The Cybersecurity organization within JPMorgan Chase & Co. provides security services to all lines of business (LOB) across JPMC. The objective of Cybersecurity is to balance both business alignment and the centralized delivery of core products and services including Security Standards, Monitoring & Protection, Assurance & Awareness, and Security Operations. Cybersecurity is designed to address the JPMC global security needs across all LOBs and the demand to leverage economies of scale across the firm.
The Cybersecurity Enterprise Architecture Team translates security requirements into system requirements and then into repeatable design strategies and patterns. The Team documents these architectural models & integration points for solutions, and partners with development teams to ensure they can be delivered as part of the broader technical infrastructure of the firm..
We are seeking an Application Integration Architect to work across Cybersecurity, the Chief Development Office and the various Business Information Security organizations in JPMC to define, prototype and drive adoption of well documented and understood Java, .NET and python patterns to enforce required protections as part of the data protection program.
Who should apply:
· Are you able to take big ideas through to engineering detail?
· Can you work across competing stakeholders and help navigate to a common solution?
· Do you like learning about other areas to see how the ‘puzzle’ or ‘machine’ works as a whole?
· Can you explain & visualize complex systems & concepts to a mixed technical and non-tech audience?
Would you like to:
· Incubate ground breaking patterns with industry vendors and internal app dev teams to enable applications to function with encrypted and obfuscated data sets?
· Design & prototype pocket size solutions for teams who need to deploy TLS, encrypt data, use multifactor authentication or search encrypted data?
· Know your code samples were going to be adopted by 20,000 developers who keep making the same mistakes with complex security services again.. and again… and again…?
· Develop, define and document the strategic architectures tying together data protection services & integration patterns for cloud services, on premise applications and desktop users?
· Drive deep integration of the Data Protection strategies data labeling, classification & control requirements into target state Java, .NET and python applications
· Design, document & author software patterns & vendor integration models for common core functions, including data classification, identification, encryption and entitlement models
· Assess and align strategic control implementations from Cyber security and partner groups in Global Technology & controls functions
· Partner with Cyber solutions teams, vendors, engineering & line of business product development teams to deliver working prototypes through production products
· Partner with Engineering, Operations & Service teams to ensure adoption of the data protection services in day to day operational practice, all new build, and refactoring of critical existing build
· Evangelize, meet, greet and engage with the Application Development teams of the firm to understand their challenges and opportunities in the space
· Bachelor’s degree, or demonstrated experience and delivery, in computer science, information security, engineering, or related discipline
· Progressive experience in designing & developing foundational application components, core infrastructures and critical customer facing system development
· Demonstrable experience of strong Java, .NET or python delivery of critical application frameworks
· Demonstrable experience developing technologies including at least one of::
· Data Loss Prevention (DLP)
· Data classification
· Encryption & Tokenization - Application, Database, and File level
· Access Control
· Key Management
· Privileged access management and monitoring
· Demonstrated ability to investigate and learn new technologies and products
· Active professional security certifications (e.g., CISSP, CEH, CISM, SANS…), open source project contribution or other continuous learning examples in the software development and security spheres
· Possess a strong technology background with the ability to challenge or validate technology decisions from a position of knowledge and experience
· Possess the ability to rapidly assimilate business strategies, coupled with the insight to seize high impact opportunities by applying creative problem solving solutions
· Experience of working in a matrixed organization, achieving goals through partnership and collaboration