Principal Security Engineer - IAM | Active Directory

Propel your engineering excellence to new heights by becoming a part of a talented and exceptional team. Take your place among the best in the industry.

As a Principal Security Engineer at JPMorgan Chase within the Cybersecurity and Technology Controls organization, you provide expertise and engineering excellence as an integral part of an agile team to enhance and develop cybersecurity software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Leverage your advanced technical capabilities and collaborate with colleagues across the organization to drive best-in-class outcomes

We are seeking a Principal Security Engineer to join our dynamic Risk Discovery team. This role is pivotal in safeguarding our enterprise systems through the implementation of data-driven security and posture management solutions that ensure the security and resilience of our infrastructure. The Principal Security Engineer will work closely with various teams to improve our security posture through the implementation of advanced, industry-leading products and tooling that identify and disposition risk within the Active Directory realm.

CTC IAM Risk Discovery is focused on enabling secure products in the IAM space that possess a transparent risk posture. We develop people, process, and technology that help product teams to identify security/privacy and operational risk during their product lifecycle, and surface that risk to inform tactical mitigation, strategic direction, and measurable improvement of product quality.

Job responsibilities

• Design, develop, integrate, and maintain custom, data-driven security posture and vulnerability management solutions within the enterprise environment.
• Collaborate with other software engineering teams as necessary to integrate security products and workflows in Java, Python, PowerShell, and other languages.
• Lead or support vulnerability management efforts, including tooling and workflow automation.
• Develop and implement security and risk scoring strategies to guide remediation efforts.
• Conduct security assessments and provide remediation guidance to various teams.
• Identifies and implements tools and processes to allow efficient sharing of data and information to promote business agility while ensuring regulatory compliance
• Evaluates and proposes new security-related products and services
• Assists with forensic analysis of security incidents
• Continually assesses new trends in technology and determines implications on the overall security control process
• Drives security engineering thought leadership within the product line
• Champions the firm’s culture of diversity, equity, inclusion, and respect

 

Required qualifications, capabilities, and skills

• Experience developing security engineering solutions for public cloud-based applications and infrastructure
• Experience applying expertise and new methods to determine net new solutions for complex technology problems in one or more technical disciplines
• Fluent in one or more programming languages such as Java, Python, PowerShell, or equivalent.
• Strong knowledge of Microsoft Active Directory and EntraID.
• Experience with ServiceNow, Atlassian Jira, or other security workflow/incident management tools and API integrations.
• Hands-on experience integrating vulnerability management tools and processes programmatically.
• Strong knowledge of data management, refinement, and enrichment techniques and implementation strategies
• Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., IAM, Data Engineering, etc.)  
• Experience successfully reviewing and implementing new security-related products
• Significant experience with threat modeling 
• Practical cloud native experience - AWS

 

Preferred qualifications, capabilities, and skills

• Strong understanding of graphing databases (Neo4J, GraphDB, etc.)
• Experience in red/blue/purple teaming or adversary emulation/defense tooling is a significant advantage
• Relevant certifications (e.g., CISSP, CEH, OSCP) are a plus.

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process. 

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans