J
Lead Security Engineer - Red Team
Ai Enabled Security
Ai Security
Application Security
Cloud Platforms
Cybersecurity Tools
Data Security
Engineer
Engineering
Enterprise Risk
Information Security
Infosec
Llm Security
Risk Governance
Risk Management
Security
Security Automation
Security Compliance
Security Testing
Solution Architecture
Technical Lead
Job Description
The Lead Security Engineer - Red Team will guide JPMorgan Chase's security engineering efforts within the Cybersecurity & Technology Controls for AI and ML, directing AI red teaming, threat modeling, and secure software design across AI and ML systems.
Responsibilities
- Design, build, and deploy enterprise scale software and services, solving business problems through robust software engineering with a secure‑by‑design mindset and adversarially resilient AI enabled systems.
- Engage in all SDLC phases from requirements analysis to release management, embedding enterprise architecture standards into application designs.
- Translate functional and technical requirements into secure modules and microservices, delivering production code for both AI and non‑AI components that align with architectural specifications; design secure AI and software architectures and conduct reviews to validate security, quality, maintainability, and resilience.
- Develop and enhance security strategies and red teaming programs, defining AI red teaming methodologies, playbooks, and success metrics; perform discovery, threat modeling, and adversarial testing on generative AI, RAG pipelines, and ML systems to uncover prompts, jailbreaks, data poisoning, and data leakage risks.
- Mitigate AI and LLM vulnerabilities by adhering to industry standards and AI safety research, updating policies and testing protocols, and providing guidance on secure design, logging, monitoring, and compensating controls; write unit and integration tests and establish CI/CD quality gates; support production and non‑production environments through monitoring and reliability improvements.
- Lead evaluation sessions with external vendors, researchers, standards bodies, and internal security teams to review designs, ensure secure infrastructure configuration, and integrate emerging AI threat practices.
- Collaborate with product, data science, cyber, legal, and risk stakeholders to analyze requirements and propose modifications during vulnerabilities or regulatory changes; manage backlog and release documentation across environments; promote a diverse, equitable, and respectful cross‑functional team culture.
- Utilize enterprise‑approved AI capabilities to accelerate threat modeling, vulnerability analysis synthesis, and security documentation, ensuring proper handling of sensitive data.
- Apply reuse-first, AI‑assisted practices within SDLC tools to strengthen security testing and control validation, maintaining traceability and alignment with resiliency and security expectations.
Requirements
- Formal training or certification in public cloud concepts with hands‑on experience using cloud‑native AI services such as Bedrock.
- Experience in threat modeling, discovery, vulnerability assessment, and penetration testing (MITRE ATLAS, OWASP Top 10 for LLMs) and knowledge of core cybersecurity concepts including IAM, Authentication, OIDC, and SAML.
- Practical experience with Infrastructure as Code solutions such as Terraform and CloudFormation.
- Proficiency in Python scripting.
- Strong understanding of AI/ML concepts and trends, with familiarity in AI red teaming concepts to design and run exercises for complex AI architectures.
- Ability to conceptualize, design, validate, and communicate creative technical solutions to enterprise security problems, including building internal tools, dashboards, and automation for red teaming activities.
Technologies
- Bedrock
- Terraform
- CloudFormation
- Python
- MITRE ATLAS
- OWASP Top 10 for LLMs
- PyRIT
- Garak
- Custom LLM evaluation harnesses
Benefits
- Base salary determined by role, experience, skill set, and location.
- Commission or discretionary incentive compensation paid in cash or equity.
- Comprehensive health care coverage.
- On‑site health and wellness centers.
- Retirement savings plan.
- Backup childcare support.
- Tuition reimbursement.
- Mental health resources.
- Financial coaching.
Preferred Qualifications, Capabilities, and Skills
- Expertise in planning, designing, and implementing AI red teaming exercises and enterprise security solutions for generative AI, LLMs, and ML systems.
- Experience with specialized AI security and red teaming tools and frameworks (including PyRIT, Garak, and custom LLM evaluation harnesses) and contributions to AI security or open‑source security projects.
Similar Jobs
J
J
J
J
J
J