J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives. We recognize that our people are our strength and the diverse talents they bring to our global workforce is directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.
As an experienced professional in our cybersecurity organization, you won’t just be watching over our data – you’ll be finding innovative new ways to protect it in the future. To do that, you’ll help lead a highly motivated team focused on analyzing, designing, developing, and delivering solutions built to stop adversaries and strengthen our operations. You’ll use your leadership skills to give guidance, advise on best practices and support our business and technology groups. By taking the lead on incident response, risk reviews, vulnerability assessment,s and identifying threats, you’ll help us deliver cost-effective solutions that put our clients first. You’ll deploy best practices, new policies and emerging trends to strengthen our strategic roadmap. By presenting your findings to senior leaders, you’ll sharpen your communication and presentation skills. As part of our global team of technologists and innovators, your work will have a critical impact on our company, as well as our clients and our business partners around the world.
Cybersecurity Intelligence Group (CIG) holds the global mandate for JPMorgan Chase's (JPMC) cyber intelligence collection, analysis, and dissemination of finished products to JPMC's population of security operations teams, information technology teams, lines of business and overall executive decision makers. CIG plays an integral role in the intelligence driven defense of JPMC. This team is responsible for external engagement with peer groups and information security circles regarding cyber threats, to address events such as intrusions, malware, DDoS, unauthorized access, insider attacks and loss of proprietary information. This includes developing a deep understanding of global threat actors.
As a CIG analyst on the team, you will provide intelligence support to Cybersecurity Operations investigations and should possess qualities such as a sharp intellect, an eye for detail, a high analytical capability and a good technical/cyber underpinning. You are expected to be able to articulate clearly and effectively complex Cybersecurity issues to stakeholders in JPMC’s various Lines of Businesses. An interest in cyber, current affairs and technology is essential and prior experience in investment banking, asset management, consumer and/or commercial banking, will put you at a distinct advantage.
The responsibilities for this position include, but are not limited to, the following:
- Contribute to CIG Reports, providing detailed analysis on cyber events, including relevant political, economic and geopolitical variables. Provide a forward-looking view of the threat, predicting shifts in adversarial intent, goals and strategic objectives
- Collaborate with peer cyber operations teams to understand events and support analysis of malicious cybersecurity incidents
- Track potential threats associated with attempted intrusions, network & host-based attacks, and coordinate incident response efforts with cybersecurity teams
- Maintain detailed threat actor profiles on adversaries of interest/relevance to the firm, covering tactics, techniques and procedures, intent, goals and strategic objectives
- Maintain knowledge of the threat landscape by monitoring open and closed intelligence sources and contribute to quarterly threat landscape briefings
- Contribute to regular written and verbal briefings and presentations for Global CTC partners and Lines of Businesses
- Contribute from the cybersecurity perspective to discussions and decisions regarding JPMC global technology infrastructure and technology deployments
The candidate will also need to learn to use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening, which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment.
This role requires a wide variety of strengths and capabilities, including:
- Bachelor's Degree in Computer Science or related field, or equivalent experience
- Demonstrated knowledge of prominent cyber threat actor groups, campaigns and TTPs
- Excellent written and verbal communication skills; ability to break down complex problems and articulate them clearly to a non-technical audience
- Experience in performing threat hunting using both open source and vendor tools
- Able to perform malware analysis including static and dynamic analysis
- Knowledge of Cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies
- Good understanding of networking concepts including OSI model, TCP/IP
- Knowledgeable in latest technologies including Cloud, Containers, Mobile applications
- Team player, independent and possesses a positive disposition
- Intelligence community experience and/or experience at an international institution conducting cyber or security/intelligence related work
- Proficiency in another language besides English
- Financial sector experience