JPMorgan Cyber Intelligence Vice President 

United States, District of Columbia, Washington 

176547272

The Cybersecurity Intelligence Group (CIG) holds the global mandate for JPMC’s cyber intelligence collection, analysis, and dissemination of finished products to the firm’s Cybersecurity & Technology Controls teams, lines of business, and overall executive decision makers. This team is responsible for tracking threats and incidents targeting the firm and also involving the firm’s third party suppliers, subsidiaries, and key clients to address events such as intrusions, malware, DDoS, unauthorized access, insider attacks, and loss of proprietary information. This includes developing a deep understanding of global threat actors and their tactics, techniques, and procedures employed during cyberattacks. The work is varied, so the requirements of the role are multifaceted. Experience in cybersecurity, security controls, Internet technology, networking, and current affairs is a prerequisite, as is the ability to articulate complex information with clarity and brevity.

Prospective applicants should be able to demonstrate a deep understanding of issues pertaining to cybersecurity and their intersection with geopolitical affairs, as well as the intelligence process and analysis. Being self-motivated and able to articulate complex information with clarity and brevity is a must. A demonstrated history of leading others through influence or creating specific analytic tools or techniques with impact across a large mission space would put you at a distinct advantage.

Job responsibilities

Being able to articulate a forward-looking view of the cyber threat landscape as it relates to JPMC and the wider financial sector, predicting shifts in adversarial intent, goals, and strategic objectives.

• Hunting and tracking organized groups of threat actors using open and closed source tools
• Creating detailed threat actor profiles on adversaries of interest/relevance to the firm, covering tactics, techniques and procedures, intent, goals and strategic objectives
• Clearly and accurately conveying analytic findings through finished reports, executive communications, and verbal briefings to an array of customers.
• Providing detailed analysis of cyber events and their relevance to JPMC or the wider financial sector.
• Collaborating with and at times leading teams across cybersecurity operations to augment investigations into complex cybersecurity events and ensure the firm institutes the proper controls to defend against today’s most pressing threats.

This role requires the following essential qualifications and capabilities:

• Bachelor's Degree in Computer Science, Cybersecurity, or similar work experience in a related field.
• Excellent communication skills, with the ability to articulate complex threat information to technical and non-technical audiences, both verbally and in writing
• Demonstrated understanding of the vulnerability landscape and how it impacts the overall cyber threat landscape
• An understanding in current affairs and international relations, evidenced by an understanding of geopolitical dynamics as they relate to state-sponsored intelligence operations.
• An understanding of the intelligence cycle, analysis methodologies, and processes.
• An understanding of computer networking concepts, the OSI model and underlying network protocols (e.g., TCP/IP), network traffic analysis, packet and protocol analysis (packet capture and netflow analytics).
• An understanding of the MITRE ATT&CK Framework, stages of an attack and sub-techniques. Primarily sub-techniques associated with initial access, network communications, or deployment of malware.
  • Experience with threat intelligence techniques and processes in an enterprise level organization
  • General knowledge of global cyber threats, threat actors and the tactics, techniques, and procedures used by cyber adversaries
• Working knowledge of basic programming languages or database management systems, examples being:
  • Python Scripting
  • RESTful API use
  • Publish Subscribe model messaging
  • JSON (use and manipulation)
  • HTML/CSS
  • Javascript
  • ElasticSearch

Highly Desirable:

• Intelligence community experience, or comparable private sector experience.
• Financial sector experience.
• Industry certifications related to Cyber Threat Intelligence, Pen Testing, Forensics, Networking or Securi