Principal Cybersecurity Architect - Database Security | Product Security Lead
Company: JPMorgan Chase & Co.
Location: Plano
Posted on: April 2, 2026
|
|
|
Job Description:
Description Take your engineering expertise to new heights by
joining a team of exceptionally talented professionals and solidify
your place among top performers in the industry. As a Principal
Cybersecurity Architect at JPMorgan Chase within the Cybersecurity
& Technology Controls team, you will work proactively with your
technology and business colleagues to identify and quantify
security issues within their products and empower them to take
decisive risk decisions at speed and scale. You are a security
expert with a strong mix of database technology and communication
skills and are passionate about enabling safe and secure innovation
to make database products secure. As a Principal Cybersecurity
Architect, you provide expertise to enhance and develop
architecture platforms based on modern cloud-based technologies as
well as support the adoption of strategic global solutions.
Leverage your advanced architecture capabilities to identify,
communicate, and mitigate risk, and collaborate with colleagues
across the organization to drive best-in-class outcomes. Job
responsibilities Cultivate security culture. Products that have the
right security culture will strive to prioritize sustainable
controls and driving real risk reduction outcomes. Embed threat
modeling, security architecture, secure code review into product
and application teams to ensure products are created secure from
the start. Know database products across their breadth and depth.
Be fluent in your product’s strategy and roadmap as well as its key
investment programs. Be your product’s security thought leader.
Learn from your product and cybersecurity teams and share best
practice in both directions. Be recognized in your product as the
clear point of escalation and subject matter expert for IT Risk and
Cyber domains. Monitor Key Risk Indicators to ensure issues are
identified, quantified, communicated, and managed in a timely
manner, including recommendations for resolution, and identifying
the root cause Work collaboratively with product, technology, and
business colleagues on an on-going basis for business-as-usual
audit and regulatory engagements, risk activities and project
initiatives. Required qualifications, capabilities, and skills
Formal training or certification on software engineering* concepts
and 10 years applied experience Experience of operating in a
regulated organization with a 3rd LoD (Line of defense) model.
Detailed, technical understanding of Public Cloud computing
(GCP/AWS). Especially how Public Cloud services are hardened, and
controls are applied to secure data, ensure resiliency/availability
as well as prevent unauthorized access. Proficient in database
encryption techniques, both at rest and in transit, to protect
sensitive data. Proficient in database access control mechanisms,
such as role-based access control (RBAC) and fine-grained access
control (FGAC) mechanisms in DB systems. Proficient in database
auditing and monitoring solutions to detect and respond to
potential security breaches. Proficient in database vulnerability
assessment and penetration testing methodologies to identify and
remediate security weaknesses. Experience with secure database
architecture design, including tenant isolation, and database
hardening techniques Proficient in database backup, recovery, and
disaster recovery strategies to ensure data availability and
resilience against attacks or failures. Experience with Integration
of database security with identity and access management (IAM)
systems, such as single sign-on (SSO), multi-factor authentication
(MFA) and newer technologies like OAuth and OpenID. Familiarity
with securing various database management systems (DBMS), such as
Oracle, Microsoft SQL Server, MySQL, PostgreSQL, and NoSQL
databases such as MongoDB, Neo4J, TigerGraph. Preferred
qualifications, capabilities, and skills Knowledgeable in
industry-specific database security standards and regulations, such
as HIPAA, PCI-DSS, and GDPR Ability to collaborate on, and/or lead,
ad hoc teams for control architecture and design. Experience
translating firm wide policy or regulatory requirements into
control design and definition for Software Engineers and Solutions
Architects Experience in financial services consumer businesses
(i.e., Mortgages, Cards or Digital) preferred but not required.
Keywords: JPMorgan Chase & Co., Mansfield , Principal Cybersecurity Architect - Database Security | Product Security Lead, IT / Software / Systems , Plano, Texas
