• Monitor and analyze security infrastructure, contributing to detection and response to threats, vulnerabilities, and incidents to ensure the integrity, confidentiality, and availability of sensitive data and systems
• Conduct in-depth security investigations, analyzing logs, network traffic, and other data sources to identify root causes, assess impact, and gather evidence for response and mitigation actions
• Develop and maintain threat detection and response playbooks, incorporating industry best practices, regulatory requirements, and lessons learned from previous incidents
• Collaborate with cross-functional teams to develop and implement coordinated security strategies, policies, and procedures, while educating employees on best practices
• Provide intelligence services to JPMorgan Chase's acquisitions, including drafting and disseminating vulnerability and intelligence reports.
• Liaise with JPMorgan Chase acquisitions regularly to maintain lines of communication, understand and document their cybersecurity posture and unique challenges, identifying uplift opportunities when possible.
• Triage and remediation of security alerts, along with end-to-end ownership of an investigation and active participation in incident response
• Working a shift schedule and complying to firmwide in office attendance policies
• Take active ownership of issues affecting acquisitions and drive any identified uplifts to completion.
• Act as a point of escalation for analysts on the team

Required qualifications, capabilities, and skills

• 3+ years of experience in cybersecurity operations, including threat detection, incident response, and vulnerability management
• Demonstrated experience in network traffic analysis, log analysis, vulnerability analysis, exploitation, and security investigation techniques to identify and respond to security incidents
• Proficiency in scripting to automate tasks, implement controls, and manipulate data
• Advanced knowledge of security protocols, cryptography, authentication, authorization, and security architecture design principles
• Experience with security tools and technologies, including SIEM, intrusion detection systems, log analysis, and malware analysis
• Understanding how adversaries compromise networks, the different stages of an attack and how they can be detected
• Knowledge of typical enterprise security technologies, Windows and Linux operating systems (OS) and the ability to detect signs of compromise in these systems
• Good communication skills, including the ability to present potential risks and actual findings to a wide audience. Ability to communicate complex problems to a non-technical audience
• Strong logical and analytical thinking skills
• Experience with incident response
• Experience creating and maintaining process documentation.

Preferred qualifications, capabilities, and skills

• Knowledge of a range of cybersecurity tools
• Experience with Extended Detection & Response (XDR) tools
• Experience reviewing vulnerabilities and the effectiveness of the mitigatory measures
• A basic understanding of cloud architecture and an understanding of how attackers leverage these platforms
• The ability to manage fluctuating workloads and conflicting priorities
• Project management experience, driving projects and issues to completion while documenting progress.

NA