Lead Security Engineer - IOT Asset Intelligence

As a Lead Security Engineer at JPMorganChase in the IoT Visibility space, you are part of an agile team working to build a firmwide IoT security program that protects non-traditional endpoints across the enterprise. As an emerging member of the security engineering team, you execute software solutions through the design, development, and troubleshooting of multiple components within the IoT visibility platform, while gaining the skills and experience needed to grow within your role. Your most immediate focus will be on telemetry pipelines, SIEM integration, and data quality — the foundational capabilities that power the program's ability to see, understand, and act on IoT device risk at scale.

Familiarity with AI tools and the ability to apply them to accelerate delivery and improve the quality of your work is expected.

Job responsibilities

• Telemetry Pipeline Development and Maintenance: Executes the design, development, and maintenance of telemetry pipelines that collect, normalize, and route IoT device data across the enterprise visibility platform. Works within established architectural patterns and playbooks to ensure pipeline reliability, data completeness, and performance at scale in support of real time device monitoring and security operations.

• SIEM Integration and Security Operations Support: Supports the integration of IoT visibility data into SIEM platforms, ensuring that device telemetry is correctly parsed, enriched, and mapped to detection use cases. Works under the guidance of senior engineers and architects to improve the fidelity and actionability of IoT security alerts.

• Data Quality and Normalization: Contributes to data quality initiatives across the IoT visibility program, identifying gaps, inconsistencies, and normalization issues in device telemetry and asset inventory data. Develops and maintains automated checks and remediation workflows to support data integrity across downstream systems including CMDB and vulnerability management platforms.

• Security Solution Execution: Executes standard security engineering solutions in accordance with existing playbooks and architectural guidance to satisfy security requirements for internal clients including product, platform, and application owners. Applies specialized tools such as vulnerability scanners and network analysis platforms to analyze and correlate incident data, identify threats, and summarize probability and impact of identified vulnerabilities.

• AI Assisted Engineering: Actively uses AI tools to accelerate development tasks, improve code quality, automate repetitive workflows, and enhance personal productivity. Demonstrates a growth mindset toward AI fluency as a core engineering skill.

• Agile Delivery and Collaboration: Participates actively in agile ceremonies, contributes to sprint planning and delivery, and collaborates closely with senior engineers and architects. Supports continuity related activities including awareness, training, educational activities, and tabletop exercises.

• Adds to team culture of diversity, opportunity, inclusion, and respect

Required qualifications, capabilities, and skills

• Formal training or certification on security engineering concepts and 5+ years applied experience
• Basic to foundational experience developing security engineering solutions, with demonstrated ability to contribute to production grade pipelines or integrations.
• Demonstrable ability to write secure, high quality code in one or more programming languages such as Python, Go, or Java, with the ability to work with limited guidance.
• Hands on experience or strong working knowledge of telemetry pipelines, log aggregation, or data normalization, ideally in a security or network operations context.
• Working knowledge of SIEM platforms such as Splunk or Microsoft Sentinel, including log onboarding, parsing, and basic detection engineering.
• Experience across the full Software Development Life Cycle, with exposure to agile methodologies including CI/CD, application resiliency, and security.
• Working knowledge of information and network security, IT risk management, and architectural concepts and patterns.
• Proficiency with specialized security tools such as vulnerability scanners used to analyze and correlate incident data.
• Demonstrated familiarity with AI tools and the ability to apply them to improve engineering output and personal productivity.

Preferred qualifications, capabilities, and skills

• Exposure to IoT, OT, or unmanaged device environments and the unique data and security challenges they present.
• Experience with data quality frameworks, automated testing, or observability tooling applied to data pipelines.
• Familiarity with asset management systems such as CMDB or vulnerability management platforms and experience contributing to data integrations with those systems.
• Exposure to cloud native environments such as AWS or Azure, particularly in the context of data pipeline or security tooling deployment.
• Familiarity with network protocols such as TCP/IP, DNS, and DHCP and how device telemetry is generated and captured at the network layer.
• Interest in growing toward a senior engineering or architecture role within the IoT security domain.