Job Description:
Working in Cybersecurity takes pure passion for technology, speed, a constant desire to learn, and above all, vigilance in keeping every last asset safe and sound. You'll be on the front lines of innovation, working with a highly-motivated team laser-focused on analyzing, designing, developing and delivering solutions built for Attack Simulation Operation team to stop adversaries and strengthen our operations.
JPMC's Attack Simulation organization is looking to expand its Engineering team to focus on maintaining the current and designing the next generation of the infrastructure used for both training for JPMC employees and assessment for Global Red Team. As a key member of the Attack Simulation Engineering team, the Developer will be charged with designing, building and migrating applications, software, and services on AWS platform and internal datacenters, ensuring solutions are designed for successful deployment. This person will evangelize and educate customers on the value proposition of Cloud as well and aid in creating world-class solutions built on the Cloud. Responsibilities
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Equal Opportunity Employer/Disability/Veterans
About the Team: The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.
Working in Cybersecurity takes pure passion for technology, speed, a constant desire to learn, and above all, vigilance in keeping every last asset safe and sound. You'll be on the front lines of innovation, working with a highly-motivated team laser-focused on analyzing, designing, developing and delivering solutions built for Attack Simulation Operation team to stop adversaries and strengthen our operations.
JPMC's Attack Simulation organization is looking to expand its Engineering team to focus on maintaining the current and designing the next generation of the infrastructure used for both training for JPMC employees and assessment for Global Red Team. As a key member of the Attack Simulation Engineering team, the Developer will be charged with designing, building and migrating applications, software, and services on AWS platform and internal datacenters, ensuring solutions are designed for successful deployment. This person will evangelize and educate customers on the value proposition of Cloud as well and aid in creating world-class solutions built on the Cloud. Responsibilities
- Architecting/operating innovative solutions built on public cloud (e.g. AWS, Azure, ...)
- Design and Implement Public Cloud architectures and environments
- Play a key role in migrating and transforming legacy solutions to the cloud
- Design Native Cloud Application Architectures and optimize applications for AWS
- Work as part of the team to ensure appropriate business measures are defined and documented
- Evaluate service level issues and suggested enhancements escalated by support to diagnose and address underlying system problems and inefficiencies - engage third party suppliers on support issues as required
- Review and influence new and evolving design, architecture, standard, and methods for operating services and systems
- Participate in software and system performance analysis and tuning, service capacity planning and demand forecasting
- Design systems management solutions using automation and self-repair rather than relying on alarming and human intervention
- Reuse existing strategic technologies and prefer appropriately simple, scalable solutions over more complex and failure prone ones
- Directly work with Operations and Product team to to evaluate the efficacy of tests and increase the velocity
- Deploy applications in Attack Simulation portfolio (third-party applications) with concise documentation
- BS/BA degree or equivalent experience
- 'Hands-on keyboard' AWS implementation experience across a broad range of AWS services.
- Must have in depth AWS development experience (Containerization - Docker, Amazon EKS, Lambda, EC2, S3, Amazon DocumentDB, PostgreSQL)
- Strong knowledge of DevOps and CI/CD pipeline (GitHub, Jenkins, Artifactory)
- Scripting capability and the ability to develop AWS environments as code
- Experience with core AWS platform architecture, including areas such as: Organizations, Account Design, VPC, Subnet, segmentation strategies
- Backup and Disaster Recovery approach and design
- Public cloud automaton tooling and scripting experience - CFn, Terraform, Ansible, Puppet, Jenkins
- Good knowledge of REST/SOAP/JSON web service API implementation
- Demonstrated ability to adapt to new technologies and learn quickly
- AWS Certificates
- Familiar with Encryption, Logging, and Privacy/Security Protocols (e.g. TLS 1.2, ELK stack)
- Experienced in developing test plan, test cases, baselines, and conducting end-to-end testing
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Equal Opportunity Employer/Disability/Veterans
About the Team: The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.