Security Engineer III- Chase (Figg)

As a Security Engineer III in Cybersecurity & Tech Controls. Cybersecurity Operations, you will contribute to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. Leveraging your in-depth understanding of security principles and practices, you will exercise initiative and judgment to resolve cybersecurity-related problems and contribute to the improvement of current working methods. Collaborating with cross-functional teams, you will develop a coordinated approach to cybersecurity and educate employees on best practices, policies, and procedures. 

Your work will have a direct impact on the integrity, confidentiality, and availability of sensitive data and systems within the department, ensuring a secure digital environment for JPMorgan Chase.

Job Responsibilities

• Responsible for activities related to continued security monitoring and is a first line of defense for incident response and vulnerability management.
• Researches, recommends, evaluates, and implements cybersecurity solutions or configurations that identify and/or protect against potential threats, and respond to security violations
• Performs configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems
• Performs development, deployment, administration, management, configuration, testing and integration tasks related to the security of the Offers and Shopping platform.
• Assists with the ongoing gathering of evidence to support compliance with PCI, SOC, internal controls and business controls.
• Work with internal technology team to ensure security and compliance is designed from-the-start for modern technology stacks such as public cloud, containers, API gateways, microservices & serverless platforms.
• Develops and maintains documentation for security systems and procedure

Required Qualifications, Capabilities, and Skills

• Formal training or certification in security concepts or 3-5 years of progressive work in the security .
• 3-5 years AWS administration with a focus on security
• Bachelor’s degree in computer information systems or equivalent work experience
• Strong knowledge of cybersecurity domains, including Asset Security, Communication & Network Security, Identity & Access Management (IAM), Security & Risk Management, Security Architecture & Engineering, Security Assessment & Testing, Security Operations, and Software Development Security
• Strong analytical and problem-solving skills to enable effective security incident and problem resolution
• Demonstrated proficiency in scripting languages (PowerShell and/or python) for automating security tasks and processes
• Experience with security tools and technologies, including Security Information & Event Management (SIEM), Endpoint Detection & Response (EDR), Data Loss Prevention (DLP), and Web Application Firewall (WAF)

Preferred Qualifications, Capabilities, and Skills

• Experience in developing, documenting, and maintaining security procedures and documentation 
• Working knowledge of information security frameworks and regulations (e.g., NIST RMF, SOC 2 Type II, or PCI)
• Excellent organizational, verbal, and written communication skills
• Maintain or working towards at least one (1) of the following industry certifications: CISSP, CISA, SANS certification or other equivalent certifications