Cloud Security Engineer III - GCP

JPMorgan Chase & Co. (NYSE: JPM) is a top financial services firm with over $2 trillion in assets, operating in more than 60 countries. As a leader in investment banking and various financial services, the firm's Cybersecurity & Technology Controls (CTC) group partners with all business lines to enhance cybersecurity, access management, and controls. The CTC group focuses on enabling business operations while ensuring protection and resilience.

• As a Cloud Security Engineer within the Cybersecurity & Technology Controls (CTC) group, ensure that Public Cloud is adopted in a secure and compliant manner.
• Identify and manage risk-related issues and actions with respective technology.
• Demonstrate attention to detail while maintaining a view of the big picture across security issues.
• Support the execution and enhancement of a long-term information risk and control strategy designed to keep the information assets of the public cloud secure.
• Deliver risk-based assessments of secure technology controls relating to cloud services, cloud platforms, and architectural components.
• Support business technology teams to understand firm control requirements and implementations across a broad range of cloud architectures.
• Perform security reviews of infrastructure-as-code for cloud platform development and participate in threat modelling activities.
• Contribute to documentation and agile processes in support of security programs.
• Interface with wider CTC teams ensuring platform integration with security operations, threat intelligence, IAM, and network security.

• Formal training or certification on Information Security concepts and expanding applied experience.
• Eagerness to collaborate in a team, and comfortable in both virtual and office environments.
• Self-disciplined, self-managed, self-motivated and strong sense of ownership, urgency, and drive.
• Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders.
• Ability to prioritize and work under stringent timelines.

• Keen desire to understand and secure public cloud technology.
• AWS, Azure or Google Cloud certifications would be an advantage.
• Hands-on experience of developing, engineering or architecting within a public cloud environment would be an advantage.
• Experience engineering with Terraform or infrastructure-as-code would be an advantage.
• Understanding of DevOps or CI/CD concepts would be an advantage.