Lead Software Engineer - Proxy/SSE Network Security

Lead Software Engineer - Proxy/SSE Network Security

Full-Time 70000 - 90000 £ / year (est.) No working from home possible
Jpmorgan Chase & Co.

At a Glance

  • Tasks: Lead the development of innovative network security solutions and enhance cybersecurity measures.
  • Company: Join JPMorgan Chase, a leader in financial services with a commitment to technology and security.
  • Benefits: Enjoy competitive pay, health benefits, and opportunities for remote work and professional growth.
  • Other info: Diverse and inclusive workplace with excellent career advancement opportunities.
  • Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies and a talented team.
  • Qualifications: 5+ years in network security and strong understanding of Zero Trust principles required.

The predicted salary is between 70000 - 90000 £ per year.

As a Lead Software Engineer at JPMorgan Chase within the Corporate Sector - Enterprise Technology, you are an integral part of an agile team that works to enhance, build, and deliver trusted market‑leading technology products in a secure, stable, and scalable way. As a core technical contributor, you are responsible for conducting critical technology solutions across multiple technical areas within various business functions in support of the firm’s business objectives.

Job responsibilities

  • Executes creative Network security software solutions, design, development, and technical troubleshooting with the ability to think beyond routine or conventional approaches to build solutions or break down technical problems.
  • Develops secure high‑quality production code, and reviews and debugs code written by others.
  • Architect and implement Zero Trust Network Access (ZTNA) patterns for user-to-app and user-to-internet access, minimizing implicit trust and reducing lateral movement.
  • Build and operate an Identity‑Aware Proxy (IAP)/policy enforcement point for web and application access, enforcing identity, device, and context‑based policy decisions.
  • Implement or integrate Secure Gateway / Secure Web Gateway (SWG) capabilities (URL filtering, TLS inspection where approved, malware protection, sandboxing, egress controls, DNS security).
  • Experience with other SaaS based Secure Gateway vendor e.g. Zscaler, Netskope, Palo Alto, Broadcom ProxySG etc.
  • Drives team adoption of enterprise‑authorized AI‑assisted engineering practices within the work environment to improve code quality, delivery speed, and operational outcomes.
  • Applies knowledge of tools within the Software Development Life Cycle toolchain, including enterprise‑authorized AI‑assisted development and automation capabilities, to improve the value realized by automation.
  • Good understanding of network infrastructure, network security concepts and application layer protocols (HTTP/HTTPS) and vulnerability mitigation.
  • Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall operational stability of software applications and systems.
  • Own the US perimeter, proxy, and SSE/SASE engineering roadmap and execution, including intake, prioritization, dependency management, delivery governance, and stakeholder alignment across cybersecurity, network services, operations, and application and platform teams.
  • Define and operationalize standards, reference architectures, and reusable engineering patterns for perimeter and egress controls.
  • Provide engineering leadership across edge and connectivity adjacencies that materially impact perimeter posture and service delivery.
  • Establish and run governance mechanisms that accelerate remediation while preserving strong controls.
  • Drive operational excellence at scale for perimeter, proxy, and SSE services in the US.

Required qualifications, capabilities, and skills

  • 5+ years in network security / SASE/ SSE/ identity security / security engineering (or equivalent depth).
  • Strong understanding of Zero Trust principles, policy‑based access, segmentation, and secure egress.
  • Hands‑on experience with proxy/gateway architectures (forward proxy, reverse proxy, IAP patterns) and secure internet access controls.
  • Deep knowledge of SAML, OIDC, OAuth 2.0 concepts, JWT (signing, verification, JWKs, rotation, scopes/claims, replay protection).
  • Demonstrated experience leading effective use of approved AI‑assisted software development tools.
  • Strong understanding of responsible AI use in engineering workflows.
  • Demonstrated experience delivering regional execution ownership in the US for infrastructure and/or security platforms.
  • Experience supervising engineers and delivering cross‑team remediation, modernization, and platform programs.
  • Strong knowledge of network and perimeter security architecture and controls.
  • Experience designing, delivering, or operating proxy and/or SSE capabilities at enterprise scale.
  • Strong experience translating security requirements into deployable edge and perimeter‑adjacent connectivity patterns.
  • Working knowledge of interconnect and colocation connectivity models and cloud adjacency patterns.

Preferred qualifications, capabilities, and skills

  • Experience integrating US delivery requirements and stakeholder needs into global standards.
  • Experience leading AI‑threat‑informed remediation programs.
  • Experience building enterprise‑scale governance programs for security engineering.
  • Experience with large‑scale operations for externally facing or security enforcement services.
  • Experience designing and operating hybrid edge architectures and cloud interconnect patterns across multiple cloud providers.
  • Security certifications such as CISSP, CCSP, or comparable credentials.

High Risk Roles (HRR)

High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of sensitive cybersecurity and technology functions they perform within systems or information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre‑hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs.

Lead Software Engineer - Proxy/SSE Network Security employer: Jpmorgan Chase & Co.

JPMorgan Chase & Co. is an exceptional employer, offering a dynamic work environment in Bournemouth where innovation and collaboration thrive. Employees benefit from a strong focus on professional development, inclusive team culture, and the opportunity to work with cutting-edge technology in a supportive atmosphere that values continuous improvement and engineering excellence.

Jpmorgan Chase & Co.

Contact Details:

Jpmorgan Chase & Co. Recruitment Team

We think you need these skills to ace Lead Software Engineer - Proxy/SSE Network Security

Network Security
SASE
SSE
Identity Security
Zero Trust Principles
Policy-Based Access
Proxy/Gateway Architectures