Lead Security Engineer- Storage

Location: Houston, TX, United States

Job Family: Security Engineering

About the Role

At JP Morgan Chase, we are a leading global financial services firm committed to innovation and security in managing trillions in assets. As a Lead Security Engineer - Storage, you will play a pivotal role in safeguarding our storage product line, ensuring the confidentiality, integrity, and availability of critical financial data. Based in Houston, TX, this position within our Security Engineering category demands a strategic leader who can navigate the complexities of enterprise storage while adhering to stringent regulatory requirements in the banking sector. You will drive security initiatives that protect against evolving cyber threats, enabling secure data handling for trading, lending, and customer services. Your core responsibilities will include architecting robust security frameworks for storage systems, from on-premises arrays to cloud-based solutions, while integrating with JP Morgan's broader cybersecurity ecosystem. You will lead vulnerability assessments, implement advanced encryption and access controls, and respond to incidents that could impact financial operations. Collaboration with cross-functional teams—such as infrastructure, compliance, and application development—will be essential to embed security into every stage of the storage lifecycle, ensuring alignment with standards like PCI-DSS and SOX. This role offers the opportunity to influence enterprise-wide security strategies and mentor emerging talent in a dynamic, high-stakes environment. We seek a seasoned professional with deep expertise in storage technologies and a passion for financial services security. In this leadership position, you will contribute to JP Morgan Chase's reputation as a trusted steward of client data, fostering innovation while mitigating risks. Join us to advance your career in a supportive culture that values diversity, professional growth, and impactful work in global finance.

Key Responsibilities

• Lead the design, implementation, and maintenance of security controls for JP Morgan Chase's storage product line, ensuring protection of sensitive financial data
• Conduct risk assessments and vulnerability analyses on storage infrastructure to identify and mitigate threats in a regulated financial environment
• Collaborate with engineering teams to integrate security best practices into storage solutions, including encryption at rest and in transit
• Develop and enforce storage security policies compliant with industry regulations like PCI-DSS and SOX
• Monitor and respond to security incidents involving storage systems, performing root cause analysis and remediation
• Mentor junior security engineers and foster a culture of security awareness within the storage team
• Evaluate and recommend emerging storage security technologies to enhance JP Morgan's data protection capabilities
• Partner with compliance and audit teams to support regulatory reviews and reporting for storage environments
• Optimize storage security architectures for scalability and performance in high-volume financial transactions

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, or a related field; advanced degree preferred
• 8+ years of experience in security engineering, with at least 3 years focused on storage systems security
• Proven track record in leading security initiatives for enterprise storage environments in a financial services context
• Deep knowledge of regulatory compliance standards such as PCI-DSS, SOX, and GDPR as they apply to data storage
• Experience with secure storage technologies including encryption, access controls, and data lifecycle management
• Strong understanding of cloud storage security (e.g., AWS S3, Azure Blob) and hybrid environments
• Ability to obtain and maintain necessary security clearances or certifications relevant to financial institutions

Preferred Qualifications

• CISSP, CISM, or equivalent security certification
• Experience in the financial services industry, particularly with high-stakes data protection in banking
• Familiarity with JP Morgan Chase's internal security frameworks and tools
• Advanced knowledge of storage orchestration tools like Kubernetes for secure deployments
• Prior leadership in cross-functional teams handling security incidents in storage systems

Required Skills

• Expertise in storage security protocols (e.g., NFS, SMB, iSCSI security)
• Proficiency in encryption technologies (AES, TLS) and key management systems
• Knowledge of identity and access management (IAM) for storage environments
• Experience with security tools like Splunk, ELK Stack for monitoring storage logs
• Understanding of container and orchestration security (Docker, Kubernetes)
• Skills in scripting and automation (Python, Bash) for security tasks
• Familiarity with compliance auditing tools and frameworks
• Strong problem-solving and analytical skills for threat detection
• Excellent communication skills for cross-team collaboration
• Leadership abilities to guide security projects and teams
• Knowledge of financial data privacy regulations
• Experience with cloud-native storage security (e.g., AWS KMS, Azure Key Vault)
• Proficiency in vulnerability scanning tools (Nessus, Qualys)
• Ability to handle high-pressure incident response scenarios

Benefits

• Comprehensive health, dental, and vision insurance plans with employer contributions
• 401(k) retirement savings plan with generous company matching
• Paid time off including vacation, sick days, and parental leave
• Professional development programs and tuition reimbursement for certifications
• Employee stock purchase plan and performance-based bonuses
• Wellness programs including gym memberships and mental health support
• Flexible work arrangements and hybrid options for work-life balance
• Access to JP Morgan's global mobility programs for career advancement

JP Morgan Chase is an equal opportunity employer.