Lead Security Engineer

J.P. Morgan

J.P. Morgan

Other Engineering

London, UK

Posted on Apr 13, 2026
Apply now

Join us and shape the future of secure software delivery. As a Lead Security Engineer, you’ll work at the intersection of security and platform engineering, designing impactful solutions that enable teams to move fast while managing risk. You’ll collaborate with talented squads, contribute to a culture that values unique perspectives, and foster growth, impact, and innovation. This is your opportunity to make a difference and advance your career in a dynamic, engineering-led environment. We’re committed to helping you thrive and grow.

As a Lead Security Engineer at JPMorgan Chase in the Platform team, you will embed security into engineering workflows and deliver scalable, engineering solutions. You’ll work at the intersection of security and platform engineering, actively designing, building, and implementing security capabilities. Your role is hands-on, collaborating with squads to reduce platform risk and enable secure software delivery. You’ll help shape a modern, engineering-led approach to security, empowering teams to move fast while managing risk. Our culture values unique perspectives and fosters growth, impact, and innovation.

Job Responsibilities:

  • Design, build, and operate scalable security capabilities integrated into engineering workflows
  • Embed security into the software development lifecycle by implementing automated controls
  • Improve software supply chain security through SBOM generation and dependency visibility
  • Analyze and enrich vulnerability data with contextual information for effective remediation
  • Provide actionable insights and guidance to engineering teams to address security issues
  • Collaborate with platform and product engineering teams to drive secure development practices
  • Identify and assess security risks in runtime and cloud environments, supporting remediation
  • Support the development and operation of runtime security tooling for production risk visibility
  • Contribute to security incident response activities, including triage and investigation
  • Develop and maintain incident response processes, runbooks, and detection capabilities
  • Work with risk, governance, and control teams to support reporting and compliance

Required Qualifications, Capabilities, and Skills:

  • Hands-on experience in software, platform, or cloud engineering roles deploying systems in public cloud environments
  • Strong ability to design and implement security controls within engineering workflows, especially CI/CD pipelines
  • Proficiency in at least one programming or scripting language for automation and integration
  • Solid understanding of the Software Development Life Cycle and integrating security practices
  • Experience applying security testing and controls within CI/CD pipelines
  • Familiarity with cloud-native technologies, including containerization and orchestration platforms
  • Strong analytical and problem-solving skills to deliver practical security solutions
  • Good understanding of modern engineering practices, including CI/CD, system resilience, and secure software delivery

Preferred Qualifications, Capabilities, and Skills:

  • Experience in platform security, DevSecOps, or engineering-led security teams
  • Familiarity with security tools such as Snyk and Wiz
  • Knowledge of software supply chain security concepts, including SBOM, SLSA, and dependency management
  • Cloud certifications, preferably GCP (e.g., Professional Cloud Architect, Professional DevOps Engineer)
  • Experience operating in large-scale enterprise environments within regulated industries
  • Ability to communicate technical risks clearly to engineering teams and senior stakeholders
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.
Join us to shape platform security and deliver scalable solutions that empower teams and protect customers.
Apply now
See more open positions at J.P. Morgan