Acquisition Security Operations Center Analyst

The Acquisition Cybersecurity Team (ACT) detects, analyzes, and responds to potential and actual cyber threats to JPMorgan Chase’s acquisitions. The team also conducts vulnerability management and incident response-related activities and creates and disseminates intelligence. As a member of ACT, you will have access to industry-leading cybersecurity products, and each acquisition’s unique environment will challenge you in new and interesting ways. A strong technical foundation and investigative mindset are essential and the ability to think outside of the box is strongly encouraged.

 

As an Acquisition Security Operations Center Analyst, you will be part of a global team that monitors and acts as the first line of defense against cyber threats to the firm’s acquisitions. You will monitor alerts, investigate incidents, hunt for threats, analyze files, investigate and remediate knowledge gaps, and help the team grow. Finally, as part of our efforts to ensure that security measures across acquisitions are consistent with JPMorgan Chase’s standards, you will have the opportunity to present risks posed by gaps in security measures to senior leaders and other stakeholders.

 

Required qualifications include

• At least three years of relevant cybersecurity operations, security system operations management, or related experience.
• Strong logical and analytical thinking skills.
• The ability to navigate unfamiliar environments to derive answers.
• Knowledge of network fundamentals.
• Knowledge of Windows and/or Linux operating systems (OS) and the ability to detect signs of compromise in these systems.
• Understanding how adversaries compromise networks including phishing, port-scanning, web application, distributed denial-of-service (DDoS) attacks, and lateral movement.
• Demonstrated knowledge of log, PCAP, and file analysis methods.
• Ability to extract indicators of compromise (IOCs), report findings, and implement mitigatory measures.
• A structured, analytical approach to investigating alerts and IOCs.
• Good communication skills
• The ability to present potential risks and actual findings to a wide audience.
• The ability to collaborate with other cybersecurity teams including Digital Forensics, Threat Intelligence, Penetration Testing, Vulnerability Management, and Purple Teaming.
• Willing to work a shift pattern

 

Preferred qualifications include

• Knowledge of a range of cybersecurity tools.
• Experience with Extended Detection & Response (XDR) tools.
• Experience with crafting regular expressions (regex).
• Experience reviewing vulnerabilities and the effectiveness of the mitigatory measures.
• A basic understanding of cloud architecture and an understanding of how attackers leverage these platforms.
• Knowledge of scripting languages like Python, PowerShell, and JavaScript and understanding how scripting languages are used in a cybersecurity context.
• The ability to manage fluctuating workloads and conflicting priorities.

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
   We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.