JPMorgan Chase - Plano, TX
posted about 1 month ago
Full-time - Principal
Plano, TX
Credit Intermediation and Related Activities
About the position
The Principal Cybersecurity Architect - Database Security at JPMorgan Chase is a key role within the Cybersecurity & Technology Controls team, focusing on enhancing security measures for database products. This position involves collaborating with technology and business teams to identify security issues, promote a security culture, and implement best practices in security architecture and risk management. The role requires a strong mix of technical expertise in database technologies and effective communication skills to drive secure innovation and risk mitigation across the organization.
Responsibilities
- Cultivate security culture within product teams to prioritize sustainable controls and risk reduction outcomes.
- Embed threat modeling, security architecture, and secure code review into product and application teams to ensure secure product creation from the start.
- Maintain fluency in database product strategies, roadmaps, and key investment programs.
- Act as a security thought leader within product teams, sharing best practices and serving as a point of escalation for IT Risk and Cyber domains.
- Monitor Key Risk Indicators to identify, quantify, communicate, and manage security issues, including providing recommendations for resolution and identifying root causes.
- Collaborate with product, technology, and business colleagues for ongoing audit and regulatory engagements, risk activities, and project initiatives.
Requirements
- Formal training or certification in software engineering concepts with 10+ years of applied experience.
- Experience operating in a regulated organization with a 3rd Line of Defense (LoD) model.
- Detailed technical understanding of Public Cloud computing (GCP/AWS), including hardening services and applying controls to secure data.
- Proficiency in database encryption techniques for data protection at rest and in transit.
- Proficiency in database access control mechanisms, such as role-based access control (RBAC) and fine-grained access control (FGAC) mechanisms.
