JPMorgan Chase & Co.
Lead Software Engineer - Proxy/SSE Network Security

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Lead Software Engineer - Proxy/SSE Network Security
As a Lead Software Engineer at JPMorganChase within the Corporate Sector - Enterprise Technology, you are an integral part of an agile team that works to enhance, build, and deliver trusted market-leading technology products in a secure, stable, and scalable way. As a core technical contributor, you are responsible for conducting critical technology solutions across multiple technical areas within various business functions in support of the firm’s business objectives.
Job responsibilities
- Executes creative Network security software solutions, design, development, and technical troubleshooting with ability to think beyond routine or conventional approaches to build solutions or break down technical problems
- Develops secure high-quality production code, and reviews and debugs code written by others
- Architect and implement Zero Trust Network Access (ZTNA) patterns for user-to-app and user-to-internet access, minimizing implicit trust and reducing lateral movement.
- Build and operate an Identity-Aware Proxy (IAP) / policy enforcement point for web and application access, enforcing identity, device, and context-based policy decisions.
- Implement or integrate Secure Gateway / Secure Web Gateway (SWG) capabilities (URL filtering, TLS inspection where approved, malware protection, sandboxing, egress controls, DNS security).
- Experience with other SaaS based Secure Gateway vendor e.g. Zscaler, Netskope, paloalto, Broadcom ProxySG etc
- Drives team adoption of enterprise-authorized AI-assisted engineering practices within the work environment to improve code quality, delivery speed, and operational outcomes (e.g., AI-assisted code review/refactoring, test strategy acceleration, incident/root-cause analysis support), while establishing consistent validation standards (secure coding, peer review, automated testing) and promoting reuse of effective patterns across the team.
- Applies knowledge of tools within the Software Development Life Cycle toolchain, including enterprise-authorized AI-assisted development and automation capabilities, to improve the value realized by automation.
- Good understanding of network infrastructure, network security concepts and application layer protocols (http/https) and vulnerability mitigation
- Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall operational stability of software applications and systems
- Own the US perimeter, proxy, and SSE/SASE engineering roadmap and execution, including intake, prioritization, dependency management, delivery governance, and stakeholder alignment across cybersecurity, network services, operations, and application and platform teams.
- Define and operationalize standards, reference architectures, and reusable engineering patterns for perimeter and egress controls, including forward proxy and secure web gateway patterns, access brokering and identity-aware access concepts where applicable, enterprise egress enforcement, segmentation and policy patterns, and design considerations such as TLS inspection and traffic steering, expressed at a pattern and control-integration level.
- Provide engineering leadership across edge and connectivity adjacencies that materially impact perimeter posture and service delivery, including Cisco and Arista edge environments, colocation and interconnect ecosystems (including Equinix Fabric), and cloud adjacency patterns including AWS Direct Connect and AWS PrivateLink, with awareness of multi-cloud interconnect considerations.
- Establish and run governance mechanisms that accelerate remediation while preserving strong controls, including backlog governance, exception handling, risk acceptance and closure workflows, traceability and auditability requirements, and reporting that ties delivery milestones to risk reduction and resilience outcomes.
- Drive operational excellence at scale for perimeter, proxy, and SSE services in the US, including incident, change, and problem management rigor, observability and resiliency validation practices, automation to improve repeatability and evidence quality, reduction of client and partner impact, and execution of Technology Lifecycle Management (TLM) and modernization outcomes tied to stability and risk reduction.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Required qualifications, capabilities, and skills
- 5+ years in network security / SASE/ SSE/ identity security / security engineering (or equivalent depth).
- Strong understanding of Zero Trust principles, policy-based access, segmentation, and secure egress.
- Hands-on experience with proxy/gateway architectures (forward proxy, reverse proxy, IAP patterns) and secure internet access controls.
- Deep knowledge of SAML, OIDC, OAuth 2.0 concepts, JWT (signing, verification, JWKs, rotation, scopes/claims, replay protection).
- Demonstrated experience leading effective use of approved AI-assisted software development tools (e.g., for coding, code review, test acceleration, troubleshooting) with the ability to set team expectations for validating AI outputs for correctness, performance, and security.
- Strong understanding of responsible AI use in engineering workflows, including data sensitivity considerations, secure handling of inputs/outputs, and adherence to resiliency and security expectations; experience coaching engineers on safe, compliant adoption within delivery practices
- Demonstrated experience delivering regional execution ownership in the US (or North America) for infrastructure and/or security platforms, including prioritization, cross-team coordination, and sustained accountability for operational and delivery outcomes.
- Experience supervising engineers and delivering cross-team remediation, modernization, and platform programs with clear scope, dependency management, delivery milestones, and measurable outcomes.
- Strong knowledge of network and perimeter security architecture and controls, including segmentation, routing and policy considerations, encryption and access control patterns, and defense-in-depth design principles.
- Experience designing, delivering, or operating proxy and/or SSE capabilities at enterprise scale, including the ability to translate security requirements into deployable patterns and operational guardrails.
- Strong experience translating security requirements into deployable edge and perimeter-adjacent connectivity patterns, including Cisco and Arista environments, and the ability to align engineering decisions to operational and control requirements.
- Working knowledge of interconnect and colocation connectivity models (including Equinix Fabric) and cloud adjacency patterns including AWS Direct Connect and AWS PrivateLink, with the ability to incorporate these into perimeter and egress designs without compromising stability or controls.
Preferred qualifications, capabilities, and skills
- Experience integrating US delivery requirements and stakeholder needs into global standards, reference architectures, and governance models while maintaining a consistent global risk posture.
- Experience leading AI-threat-informed remediation programs, including adapting standards and engineering patterns to account for high-velocity reconnaissance, rapid technique iteration, and automation-driven exploitation attempts, without sacrificing control integrity or operational stability.
- Experience building enterprise-scale governance programs for security engineering, including controls-by-design, exception frameworks, audit-ready traceability, and measurable risk reduction reporting.
- Experience with large-scale operations for externally facing or security enforcement services, including observability strategy, resilience testing, incident response alignment, and reduction of repeat incidents and client-impacting events.
- Experience designing and operating hybrid edge architectures and cloud interconnect patterns across multiple cloud providers.
- Security certifications such as CISSP, CCSP, or comparable credentials.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Employer Description
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs [https://careers.jpmorgan.com/us/en/how-we-hire/faqs] for more information about requesting an accommodation.
JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans
Organization Description
Our Global Technology Infrastructure group is a team of innovators who love technology as much as you do. Together, you’ll use a disciplined, innovative and a business focused approach to develop a wide variety of high-quality products and solutions. You’ll work in a stable, resilient and secure operating environment where you—and the products you deliver—will thrive.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills