
Sr Director of Infra Engineering- Proxy/Secure Edge (SSE)
at J.P. Morgan
Posted a month ago
No clicks
- Compensation
- Not specified
- City
- Plano
- Country
- United States
Currency: Not specified
Senior director role leading infrastructure engineering and operations for the Broadcom/Bluecoat proxy estate and building an internally hosted Secure Service Edge (SSE) platform at global scale. Accountable for client-facing web security controls, enterprise egress architecture, and delivering CX/DX improvements while meeting regulatory, risk, and resiliency requirements. Manages large, distributed engineering teams, staffing and budgets, and partners with Network Services, Cybersecurity, Employee Platforms and other senior stakeholders. Champions automation, telemetry, multi-region resiliency, and developer-friendly self-service cloud networking for proxy workloads.
Location: Plano, TX, United States
Partner with a company that's devoted to shaping the future of infrastructure in financial services. Let's collaborate to explore uncharted territories and achieve extraordinary feats together.
Job responsibilities
- Manages multiple technical areas and collaborates on technology projects across different technical domains
- Promotes and champions the development of technological methods, techniques, and various analytical approaches across the infrastructure engineering domain
- Ensures technical compliance, risk, and security, is adopted and that service level agreements and solution scalability needs are met
- Manages multiple stakeholders and complex projects consisting of large teams
- Applies cross-functional technical expertise, leadership, and comprehensive business knowledge to a broad range of infrastructure engineering areas by communicating, managing, and implementing strategic and operational plans
- Develops and executes the function’s objectives with accountability for outcomes
- Be responsible for staffing, budget and relevant profit and loss
- Mentors and coaches junior engineers and technologists
- Champions the firm’s culture of diversity, opportunity, inclusion, respect for team members and prioritizes diverse representation
Required qualifications, capabilities, and skills
- 12+ years in network/security engineering; 5+ years leading large, distributed engineering teams and mission‑critical platforms (30+ staff).
- Deep expertise with Broadcom/Bluecoat stack (ProxySG/CAS/SMC), PAC files, ICAP/DLP, TLS 1.3 decryption, Kerberos/SPNEGO, and header‑injection patterns.
- Proven record building/operating SSE‑aligned services (SWG, ZTNA, CASB, DLP integrations) at enterprise scale with measurable CX/DX improvements.
- Strong automation background (Python; Terraform/Ansible; policy‑as‑code) and telemetry integration (synthetic monitoring, real‑user metrics, Grafana/Datadog), SIEM, and ticketing.
- Hands‑on experience with multi‑region resiliency, global load balancing, egress segmentation, and change governance.
- Demonstrated AWS networking/security expertise for proxy workloads (VPC/TGW/PrivateLink/NLB/Route 53, Direct Connect, IAM/KMS, CloudWatch/VPC Flow Logs); experience building developer-friendly, self-service cloud services.
- Experience managing and developing large cross-functional teams within the infrastructure engineering discipline
- Demonstrated prior experience influencing across highly matrixed, complex organizations and delivering value at scale
- Experience leading complex projects supporting infrastructure engineering design, scaling, resilience, and system performance assessments
- Extensive experience hiring, developing, and recognizing talent
- Experience managing and developing budgets
- Experience with one or more next‑gen firewall/SSE vendors: Palo Alto Networks (PAN‑OS, Prisma Access), Fortinet (FortiGate/FortiManager), Zscaler (ZIA/ZPA), Netskope (SWG/ZTNA/CASB).
- Prior ownership of a global proxy estate or SSE platform in a complex, regulated financial institution.
- F5 GTM/LTM integration, secure egress patterns, and performance optimization (on‑prem and cloud).
- AWS certification (Solutions Architect or Network Specialty) and security certifications (e.g., CISSP, CCSP) are a plus.




