As a member of theCybersecurity & Technology ControlsIncident Management & Response (IMR)within the JPMorgan Chase & Co. Global Incident Command Center (GICC) and Security Operation Center (SOC), you will fit into a Global team providing 24/7 Incident Management and Response support, acting as the frontline defense for attacks against the firms’ infrastructure. You will be responsible for the execution of the Firm-wide Cybersecurity Incident Management Playbook designed to provide a set of steps to orchestrate a framework of actions to be considered during the lifecycle of a Cybersecurity event, in effort to prevent impact, or during an impacting Cybersecurity incident.
Job Responsibilities
- Serve as a key member of the Cybersecurity & Technology Controls (CTC) Incident Management & Response (IMR) team within the Global Incident Command Center (GICC), providing 24/7 support for incident management and response.
- Execute the Firm-wide Cybersecurity Incident Management Playbook to orchestrate actions during the lifecycle of cybersecurity events, aiming to prevent or mitigate impacts.
- Act as the frontline defense for cybersecurity incidents, ensuring effective and timely resolution of security issues against the firm's infrastructure.
- Collaborate with internal and external partners, including regulatory, compliance, privacy, and media communications teams, to manage incidents.
- Utilize command and control, communication, and documentation skills to ensure the stability, capacity, and resiliency of products.
- Work closely with Cybersecurity Operations Incident Response teams and Enterprise Technology Product and Engineering teams to mitigate and remediate events and incidents.
- Analyze operational metrics to identify process improvements and deliver constructive feedback to the team.
- Engage in continuous improvement of practices and processes, and participate in research, internal procedure uplift, and internal tools development.
Required Qualifications, Capabilities, and Skills
- Minimum of five years of experience in an Incident Management or Incident Response function in an enterprise environment.
- Demonstrated command and control, documentation, and communication skills in previous roles.
- Experience communicating technical topics both in writing and verbally to senior management from technical and non-technical backgrounds.
- Ability to work closely with business, technology, and project management partners to execute projects and improvements for the CTC IMR team.
- Strong understanding of the ITIL framework and experience with incident management tools.
- Basic understanding of various operating systems, network fundamentals, cyber tools, and cloud architecture.
- High-level understanding of cybersecurity attack frameworks, such as MITRE ATT&CK and Cyber Kill Chain.
- Ability to exercise excellent judgment and decision-making skills under pressure and know when to escalate issues.
- Ability to influence senior technology managers across organizational boundaries through formal and informal channels.
- Proactive with a strong bias for action, naturally inquisitive, and committed to continuous improvement.
- Experience with delivering constructive feedback to a team on a continuous basis.
Preferred Qualifications, Capabilities, and Skills
- ITIL Certification.
- Baseline cybersecurity certifications, such as Security+ or Google Cybersecurity Certificate.
- Appreciation of the wider roles of interconnecting cybersecurity teams and collaboration with teams like Forensics, Threat Intelligence, Penetration Testing, and Vulnerability Management.
- Demonstrated ability to multitask and prioritize in a stressful environment; results-oriented.