Security Engineer , Cybersecurity & Technology Controls
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient. Summary:
As an experienced professional in our cybersecurity organization, you won't just be watching over our data - you'll be finding innovative new ways to protect it in the future. To do that, you'll help lead a highly motivated team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. You'll use your leadership skills to give guidance, advise on best practices and support our business and technology groups. By taking the lead on incident response, risk reviews, vulnerability assessments and identifying threats, you'll help us deliver cost-effective solutions that put our clients first. You'll deploy best practices, new policies and emerging trends to strengthen our strategic roadmap. By presenting your findings to senior leaders, you'll sharpen your communication and presentation skills. As part of our global team of technologists and innovators, your work will have a critical impact on our company, as well as our clients and our business partners around the world. Joining the Cyber Defense and Fraud Engineering team your key responsibilities will be to:
- Engage and improve the whole lifecycle of CD&F services - from inception and design, through deployment, operation and refinement.
- Partner with teams internal and external to CD&F in managing tools that include but not limited to whitelisting technologies, data loss prevention, malware prevention and real time metrics reporting.
- Work with vendors on providing product updates, bug fixes and managing relations.
- Create clear and concise documentation to formalize work stream processes
- Administrate and Implement policies/rules on endpoint sensors as well as refine security standards.
- Research, design and apply advanced security techniques.
- Manage individual project priorities, deadlines and deliverables.
This role requires a wide variety of strengthsand capabilities, including:
· Experienceconfiguring and reviewing security applications such as Security Informationand Event (SIEM)/ Log Management systems, IDS/IPS, Anti-Virus, and otherendpoint threat detection technology.
· Astrong understanding of the current threat landscape including the latesttactics, tools, and procedures, common malware variants, and effectivetechniques for detecting this malicious activity.
· Outstandingverbal and written communication skills.
· Experiencewith network analysis, endpoint analysis, malware analysis, and incidentresponse.
· Experienceworking in a 24/7 SOC environment.
· Excellentanalytical and communication (verbal and written) skills.
· Scripting/programmingexperience is desired.
· Preferredto have certification such as EC Council's CEH, ISC2 SSCP, Offensive-SecurityOSCP