Lead Cybersecurity Architect - CTC M&A

Job Description
Join one of the world's most influential companies and leverage your skills in cybersecurity to have a real impact on the financial industry. As a Cybersecurity Architect within the Cybersecurity and Technology Controls organization, you'll be an integral part of a team that develops high-quality, repeatable, and scalable cybersecurity solutions. Apply your expertise to lead complex projects, understand problem spaces, quantify risk, and recommend solution approaches.
As a Cybersecurity Architect, you will conduct technology and cybersecurity evaluations, build strong relationships with stakeholders, and design security solutions for newly acquired businesses. Your role involves performing threat modeling, identifying automation opportunities, and fostering a culture of diversity, equity, inclusion, and respect.
Job Responsibilities:

• Conduct technology and cybersecurity evaluations for potential target acquisitions, external vendor products, and existing line of business products and services.
• Build strong relationships with technology stakeholders, including the JPMC Cyber Security Architecture organization, to maintain alignment in control intent and solution design.
• Communicate effectively using detailed reports, presentations, or other methods to convey cybersecurity posture, technical complexities, and regulatory and compliance risks.
• Design security solutions to manage risk at newly acquired businesses.
• Develop effective relationships with acquired company leadership and teams, fostering trust and driving cultural alignment with JPMorgan Chase.
• Perform threat modeling to identify potential security risks and develop mitigation strategies.
• Identify opportunities to automate remediation of recurring security issues to enhance the overall cybersecurity posture of software applications and systems.

Required Qualifications, Capabilities, and Skills:

• Formal training or certification in Cybersecurity or related concepts (e.g., CISSP, CISM, GIAC, CCSP, OSCP).
• Significant professional experience in cybersecurity mid-senior technical positions.
• Practical working knowledge of, or experience working in organizations subject to, global financial regulations (e.g., FFIEC, GDPR, SOC2).
• Hands-on experience in threat modeling and designing secure controls for enterprise-level solutions.
• Thorough design and operations experience in one or more of the large public cloud providers (e.g., AWS, Azure, Google Cloud); certifications advantageous.
• Experience in designing and securing cloud-native and hybrid architectures.
• Advanced understanding of agile methodologies, including continuous integration and delivery, application resiliency, and security.
• Experience effectively communicating with senior business leaders.

Preferred Qualifications, Capabilities, and Skills:

• Experience in Application Security & Software Development Life Cycle.
• Proficiency in one or more programming languages.
• Proficiency with configuration and management of Cloud Security Posture Management (CSPM) tools and issue resolution.
• Prior experience with Mergers & Acquisition integration activities.
• In-depth knowledge of the financial services industry and their IT systems.

About Us
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
About the Team
The Cybersecurity & Technology Controls group at JPMorganChase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.