JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of > $2 trillion and operations in more than 60 countries. The firm is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity.
Global Technology Infrastructure (GTI) is the technology infrastructure organization for the firm, delivering a wide range of products and services, and partnering with all lines of business to provide high quality service delivery, exceptional project execution and financially disciplined approaches and processes in the most cost effective manner. The objective of GTI is to balance both business alignment and the centralized delivery of core products and services. GTI is designed to address the unique infrastructure needs of specific lines of business and the demand to leverage economies of scale across the firm.
GTI Integrated Compute Services (ICS) is responsible for managing the firm's global server and storage portfolio's across plan, build and operate functions. The organization is transforming into a Managed Services provider for JPMC and drives product management, engineering standards and productivity initiatives in support of the Managed Services.
As a Storage Engineer working in the Storage Engineering team you will own technical controls, design, and architectural standards for data integrity, confidentiality, and availability to protect storage resources and data from unauthorized users and uses. Working with SME’s across multiple technology platforms as well as IT Security liaisons in IT Risk organization, you will drive standards and compliance to automated building, deploying, and operating storage solutions.
- Evaluate and develop block storage solutions, with a strong bias towards software defined storage, automation, security, and block over IP
- Develop software for automating product build and provisioning
- Develop lifecycle compliance reporting mechanisms to address configuration management and drift reporting
- Perform security vulnerability assessment against storage products during evaluations and subsequent certifications
- Support L2 and L3 operations staff during critical change events and incidents
- Create all required documentation as part of product evaluation
- Ensure resource management and support processes follow security best practices
- Develop Encryption standards for storage solutions
- Develop Key Management standards for storage solutions
- Work with IT Risk on matters of Regulations and Legislation of data security
- Ensure Governance Frameworks across IT Risk are integrated with Storage organization
- Experience setting standards for building secure block (FC/FCOE/FCIP/iSCSI) SAN, IP based file (NFS/CIFS/SMB), object storage, and backup solutions to protect against common security vulnerabilities in data storage systems or management systems
- Strong knowledge of SAN and IP based storage architectures and understanding of the different security zones between the components (Host/Network/Arrays) making up the holistic architecture as well as management systems used to administrate each level
- Strong experience with automation tools (VCAC, Ansible, Puppet)
- Experience evaluating, designing and implementing data encryption products for in-flight and at-rest encryption (native vendor for EMC VMAX/VNX/DataDomain, IBM XIV, Netapp, Cisco, Brocade as well as appliances such as Vormetric)
- Experience evaluating, designing, and implementing external key management products (TKLM/SKLM, RSA RKM, KMIP) and working with storage devices using internal key management for DARE (EMC VMAX)
- Experience developing access management and RBAC standards for storage administration (EMC symacl/symauth/Tacacs+ for Cisco/Brocade switches, IP storage controls)
- Experience designing long term information security solutions for regulatory archive purposes
- Strong verbal and written communication skills
- Strong critical thinking and problem solving skills
- Ability to understand the full end to end process and identify the key challenges that will unlock the most value
- Bachelor’s Degree in Computer Science or related field