Chase- Candidate Experience page

Compensation

Full Description

Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls team, you will oversee the security of our Storage product line, with a primary focus on Block products. This role is responsible for ensuring the security posture of file storage solutions through rigorous review, threat modeling, security configuration management, and drift detection. The ideal candidate will have deep expertise in storage security, threat analysis, and enterprise security best practices. Job responsibilities • Lead the security strategy, implementation, and ongoing management for all block storage products within the Storage product line. • Conduct comprehensive security reviews of file storage solutions, identifying vulnerabilities and recommending remediation strategies. • Define, implement, and manage security configurations for block storage products, ensuring alignment with JPMC security standards and industry best practices. • Work closely with product owners, engineering teams, and other stakeholders to embed security into the product lifecycle and provide expert guidance. • Stay current with emerging threats, technologies, and best practices in storage security. Drive continuous improvement initiatives for the security of file products. Required qualifications, capabilities, and skills • Formal training or certification on security concepts and 5+ years applied experience in security engineering, with a focus on storage and block products. • Strong expertise in threat modeling, vulnerability assessment, and security configuration management. • Experience with drift detection tools and methodologies. • Deep understanding of file storage technologies (NAS, SAN, cloud file storage, etc.). • Familiarity with regulatory requirements and compliance frameworks (e.g., SOX, PCI-DSS, GDPR). • Excellent analytical, problem-solving, and communication skills. Preferred qualifications, capabilities, and skills • Experience with automation and scripting (Python, PowerShell, etc.). • Knowledge of storage security (Lightbits, Netapp Solidfire, PowerFlex). • Experience with security monitoring and incident response tools. • Experience working in large enterprise environments, preferably in financial services.