud security principles, best practices, and technologies (AWS).
• Hands-on experience with IaC frameworks (Terraform, CloudFormation) and configuration management tools.
• Proficiency in securing Kubernetes clusters, containerization, and microservices architectures.
• Familiarity with CI/CD pipelines, automated security testing, and secure code review practices.
• In-depth understanding of incident response methodologies, including detection, analysis, containment, and recovery.
• Experience with security audits, compliance frameworks, and regulatory requirements.
• Knowledge of network security, firewalls, IDS/IPS, and vulnerability management tools.
• Excellent analytical and problem-solving skills, with a keen attention to detail.

Preferred Qualifications, Capabilities, and Skills

• Proven experience interacting with major institutional Emerging investors.
• Experience with government bond obligations in the region.
• Bachelor's degree in Engineering, Finance, Math, or a related quantitative field.