Insider Risk Associate
Jersey City, NJ, United States
JPMorgan Chase & Co.
Within Global Security, the Insider Risk team is responsible for identifying potential threats against the firm and its workforce from internal actors and developing strategies to mitigate those threats to protect the firm’s reputation, workforce, clients, and assets. The Insider Risk program is one of the enterprise-wide initiatives of strategic importance to GS and JPMC senior leadership. Its mission is to support firm-wide efforts through data-driven identification, analysis, research, and mitigation of insider risks.
As an Insider Risk Associate, you will be responsible for defining, detecting and analyzing behavioral and technical indicators to assess risks and potential threats to the firm. You will be leading the triage of insider incidents, producing insider context analyses and risk assessments, as well as developing and delivering cutting-edge enterprise-wide solutions for the detection and mitigation of insider threats. You must be a highly motivated individual with strong interpersonal and technical skills, be able to work effectively amidst ambiguity and adjust workload to meet evolving priorities, be comfortable operating in a fast-paced environment while working collaboratively with a diverse set of stakeholders and decision makers.
Job responsibilities
- Responsible for the execution of day-to-day operations and critical strategic deliverables in accordance with legal and privacy requirements and expectations.
- Work as part of the team of analysts conducting triage of events generated by monitoring use cases, producing contextual data-driven analyses of insider incidents, risk analyses, and threat assessments.
- Facilitate the referral of anomalous and suspicious activity for investigation, escalation of critical information to Subject Matter Experts (SMEs), and cross-functional coordination of mitigation strategies.
- Monitor internal and external intelligence sources for notable insider events and contribute to topological analyses of insider incidents as an assessment of risk and response actions,
- Provide SME-level support on insider risk matters leveraging knowledge of insider risk, cyber security, and counterintelligence.
- Communicate complex problem sets in succinct and clear manner that is understandable to a variety of stakeholders audience.
- Support compliance in strengthening the firm-wide control environment.
Required qualifications, capabilities and skills
- 5+ years of work experience supporting an insider risk/threat program
- Direct experience performing analytical and/or investigative work as an analyst/senior analyst in industry or government.
- Experience in assessing complex threats, scoping and developing mitigation strategies in coordination with cross-disciplinary global teams.
- Undergraduate degree related to Intelligence Studies, Forensic Science, Security Studies, Computer Science, Cybersecurity, Data Analysis, or a related field.
- Experience conducting risk assessments and in-depth multi-source research on threat actors, tactics, techniques, and emerging trends to inform risk scenarios.
- Experience evaluating control environments and developing mitigation strategies as a solution to control gaps.
- Strong interpersonal skills, written and verbal communication, and experience with executive level briefing.
- Ability to think independently, creative problem-solving abilities and a passion for experimenting and developing new innovative solutions to complex problems..
- Experience implementing and managing workstreams, facilitating stakeholder engagement, issue management, and managing timely on-budget delivery of executables.
- Proficiency with MS Office suite.
Preferred qualifications, capabilities and skills
- Experience in or knowledge of the private sector including but not limited to the financial industry
- Insider Threat (e.g. CERT courses, CCITP, GCITP, FIAT, etc.), Counterintelligence, analytical and/or security tradecraft training and certifications
- Behavioral Science/ Behavioral Analysis/Behavioral Threat Assessment experience or training
- Experience with insider threat technical solutions and data analytics platforms including but not limited to User Activity Monitoring (UAM) and User Behavior Analytics (UBA) principles and tools, rules and policy engines
- Experience with SQL, data query, analytical tools and visualizations
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Banking CERT Compliance Computer Science Data Analytics Monitoring Privacy Risk assessment SQL
Perks/benefits: Career development Competitive pay Health care Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Product Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open Threat intelligence-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs