Empower secure innovation by shaping cloud security strategy and driving impactful risk reduction across global products.
Join a team where your expertise in cloud security will directly influence the future of technology at JPMorgan Chase. As a Senior Cloud Security Architect, you’ll collaborate with top cybersecurity and engineering talent, solving complex challenges and enabling safe, secure innovation. We value your passion for security and your drive to make a real impact. Grow your skills in a dynamic environment designed for achievers, and help us build products that prioritize security from the start.

Job Summary:
As a Senior Cloud Security Architect in the Cybersecurity & Technology Controls team for International Consumer, you will proactively partner with technology and business colleagues to identify and address security issues. You will embed security culture, lead threat modeling, and drive architecture reviews to ensure our products are secure by design. Your role will be pivotal in managing emerging risks, influencing product strategy, and serving as the subject matter expert for IT Risk and Cyber domains. You will collaborate globally, supporting audit, regulatory, and risk initiatives, with a focus on cloud computing and emerging technologies.

Job Responsibilities:

• Cultivate a security-first culture across product, technology, and business teams.
• Embed threat modeling and architecture reviews to drive adoption of secure controls.
• Serve as the security thought leader and escalation point for IT Risk and Cyber domains.
• Act with urgency to manage emerging issues, monitor risk indicators, and recommend resolutions.
• Partner with colleagues and vendors to ensure effective technology risk management, especially in cloud and emerging tech.
• Support audit, regulatory, and risk activities, translating requirements into actionable controls.
• Identify and address unfamiliar technology components, applying critical thinking to uncover hidden risks.
• Share best practices and influence peers to drive continuous improvement in security.

Required Qualifications, Capabilities, and Skills:

• Hands-on cloud security expertise in AWS and GCP.
• Practical experience creating reference architectures and landing zones for engineering teams.
• Proven ability to design and deploy automated preventive guardrails at scale.
• Advanced threat modeling experience (e.g., STRIDE) for core cloud services.
• Extensive experience with CNAPP tools such as Wiz, including custom configuration rules and graph queries.
• Direct experience mapping cloud-native controls to frameworks like NIST CSF, ISO 27001, SOC2, or CIS Benchmarks.
• Deep operational knowledge of AWS and GCP native security suites.
• Proficiency in applying the Security Pillar from AWS and Google Cloud Architecture Frameworks.
• Ability to solve design and functionality problems independently.
• Strong written and verbal communication skills.
• Demonstrated success in influencing peers and stakeholders.
• Ability to evaluate and recommend emerging technologies for future state architecture.

Preferred Qualifications, Capabilities, and Skills:

• Advanced proficiency in Infrastructure as Code and Security-as-Code, including CI/CD security linting and policy enforcement.
• Relevant certifications: AWS Certified Security – Specialty, GCP Professional Cloud Security Engineer.
• Experience operating in regulated organizations with a 3LoD model.
• Willingness to challenge existing processes respectfully.
• Experience translating policy and regulatory requirements into control design for engineers and architects.
• Proven ability to upskill and learn modern technologies.
• Experience in financial services consumer businesses or Fintech organizations.

#ICBCareers