Software Engineer III- Azure Cloud Identity

As a Software Engineer III on JPMorgan Chase’s Cloud Foundational Services team, you will be a seasoned member of an agile team designing and delivering trusted, market‑leading identity and access capabilities in a secure, stable, and scalable way. You will build critical solutions across multiple technical areas to support the firm’s business objectives.

• Design, implement, and manage Azure identity and access controls, including Azure RBAC, role definitions and assignments, and guardrails for least privilege.
• Implement best practices for cloud security, compliance, and governance, including identity management, encryption, key management, organizational guardrails, and Azure Policy with deny effects.
• Engineer and operate Service Principals, Managed Identities, App Registrations, and Enterprise Applications; enable workload identity federation where appropriate.
• Participate in IAM governance and compliance activities, including audits, evidence collection, and control effectiveness reviews.
• Apply agile development practices in a fast‑paced environment with a strong focus on feature delivery and automation.
• Deliver secure‑by‑design solutions that incorporate defense in depth.

• Formal training or certification in software engineering concepts and 3+ years of applied experience.
• Proficiency with Azure services:
  Azure App Service, Azure Blob Storage, Azure Cosmos DB, Azure Functions, and Azure Kubernetes Service (AKS).
• Experience with Microsoft Entra  Azure RBAC:
  Service Principals, Managed Identities, App Registrations, role management, and Conditional Access.
• Solid understanding of authentication and authorization standards (OAuth 2.0, OpenID Connect, SAML).
• Familiarity with serverless and event‑driven architectures using Azure services (e.g., Event Grid, Service Bus).
• Proficiency with Terraform and scripting in Python or Go.
• Ability to work independently and collaboratively on cross‑functional teams.

• Experience with additional cloud platforms (AWS or GCP).
• Experience with SQL and relational database concepts.
• Familiarity with Privileged Identity Management (PIM) is a plus.
• Familiarity with containerization and orchestration (Docker, Kubernetes/AKS).
• Experience with Azure infrastructure-as-code (Bicep/ARM) and CI/CD (Azure Dev Ops or Git Hub Actions).
• Relevant Microsoft Azure certifications (e.g., Azure Administrator, Azure Developer, Azure Security Engineer, Identity and Access Administrator, Solutions Architect).