Apply Now    

Encryption and Key Management Systems Administrator

Req #: 170124347
Location: Buenos Aires, C, AR
Job Category: Technology
Job Description:
About J.P. Morgan Chase & Co.
JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.4 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small businesses, commercial banking, financial transaction processing and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world’s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands.  Information about J.P. Morgan is available at
Global Technology (GT) is the technology organization within JPMorgan Chase & Co. delivering technology solutions and services to support the business needs of the company around the globe.
Global Services Operations (GSO) is responsible for operations service support delivery for JPMorgan Chase's Global Technology Infrastructure (GTI).  Through its Global Service Desk and Infrastructure Operations Centers, GSO provides global, coordinated diagnostic and support services, while its’ Production Assurance and Support functions leverage and execute industry-leading infrastructure management and support processes that are designed to minimize customer outages and impacts.  Within GSO, the Critical Infrastructure Operations team was formed to provide high level / dedicated 24*7 operations support via a follow the sun model for the firm’s most vital core systems.  This dedicated team focusing on Encryption and Key Management will provide the highest degree of service for their aligned technologies as well as drive service improvement and ensuring the highest availability, resiliency for full commercial-grade operations.
As an Encryption and Key Management Systems Administrator within the GSO Critical Infrastructure Operations team, you will be responsible for infrastructure and application operations support for the Vormetric data encryption, AD-PKI Certificate Authority and Gemalto Key Management platforms.  These technologies support JPMC’s complex business technology application footprint with duties including: incident resolution, providing subject matter expertise to other team members, driving improvements, and ensuring the highest degree of resilience and top tier support resulting in uninterrupted encryption services availability.  Driving service improvement across the environment is key to the role:  managing all service delivery resiliency, efficiency, and audit programs as well as ensuring engineering standards and products are integrated across the platforms.  The scope of responsibilities will entail trouble ticket investigations, participation in root cause analysis, resolution, implementing, measuring, and improving all processes, procedures, and activities required to ensure maximum availability, utility, flexibility, and responsiveness of the production environment.  The qualified applicant will become part of JPMC’s Key Management IT Support Team that administers the Vormetric Data Security Managers (DSM), Microsoft Certification Authorities (CA) and supporting technologies that are part of the Key Management service offerings.
Role Description & Responsibilities:
Encryption and Key Management Systems Administrator position is for the operational support and service delivery of the firmwide Key Management, Certificate Authority and Encryption services. Responsibilities include:
  • Manage, maintain, operate and troubleshoot  Encryption Infrastructure (Vormetric & Gemalto), Microsoft Active Directory PKI system and PKWare SmartCrypt system
  • Perform Data Encryption onboarding tasks - applying encryption guard points, monitor logs, review & fix log infractions, amend encryption policies, switch from learning to blocking mode etc.
  • Create/modify encryption policies and write security rules based on rule definitions and specific requirements
  • Manage LOB communications for Encryption onboarding.
  • Serve as operate team and provide on call support for Encryption, KMS, PKWare and PKI services.
  • Review Splunk Dashboards and reports to enumerate policy infractions.
  • Manage access rights, policies, certificates and keys.
  • Take part and perform High availability / Disaster Recovery tests
  • Administration of Windows 2012 Active Directory Services including CA, HSMs, Certificate Enrollment Web Services, Certificate Enrollment Policy Web Service, and Internet Information Services (IIS).
  • Administration of certificate revocation servers like Online Responder service (OCSP) and Certificate Revocation List (CRL) servers.
  • Patch servers – Vormetric appliances, Splunk servers, CA servers and CRL/OCSP servers
  • Monitor SCOM management console for alerts and act on them to resolve issues associated with service availability and operation.
  • Perform daily health checks of Encryption and PKI infrastructure
  • Implement configuration changes to Encryption and PKI environment that are approved by the Service Engineering team using change management process
  • Install/decommission Encryption HW, SW and PKI servers
  • Serve as the first level escalation point for support issues
  • Promote best practices to ensure the risk profile is minimized and security posture enhanced
  • Operations of cyber related products including encryption and access control services
  • Develop, document and continuously improve the support model and underlying processes
Candidates should have prior experience working with business in the data protection & security space and/or PKI administration/support.  The ideal candidate will have the ability to perform independently as well as work effectively with a team and peers, providing timely delivery and follow through in a high paced environment.  The successful candidate should also possess the following attributes:
  • 5+ years hands-on experience with data security, encryption, PKI, Splunk, monitoring, access control, and incident management tools
  • Working experience with data encryption, PKI administration/support
  • Familiarity with browser and application keystores, OpenSSL
  • Hands on experience/working knowledge with Unix/Linux, Wintel, Storage Technologies and Database administration functions and tools.
  • Working experience with database encryption methods, solutions.
  • Experience with Vormetric Data Security Manager, policy/rule creation, management and key management a plus
  • PKI experience including hands on experience with Certificate Authority Administration, Certificate Enrollment Web Service & Revocation servers configuration, Active Directory Certificate Services (ADCS) monitoring
  • Working experience with Splunk SIEM tool is a plus.
  • Working experience with cryptographic solutions (including authentication, encryption, hashing, tokenization & signing) across applications, backup, database, endpoint device, email, file, network, removable media and storage domains.
  • Working experience with key storage, distribution and administration (user and machine based)
  • Scripting and automation experience
  • Experience with large enterprise technology projects
  • Excellent quantitative and analytical problem solving skills
  • Global awareness; experience with and conscious/aware of local, regional, cultural challenges
  • Experience troubleshooting digital certificate issues
  • Understanding of  Common Criteria Role Separation
  • Understanding of PKIX, PKCS, SSL, TLS, S/MIME standards
  • Capacity Monitoring and Optimization
  • PowerShell, Perl scripting
  • Professional Security Certification (e.g. CISSP) desired but not required
  • Ability to understand data derived by security tools , analyze, draw conclusions and suggest/take the appropriate actions
  • Security and Operations mindset
  • Team player exhibiting professional maturity, personal integrity, and excellent interpersonal skills
  • Strong work ethic, self-starter who is creative with a 'can-do' attitude
  • Strong written and verbal communication skills
  • Quick learner with strong attention to detail
J.P. Morgan is a place for talented people from all backgrounds and perspectives because our clients come from all backgrounds and perspectives. We encourage a culture of inclusion, where everyone's opinion counts and all employees have the freedom to deliver their absolute best. This is why we work hard and invest in attracting and developing a diverse workforce.  Learn more about our Business Resource Groups in how they help our employees build successful careers and reach their greatest potential.

Apply Now    
Link for schema

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Other Information

Apply Using LinkedIn

You can also apply using your LinkedIn® profile. It may save you some time because your information will be automatically transferred into our system. Just click on the LinkedIn logo when you get to the application screen and follow the directions.

Submit an Updated Résumé

During the application process, be sure you have an up-to-date copy of your Résumé, your cover letter and any other documentation you would like to submit.