Lead Software Engineer - Security Engineer
Posted 2 months ago
- London, Greater London
- Any
- External
- Expires In a month
Lead Software Engineer - Security EngineerOut of the successful launch of Chase in 2021, we’re a new team, with a new mission. We’re creating products that solve real world problems and put customers at the center - all in an environment that nurtures skills and helps you realize your potential. Our team is key to our success. We’re people-first. We value collaboration, curiosity and commitment.As a Lead Software Engineer at JPMorgan Chase within the accelerator, you are the heart of this venture, focused on getting smart ideas into the hands of our customers. You have a curious mindset, thrive in collaborative squads, and are passionate about new technology. By your nature, you are also solution-oriented, commercially savvy and have a head for fintech. You thrive in working in tribes and squads that focus on specific products and projects – and depending on your strengths and interests, you'll have the opportunity to move between them.While we’re looking for professional skills, culture is just as important to us. We understand that everyone's unique – and that diversity of thought, experience and background is what makes a good team, great. By bringing people with different points of view together, we can represent everyone and truly reflect the communities we serve. This way, there's scope for you to make a huge difference – on us as a company, and on our clients and business partners around the world.Job responsibilities:Guide and define our security practices and standards end-to-end, covering external connectivity and internal service communicationInteract with 3rd party vendors on security-related aspects during onboardingInteract and contributing to a wider security teamReview and regularly improve existing security practices and standardsProvide security architecture review with focus on securityMonitor and mitigate security vulnerabilities reported by a multitude of scanning tools we useRequired qualifications, capabilities and skillsFormal training or certification on software engineering concepts and applied experienceExtensive experience in an engineering role with heavy focus on security (encryption, authorization, authentication, infra security)Working knowledge of Java or KotlinExcellent knowledge of best-practices for securing public APIExcellent knowledge of methods for authentication, authorization and encryption (AuthN/Z, JWT, RBAC, TLS, OAuth2)Understanding of applied cryptography - symmetric/asymmetric cryptographyPractical experience with (m)TLS certificates setupUnderstanding of security vulnerabilities and remediation options in codebases (Java/Kotlin/etc) & containersExcellent knowledge of all of the above concepts in the context of at least one public cloud
provider (AWS, GCP, Azure)Preferred qualifications, capabilities and skillsKnowledge of security/identity SaaS vendors (Auth0, Forgerock)Good understanding of modern SDLC practices and security aspects & tools of CI/CD pipelines (code scanning, container scanning)#ICBcareers #ICBEngineeringJ.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives. Out of the successful launch of Chase in 2021, we’re a new team, with a new mission. We’re creating products that solve real world problems and put customers at the center - all in an environment that nurtures skills and helps you realize your potential. Our team is key to our success. We’re people-first. We value collaboration, curiosity and commitment.As a Lead Software Engineer at JPMorgan Chase within the accelerator, you are the heart of this venture, focused on getting smart ideas into the hands of our customers. You have a curious mindset, thrive in collaborative squads, and are passionate about new technology. By your nature, you are also solution-oriented, commercially savvy and have a head for fintech. You thrive in working in tribes and squads that focus on specific products and projects – and depending on your strengths and interests, you'll have the opportunity to move between them.While we’re looking for professional skills, culture is just as important to us. We understand that everyone's unique – and that diversity of thought, experience and background is what makes a good team, great. By bringing people with different points of view together, we can represent everyone and truly reflect the communities we serve. This way, there's scope for you to make a huge difference – on us as a company, and on our clients and business partners around the world.Job responsibilities:Guide and define our security practices and standards end-to-end, covering external connectivity and internal service communicationInteract with 3rd party vendors on security-related aspects during onboardingInteract and contributing to a wider security teamReview and regularly improve existing security practices and standardsProvide security architecture review with focus on securityMonitor and mitigate security vulnerabilities reported by a multitude of scanning tools we useRequired qualifications, capabilities and skillsFormal training or certification on software engineering concepts and applied experienceExtensive experience in an engineering role with heavy focus on security (encryption, authorization, authentication, infra security)Working knowledge of Java or KotlinExcellent knowledge of best-practices for securing public APIExcellent knowledge of methods for authentication, authorization and encryption (AuthN/Z, JWT, RBAC, TLS, OAuth2)Understanding of applied cryptography - symmetric/asymmetric cryptographyPractical experience with (m)TLS certificates setupUnderstanding of security vulnerabilities and remediation options in codebases (Java/Kotlin/etc) & containersExcellent knowledge of all of the above concepts in the context of at least one public cloud
provider (AWS, GCP, Azure)Preferred qualifications, capabilities and skillsKnowledge of security/identity SaaS vendors (Auth0, Forgerock)Good understanding of modern SDLC practices and security aspects & tools of CI/CD pipelines (code scanning, container scanning)#ICBcareers #ICBEngineeringJ.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit ourFAQs for more information about requesting an accommodation. Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
provider (AWS, GCP, Azure)Preferred qualifications, capabilities and skillsKnowledge of security/identity SaaS vendors (Auth0, Forgerock)Good understanding of modern SDLC practices and security aspects & tools of CI/CD pipelines (code scanning, container scanning)#ICBcareers #ICBEngineeringJ.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives. Out of the successful launch of Chase in 2021, we’re a new team, with a new mission. We’re creating products that solve real world problems and put customers at the center - all in an environment that nurtures skills and helps you realize your potential. Our team is key to our success. We’re people-first. We value collaboration, curiosity and commitment.As a Lead Software Engineer at JPMorgan Chase within the accelerator, you are the heart of this venture, focused on getting smart ideas into the hands of our customers. You have a curious mindset, thrive in collaborative squads, and are passionate about new technology. By your nature, you are also solution-oriented, commercially savvy and have a head for fintech. You thrive in working in tribes and squads that focus on specific products and projects – and depending on your strengths and interests, you'll have the opportunity to move between them.While we’re looking for professional skills, culture is just as important to us. We understand that everyone's unique – and that diversity of thought, experience and background is what makes a good team, great. By bringing people with different points of view together, we can represent everyone and truly reflect the communities we serve. This way, there's scope for you to make a huge difference – on us as a company, and on our clients and business partners around the world.Job responsibilities:Guide and define our security practices and standards end-to-end, covering external connectivity and internal service communicationInteract with 3rd party vendors on security-related aspects during onboardingInteract and contributing to a wider security teamReview and regularly improve existing security practices and standardsProvide security architecture review with focus on securityMonitor and mitigate security vulnerabilities reported by a multitude of scanning tools we useRequired qualifications, capabilities and skillsFormal training or certification on software engineering concepts and applied experienceExtensive experience in an engineering role with heavy focus on security (encryption, authorization, authentication, infra security)Working knowledge of Java or KotlinExcellent knowledge of best-practices for securing public APIExcellent knowledge of methods for authentication, authorization and encryption (AuthN/Z, JWT, RBAC, TLS, OAuth2)Understanding of applied cryptography - symmetric/asymmetric cryptographyPractical experience with (m)TLS certificates setupUnderstanding of security vulnerabilities and remediation options in codebases (Java/Kotlin/etc) & containersExcellent knowledge of all of the above concepts in the context of at least one public cloud
provider (AWS, GCP, Azure)Preferred qualifications, capabilities and skillsKnowledge of security/identity SaaS vendors (Auth0, Forgerock)Good understanding of modern SDLC practices and security aspects & tools of CI/CD pipelines (code scanning, container scanning)#ICBcareers #ICBEngineeringJ.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit ourFAQs for more information about requesting an accommodation. Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
