Partnering with mission-driven entrepreneurs to build Rocky Mountain technology companies of impact, utility, and value.

We know that people want great value combined with an excellent experience from a bank they can trust, so we launched our digital bank, Chase UK, to revolutionise mobile banking with seamless journeys that our customers love. We're already trusted by millions in the US and we're quickly catching up in the UK – but how we do things here is a little different. We're building the bank of the future from scratch, channelling our start-up mentality every step of the way – meaning you'll have the opportunity to make a real impact.

Job Summary:

As a Mobile Security Engineer in International Consumer you will have the opportunity to explore a wide range of problem spaces working on multiple tech stacks primarily across Android and iOS. You will engage directly with development teams and the wider security team to collaborate and solve problems. You will analyze application code and detect complex vulnerabilities and communicate directly with the development teams to educate them and assist them in mitigating these risks. You will develop frameworks and tools to perform automated detection of vulnerabilities and scale the impact of individuals. You will define best practices across the business to help us engineer more secure products that allows us to create trust at scale.

Job Responsibilities:

• Lead the maturity of mobile application security reviews activities across consumer banking products and provide thought leadership and guidance to peers and senior management.
• Build automation (static and dynamic analysis) and frameworks with software engineers that are able to improve security, whilst also improving developer and customer experience.
• Provide guidance and education to developers that help prevent the authoring of vulnerabilities.
• Provide challenge and assessment of potential technology risks including information and cyber security control weaknesses by performing threat modelling exercises. Provide technology risk subject matter expertise and communicate the risk environment to management and other key stakeholders.
• Build solid professional relationships with matrixed teams to include technology, business, audit, and operational risk partners.

Required qualifications, capabilities and skills:

• Bachelor's degree or the equivalent combination of education and relevant experience
• Familiarity with mobile application programming languages, development practices, and common bug patterns (React Native, Java, Kotlin, Swift)

Preferred:

• Knowledge of penetration testing techniques with the mobile application and web contexts
• Experience with IT risk management operating models, three lines-of-defense frameworks, integrated risk management practices, and/or risk intelligence capabilities.
• Experience operating within a regulated industry.

#ICBCarees