Partnering with mission-driven entrepreneurs to build Rocky Mountain technology companies of impact, utility, and value.

As a Senior Lead Cybersecurity Architect at JPMorgan Chase within the Cybersecurity and Technology Controls organization, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications and platform products. Drive significant business impact through your capabilities and contributions, and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.

We are looking for an experienced Senior Security Architect to join our team as a specialist in Cloud Security. The successful candidate will be responsible for designing secure cloud infrastructure architectures for our enterprise AI/ML applications. We are looking for a cloud security leader who is passionate about AI/ML security architecture and can solve complex security configurations through innovation and known security architectural practices. You will be required to apply your in-depth of cloud security knowledge and expertise to all aspects of Artificial Intelligence/Machine Learning development lifecycle, as well as partner continuously with your many product stakeholders on a daily basis to stay focused on common goals.

Job responsibilities

• Provide thought leadership for securing on premise and cloud based AI/ML solution architecture
• Design secure networks and systems based on industry standards and best practices
• Identify and address security vulnerabilities, security risks, and other compliance issues
• Perform regular audits of all cloud infrastructure
• Participate in application and system hardening activities
• Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
• Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors
• Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
• Serves as function-wide subject matter expert in the design of comprehensive security architectures for cloud infrastructure projects.
• Actively contributes to the engineering community as an advocate of firm wide frameworks, tools, and practices of the Software Development Life Cycle
• Influences peers and project decision-makers to consider the use and application of leading-edge technologies

Required qualifications, capabilities, and skills

• Formal training or certification on software engineering* concepts and 5+ years applied experience in cloud security and/or Artificial Intelligence/Machine Learning Security (AI/ML)
• Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
• Strong knowledge of Artificial Intelligence and Machine Learning Security concepts, threats, and vulnerabilities including Generative Large Language Models
• Advanced in one or more programming languages or applications - Python (preferred)
• Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
• Knowledge of IAM concepts, including but not limited to provisioning, RBAC, ABAC, SCIM, LDAP, and governance and authorization standards
• Experience with federated identity platforms/products
• Knowledge of current Identity protocols such as OAuth 2.0, OpenID Connect, and SAML 2.0, tokenization
• Experience with Privileged Access Management
• Practical cloud native experience - AWS (preferred), AZURE and/or Google Cloud Platform (GCP)
• Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture

• Knowledge of networking protocols and techniques, such as TCP/IP, routing, DNS, DHCP, etc.
• Experience with API security and public cloud APIs and integration
• Experience developing and understanding information security architecture, mitigation of threats, and compensating controls. Deep familiarity with frameworks such as NIST 800-53, OWASP, CVSS, the MITRE ATT&CK frame, MITRE Atlas, PCI, and Gramm-Leach-Bliley Act (GLBA).
• Experience using cloud infrastructure as code (IaC) using frameworks like Terraform
• Experience with micro services designs and implementations including Docker, Kubernetes, Helm