Security Engineer II | Attack Simulation Engineering

JobID: 210530380

Category: Security Engineering

JobSchedule: Full time

Posted Date: 2024-06-26T18:25:42+00:00

JobShift: Day

:

You're at the forefront of delivering secure software solutions. Join us a valued member of a top-performing team.

As a Security Engineer II at JPMorgan Chase within the Cyber and Tech Controls line of business, you are part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As an emerging member of the security engineering team, you execute basic software solutions through the design, development, and troubleshooting of multiple components within a technical area, while gaining skills and experience to grow within your role.

Job responsibilities

• Executes standard security solutions in accordance with existing playbooks to satisfy security requirements for internal clients (e.g., product, platform, and application owners)

• Writes secure and high-quality code using the syntax of at least one programming language with limited guidance

• Applies specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize probability and impact of threats when determining specific vulnerabilities

• Supports delivery of continuity-related awareness, training, educational activities, and exercises

• Adds to team culture of diversity, equity, inclusion, and respect

• Directly work with Operations, Product team, Security Control owners to evaluate the efficacy of tests and increase the velocity

• Deploy applications in Attack Simulation portfolio (third-party applications) with concise documentation

• Design systems management solutions using automation and self-repair rather than relying on alarming and human intervention

• Reuse existing strategic technologies and prefer appropriately simple, scalable solutions over more complex and failure prone ones

• Review and influence new and evolving design, architecture, standard, and methods for operating services and systems

• Participate in software and system performance analysis and tuning, service capacity planning and demand forecasting

Required qualifications, capabilities, and skills

• Formal training or certification on security engineering concepts and 2+ years applied experience

• Basic experience developing security engineering solutions

• Demonstrable ability to code in one or more languages

• Experience across the whole Software Development Life Cycle as CI/CD, application resiliency, and security

• Experience with cloud deployment environments, e.g. AWS, Azure, GCP

• Working knowledge of information and network security, IT risk management, and architectural concepts and patterns

• Experience in Information Security or equivalent

• Working experience with OS Experience, e.g. RHEL, Windows

• Team oriented with great communication and interpersonal skills

• Development and Orchestration experience, e.g. Github, Terraform, Ansible, Chef

Preferred qualifications, capabilities, and skills

• Information Security related certifications

• Programming/Scripting experience, Python, Python , Perl, Bash, Powershell, T-SQL, PL/SQL, SQL Plus

• Experience with developing and using APIs, e.g. Python and REST APIs

• Knowledgeable across multiple security technologies, e.g. SIEM, NGFW, Proxy, IDS/IPS, DLP, EDR, A/V, WAF