Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead Security Engineer — Cryptographic Libraries & TLS

Next Frontier Capital

Take on a crucial role where you'll be a key part of a high-performing team building and maintaining foundational cryptographic infrastructure. Make a real impact as you help shape the way secure communications are configured, tested, and deployed across the enterprise at one of the world's largest and most influential companies. As a Lead Security Engineer at JPMorgan Chase within the CTC Emerging Technologies Security group, you will own and evolve a TLS abstraction layer that provides a unified interface for TLS stack configuration across Java, Python, and Node.js runtimes. You will serve as both a hands‑on developer and a subject‑matter expert at the intersection of network security protocols and polyglot software engineering. You will be responsible for ensuring that the library remains secure, performant, well‑tested, and aligned with evolving TLS standards and enterprise security policy. Job Responsibilities Design, implement, debug, and extend the TLS abstraction layer, ensuring consistent TLS configuration and behavior across Java (JSSE/Bouncy Castle), Python (ssl/OpenSSL bindings), and Node.js (built‑in TLS/OpenSSL) runtimes. Serve as the team's subject‑matter expert on TLS 1.2 and 1.3 handshake mechanics, cipher suite negotiation, certificate validation, key exchange algorithms, and session resumption — and translate that expertise into library design decisions. Architect clean, well‑documented APIs that decouple application‑level TLS intent (e.g., minimum protocol version, allowed cipher suites, certificate pinning, mutual TLS) from the platform‑specific implementation details of each runtime's TLS stack. Build and maintain comprehensive test suites — including unit, integration, interoperability, and protocol‑conformance tests — that verify correct TLS behavior across all supported runtimes and configurations. Develop test harnesses that exercise edge cases such as certificate chain validation failures, protocol downgrade scenarios, and cipher suite mismatches. Design, maintain, and improve CI/CD pipelines for the library, including automated builds, multi‑runtime test matrices, static analysis, dependency scanning, and artifact publishing across all supported language ecosystems (Maven/Gradle, PyPI, npm). Triage and resolve complex TLS‑related issues reported by consuming applications, including handshake failures, performance regressions, certificate trust‑store misconfigurations, and runtime‑specific behavioral differences. Monitor developments in TLS standards (IETF RFCs), cryptographic library updates (OpenSSL, Bouncy Castle), and runtime release notes to proactively assess impact on the library and plan necessary updates. Produce clear integration guides, migration documentation, and configuration references so that consuming teams can adopt and configure the library with minimal friction. Work with application teams, platform engineering, and enterprise security policy owners to gather requirements, communicate breaking changes, and align library capabilities with organizational security mandates. Contribute to a team culture of diversity, equity, inclusion, and mutual respect. Required Qualifications, Capabilities, and Skills Bachelor's degree in Computer Science, Computer Engineering, or a related field; 7+ years of software development experience, with at least 3 years focused on security‑sensitive or infrastructure‑level library development. Strong hands‑on development skills in at least two of Java, Python, and Node.js/TypeScript, with a willingness and ability to work across all three. Experience with each language's native TLS/cryptographic APIs (e.g., JSSE, Python ssl module, Node.js tls module). Deep understanding of TLS 1.2 and 1.3 — including handshake flows, key exchange mechanisms (ECDHE, DHE), certificate authentication (X.509, chain‑of‑trust, Certificate Verify), cipher suite semantics, ALPN/SNI, and session management. Familiarity with underlying cryptographic primitives (AES‑GCM, ChaCha20‑Poly1305, RSA, ECDSA, EdDSA, HKDF). Demonstrated experience designing, versioning, and maintaining libraries or SDKs consumed by other engineering teams, including thoughtful API surface design, semantic versioning, and backward‑compatibility management. Proven experience building multi‑dimensional test strategies for security‑critical software, including protocol‑conformance testing, cross‑platform interoperability testing, and negative/adversarial test cases. Hands‑on experience designing and maintaining CI/CD pipelines (e.g., Jenkins, GitHub Actions, or equivalent), including multi‑language build matrices, automated security scanning (SAST, dependency vulnerability checks), and artifact publication. Strong diagnostic skills for network‑level issues — comfortable using tools like Wireshark, OpenSSL CLI (s_client, s_server), keytool, and language‑specific debuggers to trace TLS handshake failures and certificate issues. Solid understanding of agile development methodologies, including iterative delivery, code review discipline, and application resiliency principles. Preferred Qualifications, Capabilities, and Skills Experience with cryptographic library internals such as OpenSSL, Bouncy Castle, or LibreSSL. Familiarity with FIPS 140‑2/140‑3 compliance requirements and their impact on TLS configuration and cryptographic provider selection. Experience with mutual TLS (mTLS) at scale, including certificate lifecycle management and automated rotation. Knowledge of PKI systems, HSMs, or key management infrastructure. Experience with container‑based build and test environments (Docker, Kubernetes) and cloud platforms (AWS). Familiarity with performance profiling of TLS handshakes and bulk‑encryption throughput across runtimes. Experience using AI‑assisted development tools (e.g., GitHub Copilot, Claude Code) to accelerate library development and test generation. Relevant certifications such as CISSP, CCSP, or vendor‑specific security credentials are a plus but not required. Equal Opportunity & Diversity We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans. #J-18808-Ljbffr Next Frontier Capital

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Lead Security Engineer — Cryptographic Libraries & TLS in Palo Alto, CA vacancy
  • JPMorgan Chase in Palo Alto is looking for a Lead Security Engineer to enhance our TLS abstraction layer and ensure secure communications across enterprise systems. In this role, you will leverage your expertise in Java, Python, and Node.js to create robust security solutions... 
    Suggested

    Next Frontier Capital

    Palo Alto, CA
    1 day ago
  •  ...applying advanced cryptographic techniques within...  ...Emerging Technologies Security group within the...  ...and security engineers to solve complex security...  ...& Development: Lead the analysis and use...  ...cryptographic libraries. Evaluate existing...  ...protocols (e.g., TLS, IPsec). Industry... 
    Suggested

    Koitecc Solutions

    Palo Alto, CA
    4 days ago
  •  ...have a PhD or MS in cryptography and 5+ years of industry experience in applying advanced cryptographic techniques for solving complex security problems. The role involves leading research on cryptographic protocols and collaborating with teams to integrate cryptography... 
    Suggested

    慨正橡扯

    Palo Alto, CA
    5 days ago
  • Nectar in Palo Alto is seeking a Security Engineer to manage security across our enterprise SaaS platform. The role involves overseeing the security of deployed applications and leading compliance initiatives while ensuring enterprise-grade security for our customers.... 
    Suggested

    Nectar Inc

    Palo Alto, CA
    2 days ago
  •  ...regulated workflows that require high accuracy, strong governance, explainability, and enterprise-grade security. We are looking for a Lead Senior Security Engineer to own and scale the security architecture, engineering practices, and customer deployment posture of our... 
    Suggested
    Work at office
    Flexible hours

    TryApplyNow

    Palo Alto, CA
    3 days ago
  • Job Title: Zscaler Security Engineer Location: Mountain View CA / San Diego CA / Plano TX (Min 3 days...  ...). Solid understanding of TCP/IP, DNS, TLS/SSL, Proxy architecture, authentication...  .... Ability to work independently and lead problem‑solving efforts. Excellent troubleshooting... 
    Contract work
    3 days per week

    Tech Mirrors

    Mountain View, CA
    5 days ago
  •  ...preferably in the financial sector. This role involves leading research in cryptographic protocols and integrating these advanced techniques into...  ...Candidates are expected to provide thought leadership, enhance security measures, and mentor junior staff. #J-18808-Ljbffr... 

    Koitecc Solutions

    Palo Alto, CA
    4 days ago
  •  ...in cryptography or a related field. This role involves leading the use of cryptographic protocols and collaborating closely with teams to integrate...  ...the financial sector and proficiency in cryptographic libraries. Excellent communication skills and understanding of regulatory... 

    JPMorgan Chase & Co.

    Palo Alto, CA
    5 days ago
  • $165k - $242k

     ...confidence. Trusted by leading AI labs, startups,...  ...WHAT YOU'LL DO: The Security Foundations organization...  ...Secrets team owns the cryptographic infrastructure underpinning...  ...As a Senior Security Engineer on the PKI & Secrets...  ...identity, mutual TLS, and hardware attestation... 
    Permanent employment
    Full time
    Temporary work
    Casual work
    Work at office
    Flexible hours

    CoreWeave

    Sunnyvale, CA
    20 hours ago
  • Senior Security Engineer, Security Operations - Responsible for automating the entire security operations lifecycle with AI and advanced detection techniques. Working within ServiceNow’s global platform, this role builds autonomous workflows that replace manual SOC practices... 
    Full time
    Remote work
    Flexible hours

    ServiceNow

    Mountain View, CA
    4 days ago
  • $130k - $150k

     ...with the ultimate goal of enabling human life on Mars. SECURITY SOFTWARE ENGINEER (STARSHIELD) Starshield leverages the company’s Starlink...  ...of the security design of today’s Internet, including the cryptographic primitives involved. You see the big picture, prioritize... 
    Permanent employment
    Temporary work
    Immediate start
    Flexible hours
    Weekend work

    United States Digital Space LLC

    Palo Alto, CA
    1 day ago
  • $168k - $230k

    A leading aerospace company in Palo Alto is seeking a Sr. Security Software Engineer for their Starshield program. The role involves designing and implementing security...  ...like Python or C++, and an understanding of cryptographic principles. Competitive annual salary ranges... 

    SPACE EXPLORATION TECHNOLOGIES CORP

    Palo Alto, CA
    2 days ago
  • Rivian VW Group is seeking a Product Security Engineer based in Palo Alto, California. In this role, you'll create and validate security requirements for our vehicles, leading efforts in security testing and documentation. We're looking for someone with a B.S. in a relevant... 

    Rivian VW Group

    Palo Alto, CA
    4 days ago
  • $140k - $240k

     ...architecture allows Cerebras to deliver industry‑leading training and inference speeds; over 10...  ...The Role In this role, you will be the security czar for the Cerebras AI cluster product...  ..., best practices, security‑first based engineering. The Cerebras cluster involves complex... 

    Cerebras Systems, Inc.

    Sunnyvale, CA
    2 days ago
  • $130k - $175k

    United States Digital Space LLC is seeking a Security Software Engineer for their Starshield program focused on government applications. The role involves designing secure systems and working on infrastructure that interacts with advanced technologies like Starlink. Applicants... 

    United States Digital Space LLC

    Palo Alto, CA
    4 days ago
  • A leading cybersecurity firm is seeking a Remote Network Security Engineer to architect, implement, and maintain network security measures. The ideal candidate will have 5-7 years of experience in network security engineering, be proficient in network protocols, and hold... 
    Remote job

    Ip Check

    Palo Alto, CA
    3 days ago
  • Westlight AI is seeking a skilled Windows software engineer to develop kernel-level software and integrate it with various I/O subsystems. Candidates must have experience in Windows security software and relevant debugging skills. This fully remote position is open to US... 
    Remote job

    Westlight AI

    Palo Alto, CA
    5 days ago
  •  ...both sides. Founded by ex-Meta product and engineering leaders, we've raised over $30M in total...  ...converge. The Role We're looking for a Security Engineer to own security across our...  ...ownership. You'll secure the products we ship, lead the compliance initiatives that unlock... 
    Shift work

    Nectar

    Palo Alto, CA
    1 day ago
  • About EhsanLab: EhsanLab is a leading software testing and cybersecurity company dedicated...  ..., penetration testing, and advanced security services. We provide tailored testing and...  ...protection against cyber threats. Our skilled engineers and security professionals leverage... 
    Work at office
    Remote work
    Flexible hours

    EhsanLab

    Palo Alto, CA
    4 days ago
  • $185k - $210k

    The Opportunity We are seeking an experienced Cloud Security Engineer to join our team. The successful candidate will be responsible for designing, implementing, and maintaining the security of our cloud infrastructure and applications. This includes ensuring compliance... 

    Cacheflow

    Mountain View, CA
    2 days ago
  • Senior Offensive Security Engineer - Web & AI Systems Location: Mountain View, CA (Day One Onsite) About the Role: We are looking for a Senior...  ...to raise the security bar across the organization. You will lead complex penetration tests, design novel attack techniques for... 

    Tech Mirrors

    Mountain View, CA
    1 day ago
  • $216k - $264k

    Senior Security Engineer Fortinet is looking for a Senior Security Engineer to join the Corporate...  ...and the Vulnerability Management program Lead the internal Fortinet products...  ...related protocols (e.g., TCP/IP, UDP, IPSEC, TLS, DNS, DHCP NetFlow, BGP, OSPF, IPv6 etc.... 
    Full time
    Work experience placement

    Zoomcar

    Sunnyvale, CA
    1 day ago
  • Remote Network Security Engineer Position March 15, 2026 In today's increasingly connected world, robust network security is not just a feature...  ...plans and oversee their implementation. Incident Response: Lead and participate in the response to security incidents,... 
    Remote job

    Ip Check

    Palo Alto, CA
    3 days ago
  • Job Description Client is seeking a US-based, junior-level security engineer with a generalist skill set in application and cloud security, strong coding abilities (especially Python), and a proactive, ownership-driven mindset. Inclusivity Statement We are a company committed... 
    Remote job

    Insight Global

    Mountain View, CA
    4 days ago
  •  ...Fund), and many others. The Context For the last year, our core engineering team has built this entire agent platform from the ground up....  ...many other integrations, and takes actions on their behalf. Securing that surface is existential. We hire across many strengths under... 

    Interaction

    Palo Alto, CA
    1 day ago
  • $60 per hour

    Position Overview FocusKPI is seeking a Senior Offensive Security Engineer (Web & AI systems) to join one of our high‑tech SaaS clients. The...  ...teams to raise the security bar organization‑wide. This role leads complex penetration tests, designs novel attack techniques for... 
    Contract work

    FocusKPI, Inc.

    Mountain View, CA
    4 days ago
  • $113.4k - $252k

    At Navan, you will serve as the technical lead for our incident response lifecycle, driving the containment and remediation of security threats across our multi‑cloud...  ...root‑cause analysis. Automation & SOAR Engineering: Use Tines to build and design workflows... 

    Traveltechessentialist

    Palo Alto, CA
    4 days ago
  • $100k - $228k

     ...Security Engineer - Governance Risk Compliance New York, NY; Palo Alto, CA; Washington, D.C. About xAI xAI's mission is to create...  ...communication, collaboration, and control implementation. Lead Risk Management Assessment and Authorization (A&A) processes,... 
    Permanent employment
    Temporary work

    xAI

    Palo Alto, CA
    2 days ago
  • A leading tech firm is seeking a senior leader in Data Security to enhance security for their data analytics platform. The role requires over 7 years of experience in Data Security, expertise in areas like Cryptography and Web Security, and a strong leadership background... 

    Menlo Ventures

    Mountain View, CA
    3 days ago
  • $220.5k - $300k

     ...actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars. PRINCIPAL SECURITY SOFTWARE ENGINEER, APPLIED COMPUTING (STARSHIELD) Starshield leverages the company’s Starlink technology and launch capability to support... 
    Permanent employment
    Temporary work
    Immediate start
    Flexible hours
    Weekend work

    United States Digital Space LLC

    Palo Alto, CA
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead Security Engineer — Cryptographic Libraries & TLS. Be the first to apply!