Job
Description
As a Cloud Security Engineer at JPMorgan Chase within the Aumni Cloud Security team, your primary responsibility will be to safeguard the security, availability, and integrity of our cloud-based infrastructure and applications. You will work closely with development, operations, and security teams to enforce robust security measures, pinpoint vulnerabilities, and effectively handle security incidents. Your role will be crucial in protecting our organizations sensitive data and upholding a strong security posture in the constantly changing cloud landscape. Job Responsibilities Design, write, implement, and review security controls for IaC frameworks (e.g., Terraform, CloudFormation) to ensure secure provisioning and management of cloud resources. Collaborate with development teams to integrate security best practices into the IaC and IaC pipelines. Develop and implement security controls for Kubernetes clusters, ensuring secure configuration, network policies, authentication, and authorization. Conduct regular vulnerability assessments and penetration tests on Kubernetes infrastructure and applications. Define and enforce security gates and best practices for continuous integration and continuous deployment (CI/CD) pipelines. Automate security checks and code analysis to identify and remediate vulnerabilities early in the development lifecycle. Participate in an on-call rotation for security incidents and respond to security events promptly. Conduct root cause analysis of security incidents, document lessons learned, and propose improvements to prevent future incidents. Assist in conducting security assessments, audits, and compliance reviews to ensure adherence to industry standards and regulatory requirements. Implement and maintain security monitoring and logging systems to detect and respond to security events in real-time. Required Qualifications, Capabilities, and Skills Formal training or certification in Cloud Security Engineer concepts with 3+ years of applied experience. Strong knowledge of cloud security principles, best practices, and technologies (AWS). Hands-on experience with IaC frameworks (Terraform, CloudFormation) and configuration management tools. Proficiency in securing Kubernetes clusters, containerization, and microservices architectures. Familiarity with CI/CD pipelines, automated security testing, and secure code review practices. In-depth understanding of incident response methodologies, including detection, analysis, containment, and recovery. Experience with security audits, compliance frameworks, and regulatory requirements. Knowledge of network security, firewalls, IDS/IPS, and vulnerability management tools. Excellent analytical and problem-solving skills, with a keen attention to detail. Preferred Qualifications, Capabilities, and Skills Proven experience interacting with major institutional Emerging investors. Experience with government bond obligations in the region. Bachelors degree in Engineering, Finance, Math, or a related quantitative field.
