Security Engineer jobs at J.P. Morgan - 369 jobs

Who are we? FalconX is a pioneering team of operators, investors, and builders committed to revolutionizing institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX addresses the industry's foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever- evolving cryptocurrency landscape. Location: Remote / Hybrid Role FalconX is seeking a Product Security Engineer to focus on DeFi product and application security. You will partner with engineering and product teams to review proposed strategies, assess smart contracts for security risks, and guide secure design decisions. This role reports into the FalconX Security Team, and in addition to DeFi-focused work, you'll contribute to broader application security initiatives such as data security, identity and access management (IAM), secure development lifecycle (SDLC), and code review practices. Responsibilities Review DeFi strategies, protocol designs, and smart contracts for security risks and failure modes. Evaluate markets-related activities (e.g., liquidity provision, governance, cross-protocol integrations) for systemic vulnerabilities. Provide secure design input for new features and applications. Identify and mitigate threats including reentrancy, oracle manipulation, flash loan exploits, MEV, and governance exploits. Partner with the security team to advance application security initiatives: Threat modeling and design reviews. Data security and access control design. Identity and access management (IAM). SDLC improvements and developer enablement. Collaborate with external auditors and internal stakeholders to validate findings and track remediation. Requirements 4+ years in application/product security, with strong exposure to DeFi protocols and markets. Expertise in smart contract security (Solidity, EVM internals, known attack classes). Experience with threat modeling and secure design reviews. Familiarity with DeFi primitives (AMMs, lending, oracles, governance, bridges). Understanding of cryptography, key management, and wallet security. Strong ability to articulate risks and propose secure alternatives. Preferred Contributions to security research, audits, or open-source tooling in DeFi. Background in data security, IAM, or application-layer controls. Experience in financial markets or risk assessment. The base pay for this role is expected to be between $179,000-210,000 USD for a Senior Associate level in the New York City and San Francisco Bay Area. This expected base pay range is based on information at the time this post was generated. This role will also be eligible for other forms of compensation such as a performance linked bonus, equity, and a competitive benefits package. Actual compensation for a successful candidate will be determined based on a number of factors such as location, skillset, experience, qualifications and the level at which the candidate is hired. Notice at Collection and Privacy Policy Applicants located in California and/or applying to a role based in California, please refer to our Notice at Collection and Privacy Policy here. Inclusivity Statement FalconX is committed to building a diverse, inclusive, equitable, and safe workspace for all people. Our roles are intended for people from all walks of life. We encourage all those interested in applying to our organization to submit an application regardless if you are missing some of the listed background requirements, skills, or experiences! As part of our commitment to inclusivity, FalconX would like to acknowledge that the EEOC survey has limited potential responses that you can select. For legal reasons, FalconX must use this language to align with federal requirements, however, we want to ensure that you are able to provide a response to our own voluntary survey questions about your identity that best aligns with your most true self. FalconX is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, national origin, ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, or any other legally-recognized protected basis under federal, state, or local law. Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on FalconX. Please inform FalconX's People team at *********************, if you need assistance with participating in the application process.

Department: Information Technology Employee Type: Full-time Reports to: Assistant Director - IT Infrastructure Services FLSA Status: Exempt Travel Required: None Supervisory Responsibility: None Salary Range: $99,168 - $123,961 - $148,752 *Typically, initial wage is set between the minimum and the midpoint of the salary range depending on the employee's qualifications and experience. Posting Period: January 23, 2026 - February 6, 2026 Applicants must be legally authorized to work in the United states without the need for employer sponsorship now or in the future. We are unable to consider candidates with OPT or CPT. However candidates eligible for H1B transfer will be considered. Summary of Responsibilities: The Senior Information Security Engineer serves as the expert in information security, including enterprise-wide security architecture/design, vulnerability management, system / data protection, security centric technical solutions, and leadership for implementing security capabilities, controls, monitoring and alerts. In collaboration with the SERS Information Security and Privacy Officer address complex IT security architecture issues, coordinate with users to determine requirements, ensuring systems are appropriately hardened while striking a balance between user experience and operational security. Essential Duties and Responsibilities: Responsible for performing all activities necessary for maintaining a strong security posture for the enterprise as well as managing daily security monitoring, alerts, and remediation. Serves as a subject matter expert (SME), plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards and best practices. Partner with ISO on plans, policies, initiatives, budgets, internal and external audits, responses, as well as resolving audit issues and findings. Prepare, prevent, detect, respond, and recover cyber security events. Beyond analysis, provide insight, direction, and leadership to secure SERS' information assets. Knowledge or awareness in information security, compliance, assurance, and/or other security standard methodologies and principles. Responsible for assisting with activities designed to systematically run information security, such as security investigations, intelligence, assurance, and/or other project oversight, including developing standard methodologies for information security standards and handling IT controls and compliance with internal policies. Monitor, detect, and respond to security events and incidents that may affect SERS, minimizing risk of cyber-attacks and focus on detection and response. threats -. Protect SERS from the loss of sensitive information and data through normal business processes and/or malicious actors. Complies with all security policies and procedures, to ensure that the highest level of system and data confidentiality, integrity and availability is maintained. Develops security architectural reference material to ensure that security practices are being implemented in a repeatable fashion every time a new project is implemented. Own the architecture and management of information security systems including, but not limited to, centralized logging, intrusion detection, security networks, application vulnerability scanning, penetration testing, patch management, identity and access management, and encryption and key management. Perform reviews and investigations of system logs, events, and alerts from all collected systems and architectures, and take required action to remediate any vulnerabilities and exposure issues. Ensures the confidentiality, integrity, and security of all Personally Identifiable Information (PII) and Protected Health Information (PHI) data by strictly adhering to federal and state laws, regulations, polices, and best practices for data protection and access control. Other duties as assigned. The incumbent is required to: Carry a cell phone with text messaging capabilities to respond to daily business needs. Educations and Skills/Qualifications: Bachelor's degree (B.S.) in computer science or related field; Five to seven years related experience and/or training; Certified Information Systems Security Professional (CISSP) Certification, desired with; Ability to adapt and change behavior or methods of approach in rapidly changing environments. Strong attention to detail skills. Ability to demonstrate authenticity in relating to others. Demonstrates eagerness to continuously learn and acquire necessary technical knowledge. Effective and efficient use of computers in the working environment. Competence in collecting, consolidating and correctly using relevant data; recognizing important information. Develops and maintains effective relationships with others to encourage and support communication and teamwork. The ability to identify problems and issues of varying complexities and find effective solutions. Effective planning and organizing skills. Follows through to ensure that quality and productivity standards are met. Excellent written and oral communication skills. Ability to use strategic awareness to put things in context and to think broadly. Equivalent combination of education, skills, and experience. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skills, and abilities required. Working Conditions: This role operates in a professional office environment and is subject to prolonged periods of sitting or standing at a desk and working on a computer. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines and may need to be able to lift up to 10 pounds at times. The noise level in the work environment is usually moderate. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Information Technology staff members are eligible to work remotely 2 days per week, after 30 days of employment. Remote working days are not guaranteed and subject to change based on organizational needs. Competencies: Focus on Service - Employee demonstrates dedication to delivering service that meets or exceeds the needs and satisfaction of our members, retirees, employers, and fellow employees. Actions and decisions put the needs of the customer first. Establishes and maintains effective relationships with customers and seeks feedback to use for improvement. Accountability - Takes personal responsibility for one's work in both successes and failures. Shows commitment and dedication in one's work. Follows through on all projects, goals, commitments made to others, and all other aspects of one's work. Consistently shows attention to quality, accuracy, and completeness of work activities. Uses failures as opportunity to learn and grow. Attends work and arrives as scheduled. Collaboration - Interacts with others in ways that demonstrate teamwork and cooperation. Builds partnerships and works collaboratively with others at all levels of the organization to achieve goals and support ONE SERS. Acknowledges others' contributions and considers their ideas without judgment. Focuses energy on working together to find solutions. Respect and Inclusivity - Able to work with many people with different backgrounds. Shows respect for individual differences, thoughts, and opinions of other team members and is supportive of new ideas and different perspectives shared by others. Seeks to understand through open communication and active listening. Adaptability - Able to adjust to new or changing assignments, processes, people, and environments and easily consider new approaches. Strives to find efficient and innovative ways to overcome challenges and improve current processes and work products. Takes action on opportunities to improve. Embraces change and feedback in order to be more effective, efficient, and best serve our members, retirees, employers, and fellow employees. Shows dedication to positive thinking and forward momentum when facing challenges. Disclaimer: This job description is not meant to be all-inclusive and the position itself is subject to change. SERS is an Equal Employment Opportunity Employer. We recruit, hire, train, and promote without discrimination due to age, race, color, religion, sex, sexual orientation, national origin, citizenship, disability, military leave or veteran status, genetic information, or any other status protected by applicable federal, state or local law. SERS is committed to ensuring all applicants can successfully submit an application for consideration. If you have a disability, and you wish to discuss potential accommodations to complete your application for employment, please call **************. SERS does not accept unsolicited recruiter and agency resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with SERS.

We are currently seeking strong candidates for a full-time Information Security Engineer position in our Overland Park, Kansas headquarters. Responsibilities Responsible for the analysis and implementation, testing, operations, and maintenance of Information Security solutions. Conduct assessments as required for the Information Security Program to determine whether systems performed as expected and provides input to the determination of operational effectiveness. Day-to-day support for Information Security and Technology functions: o Malware Response Process o Log Management Process o Malware Response Process o Vulnerability Management Process o Tracking and reporting on information generated by Information Security Program activities. Analysis of the security aspects of new or existing computer applications, software, or specialized utility programs. Draw insights about their possible implications and provide appropriate recommendations. Qualifications Bachelor's degree from an accredited college/university or equivalent experience 3 - 5 years' of work experience , financial services industry experience a plus Skills & Knowledge Strong self-starter who thrives in a fast-paced, dynamic environment Experience confidently and collaboratively working with individuals at all levels of an organization Ability to conceptualize and support big picture concepts and goals of the organization Has excellent verbal and written communication skills to provide an exceptional client service experience Strong attention to detail and critical thinking skills Highly organized, able to manage multiple tasks with tight deadlines We welcome your interest in being a part of our firm. We believe in giving associates progressive opportunities, actively nurturing professional growth and giving back to the community. We are dedicated to building a diverse culture where everyone has the support they need to achieve their career goals. We offer an innovative workplace and a culture that fosters camaraderie, teamwork and work-life balance. EOE/M/F/D/V

Senior Information Security Automation Engineer - Austin, TX or Denver, CO Are you Cybersecurity professional who thrives in securing hybrid environments in a global organization? Do you excel in automation? Are you interested in joining a globally diverse organization where our unique contributions are recognized and celebrated, allowing each of us to thrive? Then it's time to join Western Union as a Senior Information Security Automation Engineer! Applicants must be currently authorized to work in the United States on a full-time basis. Western Union will not sponsor applicants for work visas for this position. Applications will be assessed for Python coding skills and experience. Western Union powers your pursuit. In this role, you will lead the design, implementation, and continuous improvement of secure cloud-based systems and infrastructure. This role will be responsible for securing cloud platforms, managing identity and access solutions, and driving automation across a diverse set of environments. You will play a critical role in ensuring the integrity, confidentiality, and availability of our cloud infrastructure. Role Responsibilities Develop and implement security automation using scripting and programming languages. Identify opportunities to streamline and automate security operations. Research emerging technologies and security trends to inform architecture and strategy. Develop and maintain technical specifications for security tools and platforms. Define and report on key performance indicators (KPIs) and security metrics. Participate in incident response exercises and API security initiatives. Engineer and transition security solutions to operational teams Role Requirements Strong scripting and automation ability (e.g., Python, PowerShell, Bash) without the aid of AI. Bachelor's degree in information technology or related field OR equivalent work experience. Minimum of 6 years of experience in cybersecurity, with at least 5 years focused on Security Automation Engineering. Strong understanding of security best practices and evolving threat landscapes. Deep knowledge of networking, APIs, and enterprise technologies. Experience with Windows and Linux operating systems. Strong written and verbal communication skills. Proven ability to work independently and solve complex problems. Preferred Qualifications Expertise in secure coding and automation practices. Familiarity with IT audit frameworks and lifecycles. Experience with hardening techniques across multiple operating systems. Knowledge of change control processes and test-driven development. Advanced understanding of cloud-native security tools and DevSecOps practices. Experience with container security, IAM protections, data protection, and API security. Background in cybersecurity disciplines such as threat hunting, forensics, penetration testing, and data loss prevention. Mastery in network security and cloud architecture Work Shift Western Union values in-person collaboration, problem solving, and ideation whenever possible. We believe this fosters common ways of working and supports how we execute initiatives for our customers. The expectation is to work from the office a minimum of three days a week. We make financial services accessible to humans everywhere. Join us for what's next. As part of the application process, all applicants are required to take assessments. Western Union has partnered with a 3rd party provider to administer these tests. Applicants will need to provide their name and email address in order to process the assessments. If you have any questions, you may reach out to ************************. We are passionate about honoring our employee's identity and fostering a feeling of belonging. Our commitment is to provide an inclusive culture that celebrates the unique backgrounds and perspectives of our global teams while reflecting the communities we serve. We do not discriminate based on race, color, national origin, religion, political affiliation, sex (including pregnancy), sexual orientation, gender identity, age, disability, marital status, or veteran status. The company will provide accommodation to applicants, including those with disabilities, during the recruitment process, following applicable laws. Salary Annual base salary range is $150,000 - 180,000 USD per year. Total on-target compensation includes a base salary and both short-term and long-term incentives that align with individual and company performance. Actual salaries will vary based on candidates' qualifications, skills, and competencies. Benefits You will also have access to short-term incentives, multiple health insurance options, accident and life insurance, and access to best-in-class development platforms, to name a few (*************************************************** Please see the location-specific benefits below and note that your Recruiter may share additional role-specific benefits during your interview process or in an offer of employment. Your United States - Specific Benefits Include Paid Time Off Medical, Dental and Life Insurance Tuition Assistance Program Student Loan Repayment (below manager level only) Parental Leave One day volunteer time off $0 Money Transfer Fee Discount Code - Quarterly Recognition Program “Game Changers” Employee Discount Program Global Adoption Assistance Global Scholarship Awards Program 401K plan Our Hybrid Work Model categorizes each role into one of three categories. Western Union has determined the category of this role to be Hybrid. This is defined as a flexible working arrangement that enables employees to divide their time between working from home and working from an office location. The expectation is to work from the office a minimum of three days a week. For residents of Colorado, California, Connecticut, Delaware, Minnesota, and Pennsylvania: Please do not respond to any questions on this initial application that may seek age-identifying information such as age, date of birth, or dates of school attendance or graduation. You may also redact this information from any materials you submit during the application process. You will not be penalized for redacting or removing this information.” #LI-HD1 #LI-Hybrid Estimated Job Posting End Date: 01-30-2026 This application window is a good-faith estimate of the time that this posting will remain open. This posting will be promptly updated if the deadline is extended or the role is filled.

Senior Information Security Automation Engineer - Austin, TX or Denver, CO Are you Cybersecurity professional who thrives in securing hybrid environments in a global organization? Do you excel in automation? Are you interested in joining a globally diverse organization where our unique contributions are recognized and celebrated, allowing each of us to thrive? Then it's time to join Western Union as a Senior Information Security Automation Engineer! Applicants must be currently authorized to work in the United States on a full-time basis. Western Union will not sponsor applicants for work visas for this position. Applications will be assessed for Python coding skills and experience. Western Union powers your pursuit. In this role, you will lead the design, implementation, and continuous improvement of secure cloud-based systems and infrastructure. This role will be responsible for securing cloud platforms, managing identity and access solutions, and driving automation across a diverse set of environments. You will play a critical role in ensuring the integrity, confidentiality, and availability of our cloud infrastructure. Role Responsibilities * Develop and implement security automation using scripting and programming languages. * Identify opportunities to streamline and automate security operations. * Research emerging technologies and security trends to inform architecture and strategy. * Develop and maintain technical specifications for security tools and platforms. * Define and report on key performance indicators (KPIs) and security metrics. * Participate in incident response exercises and API security initiatives. * Engineer and transition security solutions to operational teams Role Requirements * Strong scripting and automation ability (e.g., Python, PowerShell, Bash) without the aid of AI. * Bachelor's degree in information technology or related field OR equivalent work experience. * Minimum of 6 years of experience in cybersecurity, with at least 5 years focused on Security Automation Engineering. * Strong understanding of security best practices and evolving threat landscapes. * Deep knowledge of networking, APIs, and enterprise technologies. * Experience with Windows and Linux operating systems. * Strong written and verbal communication skills. * Proven ability to work independently and solve complex problems. Preferred Qualifications * Expertise in secure coding and automation practices. * Familiarity with IT audit frameworks and lifecycles. * Experience with hardening techniques across multiple operating systems. * Knowledge of change control processes and test-driven development. * Advanced understanding of cloud-native security tools and DevSecOps practices. * Experience with container security, IAM protections, data protection, and API security. * Background in cybersecurity disciplines such as threat hunting, forensics, penetration testing, and data loss prevention. * Mastery in network security and cloud architecture Work Shift Western Union values in-person collaboration, problem solving, and ideation whenever possible. We believe this fosters common ways of working and supports how we execute initiatives for our customers. The expectation is to work from the office a minimum of three days a week. We make financial services accessible to humans everywhere. Join us for what's next. As part of the application process, all applicants are required to take assessments. Western Union has partnered with a 3rd party provider to administer these tests. Applicants will need to provide their name and email address in order to process the assessments. If you have any questions, you may reach out to ************************. We are passionate about honoring our employee's identity and fostering a feeling of belonging. Our commitment is to provide an inclusive culture that celebrates the unique backgrounds and perspectives of our global teams while reflecting the communities we serve. We do not discriminate based on race, color, national origin, religion, political affiliation, sex (including pregnancy), sexual orientation, gender identity, age, disability, marital status, or veteran status. The company will provide accommodation to applicants, including those with disabilities, during the recruitment process, following applicable laws. Salary Annual base salary range is $150,000 - 180,000 USD per year. Total on-target compensation includes a base salary and both short-term and long-term incentives that align with individual and company performance. Actual salaries will vary based on candidates' qualifications, skills, and competencies. Benefits You will also have access to short-term incentives, multiple health insurance options, accident and life insurance, and access to best-in-class development platforms, to name a few (*************************************************** Please see the location-specific benefits below and note that your Recruiter may share additional role-specific benefits during your interview process or in an offer of employment. Your United States - Specific Benefits Include * Paid Time Off * Medical, Dental and Life Insurance * Tuition Assistance Program * Student Loan Repayment (below manager level only) * Parental Leave * One day volunteer time off * $0 Money Transfer Fee Discount Code - Quarterly * Recognition Program "Game Changers" * Employee Discount Program * Global Adoption Assistance * Global Scholarship Awards Program * 401K plan Our Hybrid Work Model categorizes each role into one of three categories. Western Union has determined the category of this role to be Hybrid. This is defined as a flexible working arrangement that enables employees to divide their time between working from home and working from an office location. The expectation is to work from the office a minimum of three days a week. For residents of Colorado, California, Connecticut, Delaware, Minnesota, and Pennsylvania: Please do not respond to any questions on this initial application that may seek age-identifying information such as age, date of birth, or dates of school attendance or graduation. You may also redact this information from any materials you submit during the application process. You will not be penalized for redacting or removing this information." #LI-HD1 #LI-Hybrid Estimated Job Posting End Date: 01-30-2026 This application window is a good-faith estimate of the time that this posting will remain open. This posting will be promptly updated if the deadline is extended or the role is filled.

Job Description In this hybrid role based at our Chicago Headquarters, you will support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorgan Chase within the Cybersecurity Technology & Controls, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. **Job responsibilities** + Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs + Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability + Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors, leveraging cloud-native backend systems and infrastructure-as-code tools such as Terraform and AWS CloudFormation + Architect and deploy scalable solutions on AWS Cloud & develops secure and high-quality production code, and reviews and debugs code written by others, utilizing modern CI/CD workflows and containerization technologies (Docker) + Drives decisions that influence the product design, application functionality, and technical operations and processes, including the serverless solutions + Serves as a function-wide subject matter expert in one or more areas of focus, such as scalable backend development, AI-powered agents, and data automation pipelines + Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle, including observability and monitoring solutions (CloudWatch, Datadog, Prometheus) + Influences peers and project decision-makers to consider the use and application of leading-edge technologies, such as LLMs (OpenAI, Bedrock), AI frameworks (LangChain, LlamaIndex), and vector databases (OpenSearch) **Required qualifications, capabilities, and skills** + Formal training or certification on software engineering concepts and 5+ years applied experience, including backend software development using Python + Hands-on practical experience delivering system design, application development, testing, and operational stability in AWS Cloud environments + Advanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.) + Advanced in one or more programming language(s), with deep expertise in Python and experience designing RESTful APIs and microservices + Advanced knowledge of software applications and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, etc.), including data modeling with SQL databases (PostgreSQL,Aurora) + Ability to tackle design and functionality problems independently with little to no oversight, including integrating AI/LLM-based services and building intelligent automation components + Practical cloud native experience, including exposure to event-driven and serverless architectures, and understanding of security best practices in AWS environments (IAM, KMS, VPC, Secrets Manager) + Skilled in planning, designing, and implementing enterprise-level security solutions **\#CTC** JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management. We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation. JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans **Base Pay/Salary** Jersey City,NJ $171,000.00 - $260,000.00 / year

We are looking for an IT Security Engineer with a strong Windows engineering background and practical exposure to modern platform security controls to join a global team dedicated to securing Jane Street's IT platforms. In this role, you will help secure our internal IT and remote working platforms through a combination of hands-on technical work, consultancy, and security influence to the wider IT team. The ideal candidate will demonstrate strong judgment and discerning taste in prioritizing potentially complex and extensive remediation efforts. We'll lean on you to suggest where to focus our mitigation efforts, and to provide both technical advice and decision making on behalf of the group where needed. This role will encompass a range of responsibilities, including: Proactively proposing, designing, testing, implementing, and documenting strategic security controls Coordinating and delivering security solutions across our IT platforms while identifying opportunities to further automate intelligent workflows Building security controls that scale, investigating emerging threats, developing new security tooling, and driving vulnerability management initiatives This position sits within our IT Engineering group, a highly dedicated team of engineers who monitor and manage our environment across a physical/virtual computing landscape spanning three continents. Your analytical thinking and expertise will be invaluable as we support the daily work of our colleagues and keep our systems operating at the highest standard. About You Proficient in securing Windows OS platforms and resolving complex technical issues in a fast-moving environment Have hands-on experience utilizing integrated security technologies for safeguarding Windows operating systems, including application control, host-based firewalls, auditing and event monitoring, and disk encryption Skilled in the administration of endpoint security and vulnerability management solutions, including antivirus, anti-malware, EDR, vulnerability scanning, and patch management Knowledgeable about security best practices, including operating system hardening, privileged access management, and vulnerability mitigation Have an understanding of common threat tactics, techniques, and procedures (TTPs), and effective countermeasures Well-versed in Windows core infrastructure services (AD/EntraID, PKI) Eager to produce scalable and repeatable security practices through automation Have an understanding of security tooling and APIs Take a flexible, reliable, and highly collaborative approach to your work An ability to script in PowerShell or other languages is strongly desired If you're a recruiting agency and want to partner with us, please reach out to **********************************.

JobID: 210701359 JobSchedule: Full time JobShift: : Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies. As a Lead Security Engineer at JP Morgan Chase within the Cybersecurity & Technology Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions. * Specific experience deploying commercial software at scale into an enterprise environment. * Develop and enforce robust change management practices to ensure system integrity and security. * Show strong experience defining and implementing infrastructure as Code (IaC), working with CI/CD pipelines, and associated automation tooling. * Function in systems engineering, systems integrations, and systems administration roles. Demonstrate strong working knowledge of Windows and Linux systems internals. * Execute on key deliverables in the security engineering space. Design and develop production deployments with the ability to think beyond routine or conventional approaches in order to deliver technology solutions for key stakeholders. * Develop secure and high-quality production code and review and debug code written by others. Able to implement complex business logic in Python, Bash, PowerShell, and other scripting languages. * Engage effectively with third-party vendors and communicate and collaborate with a broad range of internal teams. * Minimize security vulnerabilities by following industry insights and government regulations to continuously evolve security protocols, including creating processes to determine the effectiveness of current controls. * Work with stakeholders and business leaders to understand security needs and recommend business modifications during periods of vulnerability. * Add to team culture of diversity, equity, inclusion, and respect. Required qualifications, capabilities, and skills * Formal training or certification on Engineering and/or Cybersecurity concepts and 5+ years applied experience as a cloud engineer, deployment engineer, DevOps engineer, or equivalent role. * Experience with cloud engineering, deployment engineering, DevOps engineering, or equivalent * Demonstrated skills in planning, designing, and implementing enterprise level security solutions. * Strong experience defining and implementing infrastructure as Code (IaC), working with CI/CD pipelines, and associated automation tooling * Commanding knowledge of a programming/scripting language for automation and integration tasks. * Proficiency in all aspects of the Software Development Life Cycle. * Strong analytical experience with problem solving mindset and the ability to solve complex challenges. * Advanced understanding of agile methodologies such as CI/CD, Application Resiliency, and Security. Preferred qualifications, capabilities, and skills * Cloud computing related certifications with an AWS focus are strongly preferred, such as Certified Solutions Architect, DevOps Engineer, or similar. * Experience effectively communicating with senior business leaders.

United Community is seeking an experienced Information Security Controls Analyst to serve as a subject matter expert in evaluating and strengthening our cybersecurity and technology controls. This role plays a critical part in assessing risk exposure, recommending control improvements, and ensuring alignment with regulatory standards and business risk tolerance. You'll collaborate with enterprise risk, compliance, and legal teams to provide visibility into our risk posture and drive meaningful change across the organization. What You'll Do Review and document the adequacy of security and technology controls across business and IT environments. Evaluate control posture through interviews, documentation reviews, and workflow analysis. Recommend and support implementation of risk reduction strategies via policies, procedures, and technical controls. Partner with risk management and security leadership to align controls with organizational risk tolerance. Identify control strengths and weaknesses related to privacy, security, resiliency, and compliance. Document and advocate for control improvements that balance risk with operational efficiency. Support control development across testing, QA, and production environments. Present control effectiveness reports to senior risk leadership. Stay current on regulatory requirements, internal policies, and industry best practices. Requirements For Success Experience: 3+ years in cybersecurity or IT practitioner roles. 2+ years in IT risk or controls analysis. Practical experience with risk management and IT control frameworks. Education: Bachelor's degree preferred in Information Assurance, Computer Science, Engineering, or a related technical field. Required Skills: Strong understanding of risk frameworks (CRI, COSO, RMF, COBIT, NIST). Familiarity with regulatory standards (PCI, FFIEC, SOX, HIPAA, GDPR, CCPA, GLBA). Experience with CIS CSC, ISO 2700, or NIST CSF. Excellent written and verbal communication across all organizational levels. Strong organizational skills and ability to meet SLAs. Sound judgment and decision-making in complex scenarios. High integrity, trustworthiness, and adaptability. Preferred Skills: Certifications such as CISSP, CISA, CRISC, or CISM. Technical experience with enterprise networks, applications, and directory services. Familiarity with enterprise GRC platforms. Conditions of Employment Must be able to pass a criminal background & credit check This is a full-time, non-remote position FLSA Status: Exempt We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state, or local protected class. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Pay Range USD $49,972.00 - USD $76,958.00 /Yr.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

As an Application Security Engineer, you'll help drive Concora Credit's Mission to enable customers to Do More with Credit - every single day. The impact you'll have at Concora Credit: We are seeking a highly skilled Application Security Engineer to strengthen our application and product security posture across web, mobile, and cloud-based platforms. The ideal candidate will have deep hands-on experience in secure application development practices, threat modeling, and vulnerability management - with a proven track record of sustained collaboration and communication with development teams and supporting security programs within the financial services industry and PCI DSS compliance environments. The candidate's success will be dependent on their ability to Integrate with multiple teams and be a collaborative and guiding presence. We hire people, not positions. That's because, at Concora Credit, we put people first, including our customers, partners, and Team Members. Concora Credit is guided by a single purpose: to help non-prime customers do more with credit. Today, we have helped millions of customers access credit. Our industry leadership, resilience, and willingness to adapt ensure we can help our partners responsibly say yes to millions more. As a company grounded in entrepreneurship, we're looking to expand our team and are looking for people who foster innovation, strive to make an impact, and want to Do More! We're an established company with over 20 years of experience, but now we're taking things to the next level. We're seeking someone who wants to impact the business and play a pivotal role in leading the charge for change. Responsibilities As our Application Security Engineer, you will: Collaborate daily with development and project teams, assisting developers and architects to ensure compliance with established security standards and secure design principles. Identify, prioritize, and mitigate vulnerabilities based on OWASP Top 10, SANS CWE Top 25, and industry best practices. Lead application security assessments and reviews for web, mobile, and API-based systems throughout the SDLC. Collaborate with internal DevOps and other Dev teams to integrate, manage, and report on automated vulnerability scanning, SAST, DAST, and SCA platforms both as stand-alone tools and within CI/CD pipelines. Partner with DevOps and engineering teams to embed security controls early in the development process (“shift left”). Conduct secure code reviews and support developers in understanding and remediating findings. Conduct and coordinate penetration tests for internal systems and web and mobile applications to validate vulnerability findings and assess real-world exploitability. Champion secure coding practices and deliver targeted security training and awareness to engineering teams. Perform threat modeling and risk assessments for new applications and system changes. Support and maintain PCI DSS compliance as it relates to application security and data protection. Collaborate with infrastructure and cloud security teams to ensure consistent protection across the technology stack. Contribute to continuous improvement of the organization's secure SDLC and AppSec frameworks. These duties must be performed with or without reasonable accommodation. We know experience comes in many forms and that many skills are transferable. If your experience is close to what we're looking for, consider applying. Diversity has made us the entrepreneurial and innovative company that we are today. Qualifications Requirements: 3-5 years of experience in Application Security, Secure Software Development, or related fields. Solid understanding of OWASP Top 10, secure coding standards, vulnerability management, penetration testing methodologies, and common web/mobile vulnerabilities. Hands-on experience with security testing tools (e.g. Sonarqube, Tenable WAS, Burp Suite, OWASP ZAP, Veracode, or similar). Experience integrating AppSec tools into DevOps pipelines (Azure DevOps, Git, etc.). Experience performing or managing web application penetration tests using tools such as Burp Suite, OWASP ZAP, or manual techniques aligned with OWASP Testing Guide. Strong familiarity with PCI DSS and other financial regulatory compliance frameworks. Practical knowledge of web technologies (REST, JavaScript, HTML5, CSS, JSON) and at least one modern programming language (e.g., Java, C#, Python, JavaScript, Swift). Experience securing mobile applications (iOS and Android) through static and dynamic analysis. Excellent communication skills and ability to work cross-functionally with engineering and compliance teams. What's In It For You: Medical, Dental and Vision insurance for you and your family Relax and recharge with Paid Time Off (PTO) 6 company-observed paid holidays, plus 3 paid floating holidays 401k (after 90 days) plus employer match up to 4% Pet Insurance for your furry family members Wellness perks including onsite fitness equipment at both locations, EAP, and access to the Headspace App We invest in your future through Tuition Reimbursement Save on taxes with Flexible Spending Accounts Peace of mind with Life and AD&D Insurance Protect yourself with company-paid Long-Term Disability and voluntary Short-Term Disability Concora Credit provides equal employment opportunities to all Team Members and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Employment-based visa sponsorship is not available for this role. Concora Credit is an equal opportunity employer (EEO). Please see the Concora Credit Privacy Policy for more information on how Concora Credit processes your personal information during the recruitment process and, if applicable, based on your location, how you can exercise your privacy rights. If you have questions about this privacy notice or need to contact us in connection with your personal data, including any requests to exercise your legal rights referred to at the end of this notice, please contact caprivacynotice@concoracredit.com.

At Crypto.com, our dedication to user security is led by our highly experienced Security Team. Comprising an international roster of seasoned cybersecurity experts, our team leads the company's Security, Privacy, and Security Compliance endeavors. The team includes holders of international patents for technologies integrated in our security architecture. Under the stewardship of a distinguished CISO recognized by the Forbes Technology Council and among the Global Top 100 CISOs, our team has consistently championed industry standards, acquiring certifications like ISO27001, ISO27701, ISO22301, PCI:DSS 3.2.1 (Level 1), NIST Tier 4, and SOC 2 Type II, in addition to the MPI License from Singapore MAS. Our Chief Information Security Officer reports directly to the CEO, underscoring the prioritization of security in our organization's hierarchy. Our Security Team not only places great emphasis on credentials and expertise but also deeply values hands-on experience, rapid cognition, and dynamic learning. The challenges in the world of crypto are ever-evolving, and as such, our team prides itself on quick adaptability and robust teamwork, ensuring that we stay ahead of potential threats and always safeguard our user base. About the Role As our Security Compliance Senior Analyst, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units. This role requires technical knowledge of network security, especially on-prem and cloud native architectures. A familiarity with US derivatives regulatory frameworks would be advantageous. Job Responsibilities: Assist in our security compliance programs, including ISO27001, ISO27701, PCI-DSS, SOC2 Type 2, and local regulations Participate in internal security and privacy assessments, internal and external audits, compliance certifications, and risk management Provide complete and accurate responses to internal and third-party enquiries on security compliance Perform security compliance assessment activities, including periodic technical, organizational, and third-party risk and control assessments, and managing remediation activities to completion Design and manage necessary control and framework required to comply with international standards and US local regulations Identify and drive process improvements for streamlining global security compliance operations Qualifications: 3-5 years of experience in information security, privacy, IT audit or IT risk management related roles. Prefer experience with one or more of the following: In-house security and privacy operations, conducting security control assessments, risk assessments or audits. Prefer experience with any of the following: ISO27001, ISO27701, SOC1, SOC2, PCI, SOX, COSO, cloud technologies, and data protection regulations and requirements. Ability to analyze and review US and Global privacy and information security compliance and provide guidance. Holders of security-related certifications/qualifications will be an advantage: CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, or other relevant certifications Experience leading compliance initiatives and working with auditors and/or external regulators It's a plus if you: Have experience in information security and privacy management in virtual assets, fintech, online services, platform services, or global services. Have experience in establishing information security and privacy framework to meet US regulations, (CFTC, FINRA, SEC, and other US based regulators.) Are a strong commitment to personal learning and development Are detail minded with an analytical mindset Have good communication skills with an ability to explain complex technical issues to non-technical business users Have prior experience with project management Have an interest and understanding of Blockchain and AI technologies ***************** Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.Transformational and proactive working environment. Empower employees to find thoughtful and innovative solutions.Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet. Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us - our internal mobility program offers employees a new scope. Are you ready to kickstart your future with us? BenefitsCompetitive salary Attractive annual leave entitlement including: birthday, work anniversary 401(k) plan with employer match Eligible for company-sponsored group health, dental, vision, and life/disability insurance Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope. Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team. About Crypto.com:Founded in 2016, Crypto.com serves more than 150 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem. Learn more at ******************* Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team. Personal data provided by applicants will be used for recruitment purposes only. Please note that only shortlisted candidates will be contacted.

Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorgan Chase within the Cybersecurity Technology & Controls, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. Job responsibilities Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors, leveraging cloud-native backend systems and infrastructure-as-code tools such as Terraform and AWS CloudFormation Architect and deploy scalable solutions on AWS Cloud & develops secure and high-quality production code, and reviews and debugs code written by others, utilizing modern CI/CD workflows and containerization technologies (Docker) Drives decisions that influence the product design, application functionality, and technical operations and processes, including the serverless solutions Serves as a function-wide subject matter expert in one or more areas of focus, such as scalable backend development, AI-powered agents, and data automation pipelines Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle, including observability and monitoring solutions (CloudWatch, Datadog, Prometheus) Influences peers and project decision-makers to consider the use and application of leading-edge technologies, such as LLMs (OpenAI, Bedrock), AI frameworks (LangChain, LlamaIndex), and vector databases (OpenSearch) Required qualifications, capabilities, and skills Formal training or certification on software engineering concepts and 5+ years applied experience, including backend software development using Python Hands-on practical experience delivering system design, application development, testing, and operational stability in AWS Cloud environments Advanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.) Advanced in one or more programming language(s), with deep expertise in Python and experience designing RESTful APIs and microservices Advanced knowledge of software applications and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, etc.), including data modeling with SQL databases (PostgreSQL,Aurora) Ability to tackle design and functionality problems independently with little to no oversight, including integrating AI/LLM-based services and building intelligent automation components Practical cloud native experience, including exposure to event-driven and serverless architectures, and understanding of security best practices in AWS environments (IAM, KMS, VPC, Secrets Manager) Skilled in planning, designing, and implementing enterprise-level security solutions #CTC

JobID: 210686675 JobSchedule: Full time JobShift: : Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorganChase within Cyber Technology & Controls you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. Job responsibilities * Architect, implement, and maintain security control objectives and procedures to ensure alignment with industry best practices and JPMorgan Chase (JPMC) security standards. * Partner in the design and actively participate in building security applications and technical solutions that enforce control objectives and address recurring HR security challenges. * Systematically identify gaps in vendor security offerings, and design and build in-house solutions to effectively mitigate these deficiencies. * Collaborate with HR and other stakeholders to understand business processes and security pain points, translating requirements into actionable engineering solutions. * Conduct comprehensive threat modeling for HR systems and processes; when threat models reveal security gaps, support the design and building of tailored security controls or applications. * Develop scripts, automation, and custom code to streamline security processes, enhance monitoring, and improve the efficiency and effectiveness of security controls. Required qualifications, capabilities, and skills * Formal training or certification on software engineering concepts and 5+ years applied experience. * Experience planning, designing, building and implementing enterprise level security engineering products and solutions in a public cloud environment (i.e. AWS, GCP, Azure) * Experience working with vendors to assess the sufficiency of their security practices and controls meet industry standards. * Extensive experience with threat modelling of applications or architectures using models such as STRIDE. * Advanced in one or more programming languages/scripts (i.e. C/C#, Python, PowerShell) * Advanced knowledge of secure software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.) * Experience with continuous integration and continuous deployment (CI/CD) tools (Jenkins), version control tools (BitBucket, Git), managing and tracking work using management tools like Jira * Ability to tackle design and functionality problems independently with little to no oversight Preferred qualifications, capabilities, and skills * Experience within Cyber Security is preferred with good understanding of industry frameworks like MITRE ATT&CK, NIST, CIS etc. * Certified Secure Software Lifecycle Professional or similar industry certification * Excellent communication and presentation skills * Prior experience in finance industry is a huge plus * Willingness to learn and drive to excel

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap to design, build, implement, and operate security and fraud monitoring, detection, and response capabilities. Your Oversight Will Encompass Security & Fraud Monitoring, Detection, and Response: Identification of potential misuse and abuse cases, determining corresponding events associated with manifestation of such scenarios, design of identification and detection solutions -e.g., correlated/iterative event searches across log sources ranging from infrastructure to applications/SaaS platforms, testing, implementation, monitoring, and fine-tuning of these solutions, etc. Toolset design and operations: Design and build the monitoring, detection, and response platform, from tool selection and integration - e.g., SIEM, SOAR, agentic SOC, EDR, to daily operations/management Incident Response: Play a leading role in the definition, refinement, and execution of incident response activities. Overall Security Operations: Management and operation of security platforms/solutions outside monitoring, detection, and response platform. Support Embedded Product Security Team: Design, build, and implement monitoring and detection solutions for GoodLeap products and services. Essential Job Duties & Responsibilities Lead, participate in, and contribute to security and fraud monitoring, detection, and response activities, inclusive of investigations, threat hunting,etc. Create playbooks for specific incident response scenarios. Identify potential misuse and abuse cases in enterprise systems, propose solutions to detect these scenarios, and identify and implement monitoring and detection solutions for such scenarios. Support or develop components of the security analytics platform. Support embedded (product) security team. Support general security operations team with vulnerability management, tools management, and more. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in security event management, monitoring, threat hunting, incident response, playbook creation, orchestration/automations, etc. Experience with threat modeling methodologies. Expertise with EDR solutions/platforms, such as CrowdStrike, S1, Palo Alto Cortex EDR, etc. Experience with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. · Experience designing, configuring, and implementing security and fraud monitoring for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Experience working with and creating solutions based AI and ML toolsets - e.g., creation of AI skills, agents, MCP clients, vibe coding. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting teams outside of security - e.g., internal product teams and other cross-functional areas. Proficiency in writing automation scripts in multiple languages and integrating with REST/GraphQL APIs to orchestrate workflows between security tooling and third-party cloud/SaaS platforms, automating detection, response, and operational processes. · Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

About the Role iCapital is looking to hire a Vice President Information Security Governance Specialist. This individual will be a key person in iCapital's second line of defense team. The ideal candidate will support the organization's security governance program by ensuring compliance with regulatory requirements, security frameworks, and contractual obligations. This role involves reviewing the information security program against industry standards, assessing security clauses in client and vendor contracts, designing and maintaining security controls, and responding to regulatory audits. Responsibilities Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction. Evaluate the organization's information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR). Identify gaps and recommend control enhancements to align with compliance requirements. Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team. Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability. Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data. Coordinate responses for internal and regulatory audits for information security team. Qualifications 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment Bachelor's degree in information security, risk management, or a related field Strong written and verbal communication skills Excellent analytical and problem-solving skills Able to manage multiple priorities and deadlines in a fast-paced environment Comfortable engaging with senior leaders Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes CISM, CRISC, or CISSP certifications are preferred Benefits The base salary range for this role is $150,000 to $180,000. iCapital offers a compensation package which includes salary, equity for all full-time employees, and an annual performance bonus. Employees also receive a comprehensive benefits package that includes an employer matched retirement plan, generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling, parental leave, and unlimited paid time off (PTO). We believe the best ideas and innovation happen when we are together. Employees in this role will work in the office Monday-Thursday, with the flexibility to work remotely on Friday. For additional information on iCapital, please visit **************************************** Twitter: @icapitalnetwork | LinkedIn: ***************************************************** | Awards Disclaimer: ****************************************/recognition/ iCapital is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

About the Role iCapital is looking to hire a Vice President Information Security Governance Specialist. This individual will be a key person in iCapital's second line of defense team. The ideal candidate will support the organization's security governance program by ensuring compliance with regulatory requirements, security frameworks, and contractual obligations. This role involves reviewing the information security program against industry standards, assessing security clauses in client and vendor contracts, designing and maintaining security controls, and responding to regulatory audits. Responsibilities Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction. Evaluate the organization's information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR). Identify gaps and recommend control enhancements to align with compliance requirements. Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team. Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability. Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data. Coordinate responses for internal and regulatory audits for information security team. Qualifications 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment Bachelor's degree in information security, risk management, or a related field Strong written and verbal communication skills Excellent analytical and problem-solving skills Able to manage multiple priorities and deadlines in a fast-paced environment Comfortable engaging with senior leaders Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes CISM, CRISC, or CISSP certifications are preferred Benefits The base salary range for this role is $150,000 to $180,000. iCapital offers a compensation package which includes salary, equity for all full-time employees, and an annual performance bonus. Employees also receive a comprehensive benefits package that includes an employer matched retirement plan, generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling, parental leave, and unlimited paid time off (PTO). We believe the best ideas and innovation happen when we are together. Employees in this role will work in the office Monday-Thursday, with the flexibility to work remotely on Friday. For additional information on iCapital, please visit **************************************** Twitter: @icapitalnetwork | LinkedIn: ***************************************************** | Awards Disclaimer: ****************************************/recognition/ iCapital is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

External Description: Cross-cutting firmwide role integrating client, business and technology requirements to protect data and systems. Access Management and Identity Controls design and standard methodologies. Governance and analysis and reporting of access and identity usage. Operations and management of Identity and Access (IAM) including provisioning. Done in active partnership and with oversight by Business, Enterprise Architecture, Technology Platform and Application Owners as they are accountable for the secure design, configuration, and operation of their environments. The Systems Security Analyst is a member of the Identity & Access Management Operations team within Enterprise Security. The team is responsible for the operations and management of the organization's Identity & Access Management platform including full user lifecycle. The team supports the maintenance of roles and entitlements in the platform, proper access approval pathing, and works closely with end users, application teams, access provisioners, and Compliance Risk Management. Responsibilities Investigate, understand, troubleshoot, remediate, and clearly document technical issues related to access & security operations, user lifecycle, application integrations, and access provisioning. Individual Contributor operating independently on daily tasks and ticketing queues, concurrently. Performs Role Engineering analysis to support Role Base Access Controls (RBAC). Monitors daily provisioning requests to ensure appropriate access. Gathers application requirements for integrating with provisioning system. You perform analysis to respond to IS Security risks and compliance audits. Supports policies, procedures, and systems to support IAM Governance. Develops educational materials to promote standard methodologies for IAM. Trains junior analysts to conduct daily tasks associated with provisioning. Demonstrates strong logic and reasoning capabilities Uses questions and proposals to clarify requirements when unclear Other duties as assigned Business Knowledge Applies understanding of the Financial Services and Asset Management industries Connects one's own work with the strategy of their team and/or department. Can competently engage in business-led conversations. Qualifications Required: Typically, 1+ years of meaningful experience Understands modern software methodologies (e.g., Agile, XP, Scrum) Working understanding of modern authentication and authorization techniques and technologies. Engages in mentorship to improve technical skills. Demonstrates competence in SQL programming language Reviews and corrects his/her personal work with minimal assistance Solicits feedback and mentorship to improve technical understanding and skills Identifies system/process/data impacts (up and down stream) and proposes appropriate alternatives/remediation Demonstrates some understanding in multiple technologies/ applications Can explain basic technical concepts to a non-technical audience Identifies impacts across teams and coordinate to manage dependencies and potentially competing priorities Preferred: Bachelor's degree or the equivalent combination of education and relevant experience 2+ years of total relevant work experience and Security related certification (Security+, CC, SSCP, etc) FINRA Requirements FINRA licenses are not required and will not be supported for this role. Work Flexibility This role is eligible for hybrid work, with up to three days per week from home. City: State: Community / Marketing Title: Systems Security Analyst Company Profile: Location_formattedLocationLong: Maryland, US CountryEEOText_Description: Commitment to Diversity, Equity, and Inclusion: We strive for equity, equality, and opportunity for all associates. When we embrace the power of diversity and create an environment where people can bring their authentic and best selves to work, our firm is stronger, and we create greater value for our clients. Our commitment and inclusive programming aim to lift the experience for each associate and builds allies for our global associate community. We know that a sense of belonging is key not only to your success at the firm, but also to your ability to bring your best each day. Benefits: We invest in our people through a wide range of programs and benefits, including: • Competitive pay and bonuses as well as a generous retirement plan and employee stock purchase plan with matching contributions • Flexible and remote work opportunities • Health care benefits (medical, dental, vision) • Tuition assistance • Wellness programs (fitness reimbursement, Employee Assistance Program) Our policies may change as our working lives evolve. Yet, our commitment to supporting our associates' well-being and addressing the needs of our clients, business, and communities is unwavering. T. Rowe Price is an equal opportunity employer and values diversity of thought, gender, and race. We believe our continued success depends upon the equal treatment of all associates and applicants for employment without discrimination on the basis of race, religion, creed, color, national origin, sex, gender, age, mental or physical disability, marital status, sexual orientation, gender identity or expression, citizenship status, military or veteran status, pregnancy, or any other classification protected by country, federal, state, or local law.