Lead Security Engineer - Cybersecurity Endpoint Detection and Response

Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies.

As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity & Tech Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions.

Job responsibilities

• Bring your cutting-edge ideas to life as part of a success-driven team that values your deep technical expertise and innovative thinking.
• Work closely with diverse Engineering, Operations, and Support teams within Enterprise Technology and other Lines of Business (LoBs) to understand target platforms and their engineering and deployment processes.
• Enable the Cyber Security Operations Center (SOC) and Attack Analysis teams to detect and prevent sophisticated malicious and suspicious activities on the firm's digital assets.
• Assist Cyber Security Vulnerability Management Ops teams in assessing the impact of new and zero-day vulnerabilities on the firm's assets.
• Collaborate with Cyber Security Threat Intel teams to correlate advanced threat intel with security controls on endpoints, facilitating threat-based prioritization of remediating vulnerabilities and weaknesses.
• Enable Digital Forensics Incident Response teams in performing forensics on digital assets in response to cyber incidents by providing crucial logs/telemetry data, asset containment as well as automated and orchestrated response actions at scale through the EDR platforms.
• Work closely with Windows, Linux, Mac, and Public and Private Cloud platform engineering teams to integrate EDR solutions into base images.
• Providing SME consultancy and RFI support in regional audit and regulatory RFI responses.
• Conduct thorough investigations requiring deep technical understanding of the product and the environment it is deployed to, working with Platform Operate and Support teams, as well as vendor tech support teams, to identify and resolve complex issues on target endpoints.
• Engage in Proof of Concepts (PoCs) to evaluate additional capabilities, complementing the continuous expansion and evolution of the Endpoint Detection & Response strategy.
• Contribute to a team culture of diversity, equity, inclusion, and respect. Mentor and guide junior team members, helping them develop their technical skills and grow in their careers.

• Bachelor's Degree in Computer Science or equivalent
• Formal training or certification on Security Engineering concepts and applied experience
• Provide technical expertise throughout the software lifecycle, including design, implementation, and delivery.
• Strong understanding and experience in orchestration and deployment automation platforms such as SCCM, Ansible, Chef, Puppet, or similar.
• Strong understanding and experience in cybersecurity endpoint security and vulnerability management domains.
• Strong understanding and experience in one or more of the following - public cloud platforms such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure compute, network, storage, monitoring, automation, orchestration services, virtualization technologies, containerization technologies such as Kubernetes and VMware Tanzu, or serverless technologies such as AWS Step Functions and Lambda.
• Software development experience in general-purpose programming languages such as Python, PowerShell, bash, or Go, APIs.
• Understanding and experience in Agile and Lean methodologies.
• Strong critical-thinking and problem-solving skills with clear and inclusive communication style.
• Ability to collaborate with different roles and personas across lines of businesses to achieve common goals.

• Experience effectively communicating with senior business leaders
• Experience in enterprise deployment platforms and deploying at scale to Windows, Linux, or macOS environments is an advantage.
• Experience with products such as CrowdStrike Falcon Platform and Palo Alto Cortex XDR is a strong advantage.