Security Engineer III-Python, Bash, Vulnerability Assessments
JPMorgan Chase & Co. · Columbus, Ohio, United States
Financial Services · 10,001+ employees
About the role
Operate and maintain a global vulnerability scanning fleet across multiple data centers and cloud environments. Develop automation tooling for scanner lifecycle management and analyze detection trends to inform enterprise risk decisions.
What they look for
Requirements
Requires 3+ years of experience in security engineering and enterprise-scale vulnerability scanning. Proficiency in scripting languages like Python or Bash and experience with AI-assisted security workflows are essential.
Benefits
Full description
The security of a global financial institution depends on the strength of the people and systems behind it. At JPMorganChase, we're looking for a skilled security engineer ready to operate and evolve the infrastructure that keeps our firm — and the millions of people who depend on us — protected. This is your opportunity to work at scale, drive meaningful impact, and grow your career within one of the most sophisticated cybersecurity programs in the world.
As a Security Engineer III at JPMorganChase within the Cybersecurity & Technology Controls, Runtime Vulnerability Assessment team, you serve as a seasoned member of a team responsible for operating and advancing the firm's global vulnerability scanning program. You will help ensure comprehensive, timely detection across every asset — from on-premises data centers to cloud environments — and contribute to the scanning backbone that supports enterprise-wide risk decisions. You will carry out critical technology solutions with rigorous, audit-ready methods across multiple technical areas in support of the firm's business objectives.
Job responsibilities
- Operate and maintain the firm's global scanner fleet, including appliance deployment, health monitoring, scan profile tuning, and failure recovery across Asia-Pacific, Europe, Middle East & Africa, and North American data centers
- Develop and maintain automation tooling for scanner lifecycle management, including provisioning frameworks, agent packaging for Linux and Windows platforms, and integration with internal deployment pipelines.
- Uses enterprise-authorized AI capabilities within the work environment to accelerate security analysis and vulnerability assessment documentation, validating outputs and ensuring sensitive data is handled appropriately.
- Apply vulnerability scanning platforms to assess detection coverage, correlate findings, and identify gaps across managed and unmanaged asset populations
- Collaborate with infrastructure and cloud engineering teams to ensure scan reachability across segmented networks, cloud workloads, and hybrid environments
- Contribute to the development and maintenance of operational runbooks, continuity documentation, and coverage exercises to sustain scanning through infrastructure changes and major platform events
- Analyze scan data and detection trends to surface actionable insights that inform enterprise risk prioritization and remediation workflows
- Partner with cross-functional teams to support compliance scanning requirements and ensure alignment with regulatory and audit standards.
- Applies reuse-first, AI-assisted practices within SDLC/toolchain routines to strengthen security testing and control validation, ensuring traceability/auditability and alignment to resiliency and security expectations.
- Champion engineering best practices, including infrastructure-as-code, version control, and change management, within the vulnerability management program
Required qualifications, capabilities, and skills
- Formal training or certification on security engineering concepts and 3+ years applied experience
- Experience designing and operating vulnerability scanning solutions at enterprise scale, including scanner infrastructure, agent management, and scan orchestration
- Proficiency in scripting and automation using one or more languages such as Python, Bash, PowerShell, or configuration management frameworks.
- Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security engineering workflows with strong validation habits and awareness of data sensitivity.
- Ability to review and validate AI-assisted code/security recommendations before use, escalating when uncertain and following security and data handling requirements.
- Solid understanding of the software development lifecycle, including infrastructure-as-code practices and change management controls
- Working knowledge of network fundamentals, including segmentation, firewall rules, and connectivity as they relate to scan reachability
- Familiarity with agile methodologies and continuous integration and delivery practices within a security engineering context
- Ability to communicate technical findings and operational risks clearly to both technical and non-technical stakeholders
Preferred qualifications, capabilities, and skills
- Hands-on experience administering Qualys or Tenable platforms, including appliance deployment, option profile configuration, and API-driven automation
- Familiarity with agent-based scanning, binary packaging pipelines, and manifest version control for endpoint security tooling
- Experience supporting Payment Card Industry Data Security Standard compliance scanning or equivalent regulatory scanning requirements
- Exposure to cloud-native security tooling and vulnerability management across major cloud providers
#CTC
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we’re setting our businesses, clients, customers and employees up for success.