Lead Security Engineer- Security Information and Event Management

Location: OH, United States

Job Family: Security Engineering

About the Role

At JP Morgan Chase, we are at the forefront of financial services innovation, safeguarding trillions in assets through cutting-edge cybersecurity. As a Lead Security Engineer specializing in Security Information and Event Management (SIEM), you will play a pivotal role in designing, building, and maintaining robust SIEM solutions that protect our global banking operations from evolving cyber threats. Working within an agile team in our Ohio-based technology hub, you will integrate SIEM technologies to monitor vast networks, detect anomalies in transaction data, and ensure compliance with stringent financial regulations like SOX and PCI-DSS. Your expertise will directly contribute to maintaining the trust of our clients by fortifying defenses against sophisticated attacks targeting the financial sector. In this leadership position, you will spearhead the optimization of SIEM platforms to handle high-volume event data from diverse sources, including endpoints, cloud environments, and trading systems unique to JP Morgan Chase. You will collaborate with cross-functional teams to develop advanced correlation rules, automate threat responses, and conduct proactive threat hunting to preempt risks in real-time. By leveraging tools like Splunk or similar platforms, you will enhance visibility into security events, enabling faster incident resolution and reducing potential financial losses. This role demands a deep understanding of the interplay between technology and finance, where every alert could impact market stability or client privacy. Joining JP Morgan Chase means becoming part of a world-class organization committed to ethical cybersecurity practices and employee growth. You will have opportunities to innovate in a supportive environment, mentor emerging talent, and influence enterprise-wide security strategies. With access to top-tier resources and a culture that values work-life balance, this position offers a chance to advance your career while contributing to the security of one of the world's leading financial institutions.

Key Responsibilities

• Lead the design, development, and maintenance of SIEM platforms to monitor and analyze security events across JP Morgan Chase's global infrastructure
• Collaborate with agile teams to integrate SIEM solutions with endpoint detection, network security, and identity management systems
• Develop and optimize security rules, alerts, and dashboards to detect threats in real-time for financial transactions and data protection
• Conduct threat hunting and incident response using SIEM data to mitigate risks in the banking environment
• Ensure compliance with financial regulations by tuning SIEM for audit trails and reporting on security posture
• Mentor junior engineers and drive continuous improvement in SIEM performance and scalability
• Perform regular assessments and updates to SIEM configurations to address emerging cyber threats in the financial sector
• Integrate SIEM with automation tools for streamlined incident triage and response workflows
• Contribute to security architecture reviews, providing SIEM expertise for enterprise-wide initiatives

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Minimum of 7 years of experience in cybersecurity engineering, with at least 3 years focused on SIEM systems
• Proven track record in designing and implementing security solutions in a large-scale financial environment
• Strong understanding of regulatory compliance requirements such as GDPR, SOX, and PCI-DSS in the financial services sector
• Experience with agile methodologies and cross-functional team collaboration
• Ability to obtain necessary security clearances and certifications relevant to financial institutions

Preferred Qualifications

• Advanced certifications such as CISSP, CISM, or GIAC Certified Incident Handler
• Experience with cloud-based SIEM solutions like Splunk Cloud or AWS Security Hub in a hybrid environment
• Prior work in a global financial institution handling high-volume transaction security
• Knowledge of threat intelligence integration and machine learning for anomaly detection

Required Skills

• Expertise in SIEM platforms such as Splunk, ELK Stack, or QRadar
• Proficiency in scripting languages like Python, PowerShell, or Bash for automation
• Knowledge of network protocols, firewalls, and intrusion detection systems
• Experience with log management, correlation rules, and data normalization
• Strong analytical skills for threat detection and forensic analysis
• Understanding of cybersecurity frameworks like NIST and MITRE ATT&CK
• Familiarity with cloud security in AWS, Azure, or GCP environments
• Skills in SQL and big data querying for security analytics
• Excellent problem-solving and critical thinking abilities
• Effective communication for technical reporting and stakeholder collaboration
• Agile project management and DevSecOps practices
• Knowledge of financial industry threats like ransomware and insider risks
• Experience with SOAR tools for orchestration and automation
• Ability to handle high-pressure incident response scenarios

Benefits

• Competitive base salary and performance-based annual bonuses
• Comprehensive health, dental, and vision insurance plans
• 401(k) retirement savings plan with generous company matching
• Paid time off including vacation, sick days, and parental leave
• Professional development opportunities with tuition reimbursement and certification support
• Employee stock purchase plan and financial wellness programs
• On-site fitness centers and wellness initiatives at JP Morgan Chase locations
• Flexible work arrangements including hybrid options in Ohio

JP Morgan Chase is an equal opportunity employer.