Lead Software Engineer ProxySSE Network Security

JPMorganChase


Job Location:

London - UK

Monthly Salary: Not Disclosed
Posted on: 8 hours ago
Vacancies: 1 Vacancy

Job Summary

Description

Lead Software Engineer - Proxy/SSE Network Security

As a Lead Software Engineer at JPMorganChase within the Corporate Sector - Enterprise Technology youare an integral part of an agile team that works to enhance build and deliver trusted market-leading technology products in a secure stable and scalable way. As a core technical contributor you are responsible for conducting critical technology solutions across multiple technical areas within various business functions in support of the firms business objectives.

Job responsibilities

  • Executes creative Network security software solutions design development and technical troubleshooting with ability to think beyond routine or conventional approaches to build solutions or break down technical problems
  • Develops secure high-quality production code and reviews and debugs code written by others
  • Architect and implementZero Trust Network Access (ZTNA)patterns for user-to-app and user-to-internet access minimizing implicit trust and reducing lateral movement.
  • Build and operate anIdentity-Aware Proxy (IAP)/policy enforcement pointfor web and application access enforcing identity device and context-based policy decisions.
  • Implement or integrateSecure Gateway / Secure Web Gateway (SWG)capabilities (URL filtering TLS inspection where approved malware protection sandboxing egress controls DNS security).
  • Experience with other SaaS based Secure Gateway vendor e.g. Zscaler Netskope paloalto Broadcom ProxySG etc
  • Drives team adoption of enterprise-authorized AI-assisted engineering practices within the work environment to improve code quality delivery speed and operational outcomes (e.g. AI-assisted code review/refactoring test strategy acceleration incident/root-cause analysis support) while establishing consistent validation standards (secure coding peer review automated testing) and promoting reuse of effective patterns across the team.
  • Applies knowledge of tools within the Software Development Life Cycle toolchain including enterprise-authorized AI-assisted development and automation capabilities to improve the value realized by automation.
  • Good understanding of network infrastructure network security concepts and application layer protocols (http/https) and vulnerability mitigation
  • Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall operational stability of software applications and systems
  • Own the US perimeter proxy and SSE/SASE engineering roadmap and execution including intake prioritization dependency management delivery governance and stakeholder alignment across cybersecurity network services operations and application and platform teams.
  • Define and operationalize standards reference architectures and reusable engineering patterns for perimeter and egress controls including forward proxy and secure web gateway patterns access brokering and identity-aware access concepts where applicable enterprise egress enforcement segmentation and policy patterns and design considerations such as TLS inspection and traffic steering expressed at a pattern and control-integration level.
  • Provide engineering leadership across edge and connectivity adjacencies that materially impact perimeter posture and service delivery including Cisco and Arista edge environments colocation and interconnect ecosystems (including Equinix Fabric) and cloud adjacency patterns including AWS Direct Connect and AWS PrivateLink with awareness of multi-cloud interconnect considerations.
  • Establish and run governance mechanisms that accelerate remediation while preserving strong controls including backlog governance exception handling risk acceptance and closure workflows traceability and auditability requirements and reporting that ties delivery milestones to risk reduction and resilience outcomes.
  • Drive operational excellence at scale for perimeter proxy and SSE services in the US including incident change and problem management rigor observability and resiliency validation practices automation to improve repeatability and evidence quality reduction of client and partner impact and execution of Technology Lifecycle Management (TLM) and modernization outcomes tied to stability and risk reduction.

Required qualifications capabilities and skills

  • 5 years in network security / SASE/ SSE/ identity security / security engineering (or equivalent depth).
  • Strong understanding ofZero Trustprinciples policy-based access segmentation and secure egress.
  • Hands-on experience withproxy/gateway architectures(forward proxy reverse proxy IAP patterns) and secure internet access controls.
  • Deep knowledge ofSAML OIDC OAuth 2.0 concepts JWT(signing verification JWKs rotation scopes/claims replay protection).
  • Demonstrated experience leading effective use of approved AI-assisted software development tools (e.g. for coding code review test acceleration troubleshooting) with the ability to set team expectations for validating AI outputs for correctness performance and security.
  • Strong understanding of responsible AI use in engineering workflows including data sensitivity considerations secure handling of inputs/outputs and adherence to resiliency and security expectations; experience coaching engineers on safe compliant adoption within delivery practices
  • Demonstrated experience delivering regional execution ownership in the US (or North America) for infrastructure and/or security platforms including prioritization cross-team coordination and sustained accountability for operational and delivery outcomes.
  • Experience supervising engineers and delivering cross-team remediation modernization and platform programs with clear scope dependency management delivery milestones and measurable outcomes.
  • Strong knowledge of network and perimeter security architecture and controls including segmentation routing and policy considerations encryption and access control patterns and defense-in-depth design principles.
  • Experience designing delivering or operating proxy and/or SSE capabilities at enterprise scale including the ability to translate security requirements into deployable patterns and operational guardrails.
  • Strong experience translating security requirements into deployable edge and perimeter-adjacent connectivity patterns including Cisco and Arista environments and the ability to align engineering decisions to operational and control requirements.
  • Working knowledge of interconnect and colocation connectivity models (including Equinix Fabric) and cloud adjacency patterns including AWS Direct Connect and AWS PrivateLink with the ability to incorporate these into perimeter and egress designs without compromising stability or controls.

Preferred qualifications capabilities and skills

  • Experience integrating US delivery requirements and stakeholder needs into global standards reference architectures and governance models while maintaining a consistent global risk posture.
  • Experience leading AI-threat-informed remediation programs including adapting standards and engineering patterns to account for high-velocity reconnaissance rapid technique iteration and automation-driven exploitation attempts without sacrificing control integrity or operational stability.
  • Experience building enterprise-scale governance programs for security engineering including controls-by-design exception frameworks audit-ready traceability and measurable risk reduction reporting.
  • Experience with large-scale operations for externally facing or security enforcement services including observability strategy resilience testing incident response alignment and reduction of repeat incidents and client-impacting events.
  • Experience designing and operating hybrid edge architectures and cloud interconnect patterns across multiple cloud providers.
  • Security certifications such as CISSP CCSP or comparable credentials.

Employer Description

JPMorganChase one of the oldest financial institutions offers innovative financial solutions to millions of consumers small businesses and many of the worlds most prominent corporate institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking consumer and small business banking commercial banking financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role experience skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation paid in the form of cash and/or forfeitable equity awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs based on eligibility. These benefits include comprehensive health care coverage on-site health and wellness centers a retirement savings plan backup childcare tuition reimbursement mental health support financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute including race religion color national origin gender sexual orientation gender identity gender expression age marital or veteran status pregnancy or disability or any other basis protected under applicable law. We also make reasonable accommodations for applicants and employees religious practices and beliefs as well as mental health or physical disability needs. Visit ourFAQsfor more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer including Disability/Veterans

Organization Description

Our Global Technology Infrastructure group is a team of innovators who love technology as much as you do. Together youll use a disciplined innovative and a business focused approach to develop a wide variety of high-quality products and solutions. Youll work in a stable resilient and secure operating environment where youand the products you deliverwill thrive.

High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.




Required Experience:

IC

DescriptionLead Software Engineer - Proxy/SSE Network SecurityAs a Lead Software Engineer at JPMorganChase within the Corporate Sector - Enterprise Technology youare an integral part of an agile team that works to enhance build and deliver trusted market-leading technology products in a secure stabl...

About Company

Company Logo

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans ov ... View more

View Profile View Profile