Sr Lead Security Engineer - AI Governance

Senior Lead Security Engineer

Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers.

As a Senior Lead Security Engineer at JPMorganChase within the Enterprise Technology, Data Platforms Team, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains.

Job Responsibilities

• Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs
• Enhances partnership with Application Owners (AOs) to proactively address changes in their applications. Embeds TRC involvement from the design phase (e.g., Quantum replatforming) to ensure compliance from the outset, rather than only at checkpoints.
• Provides senior leadership with visibility into key risks and blockers, including forecasting future issues. Ensures this is a standing agenda item in leadership meetings to highlight risks, weaknesses, and support AOs with prioritization.
• Takes formal responsibility for AWS module currency reporting and remediation, clarifying accountability for AOs and reducing confusion by embedding this within the risk team.
• Establishes closer linkage between the Technology Risk Committee (TRC) and AI Governance, recognizing that technology risk is key to AI governance. Partners with current governance processes to ensure secure deployment of AI use cases and integrates technology AI governance as a core component of the role.
• Acts as a key component in vendor onboarding, ensuring proper contract terms, advising on design, and shepherding vendor applications through internal processes. Early engagement prevents misinformation and streamlines onboarding (e.g., Sigma case study).
• Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability
• Be responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events

Required Qualifications, Capabilities, and Skills

• Formal training or certification in software and/or security engineering concepts, with 5+ years of applied experience in enterprise environments.
• Proven ability to plan, design, and implement enterprise-level security solutions across diverse technology domains, including cloud and AI.
• Deep knowledge of software application development, technical processes, and security controls, with specialization in at least one area such as cloud, artificial intelligence, machine learning, or mobile technologies.
• Extensive experience with threat modeling, vulnerability assessment, discovery, and penetration testing, including risk triage and mitigation strategies.
• Demonstrated ability to independently tackle complex design and functionality problems, proactively identifying risks and blockers and driving remediation.
• Practical experience with cloud-native architectures and AWS environments, including module currency reporting and remediation.
• Strong partnership skills, with a track record of collaborating with Application Owners (AOs), senior leadership, and cross-functional teams to embed security and compliance from the design phase through deployment.
• Experience establishing and maintaining linkages between technology risk committees and governance functions, ensuring secure deployment and oversight of AI use cases.
• Ability to act as a key advisor in vendor onboarding, contract review, and internal process navigation, ensuring early engagement and compliance.

Preferred Qualifications, Capabilities, and Skills

• Demonstrated experience in AI governance and technology risk management, with a proven ability to bridge governance and risk functions for secure AI deployment.
• Strong track record of providing senior leadership with actionable risk insights and supporting prioritization for application owners.
• Experience with AWS module currency reporting and remediation, including clear accountability structures.
• Ability to partner with application owners and vendors from the design phase, ensuring compliance and preventing misinformation through early engagement.
• Experience in vendor onboarding processes, contract review, and internal process navigation.
• Advanced proficiency in one or more programming languages, with hands-on experience in secure software development practices. (any specific languages)