JPMorgan Chase Data Security Architect - Data Modeling in Jersey City, New Jersey

We are seeking a Data Model Architect as part of our Data Management architecture function.

This function will work across Cybersecurity to assess our existing distributed data estate, partner with our engineering & product teams to define target state data distribution, persistence and control technologies, and to identify and curate critical cyber data models around threat, asset, control, investment, assessment and risk.

Overall success will unify and consolidate the various knowledge domains into a consolidated and cohesive data model that is used and consumed by developers, engineering and product teams, with limited sharing of non-sensitive models to business consumers and developers outside the Cyber function.

Would you like to:

  • Understand how Threat Intelligence used by Incident Responders, control frameworks, and risk evaluation to guide future architectural designs and business implementation?

  • Work across multiple knowledge domains, such as, Vulnerability Management, Data Protection, Fraud and Security Incident and Event Management using and integrating industry models such as STIIX, TAXII, CIM, CVE, etc?

  • Build rapid proofs of concepts and roadmaps with Engineering to facilitate/improve fraud and cyber incident triage and response protecting hundreds of millions of customers world wide?

  • Work with internal and external Knowledge Domain SMEs to integrate data models from MITRE and OASIS and dozens of vendor firms?

Responsibilities:

  • Evaluate existing data domains, content, elements and consumers and document usage, criticality, ownership

  • Partner with existing operations teams to understand requirements, level of detail and practical usability of existing and target data sets

  • Work with operations, services & engineering to identify clear boundaries between data domains, define models, and to rationalize common data elements to normalized name and value forms

  • Establish & incubate common data models and vocabularies to enable assessment of control gap, control effectiveness, investment return and overall trending of spend to incident outcomes

  • Define and drive population and adoption of critical data models and taxonomies for threat, control, asset, vulnerability, risk, investment and incident

  • Assist product team in driving clear roadmaps for major data producers and consumers to align on common critical data element definitions and systems of record

  • Partner with Engineering, Operations & Service teams to ensure adoption of the taxonomies in day to day operational practice, all new build, and refactoring of critical existing build

  • Author & agree firm wide patterns with the businesses, legal/control/compliance and Global Technology partners for data management patterns using these models

Qualifications:

  • Demonstrated architecture experience and solution delivery in information security, data management, data modeling or data protection.

  • Progressive applied technology experience including defining, populating and driving adoption of complex data models and taxonomies

  • Demonstrated practical experience with taxonomies, ontologies, data modeling tools and data remediation / alignment programs

  • Active professional security certifications (e.g., CISSP or other similar industry qualification), open source project, security research (e.g. CAPEC, CVE, CEF, etc.) or design framework/patterns contribution, or other continuous learning examples in the information management, data & security spheres

  • Possess a strong data technology background with the ability to challenge or validate information model and technology decisions from a position of knowledge and experience

  • Possess the ability to rapidly assimilate business strategies, coupled with the insight to seize high impact opportunities by applying creative problem solving solutions

  • Experience of working in a matrixed organization, achieving goals through partnership and collaboration

Cyber @ JPMC

The Cybersecurity organization within JPMorgan Chase & Co. provides security services to all lines of business (LOB) across JPMC. The objective of Cybersecurity is to balance both business alignment and the centralized delivery of core products and services including Security Standards, Monitoring & Protection, Assurance & Awareness, and Security Operations. Cybersecurity is designed to address the JPMC global security needs across all LOBs and the demand to leverage economies of scale across the firm.

The Cybersecurity Enterprise Architecture Team translates security requirements into system qualities (e.g., tenets) and then into repeatable design strategies and patterns. The Team designs architectural models of solutions and describes how those solutions integrate into the broader technical infrastructure of the firm. In partnership with development teams, the Cybersecurity Enterprise Architecture Team drives architecture standards into delivered solutions.

JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.