JPMorgan Security Operations Vice President - DLP Content 

United States, Ohio 

87447176

Job Responsibilities

• Lead crafting and implementing Data Protection and DLP strategies using Microsoft Information Protection (Microsoft Purview DLP), Azure Security, Security Center and Compliance Center, Broadcom (Symantec) DLP, and Palo Alto DLP, both on-premises and in the cloud, leveraging CASB and Cloud Proxy at the enterprise level.
• Utilize your expertise in Python, PowerShell, and JavaScript to automate processes and integrate DLP solutions with SIEM, CASB, and UEBA tools through API knowledge.
• Offer technical leadership to manage and optimize Microsoft M365 Security Solutions – Purview using Security Center and Compliance Center, Palo Alto DLP, CASB, Cloud Proxy solutions, and Broadcom (Symantec) DLP, while providing insightful reports to senior management.
• Spearhead incident response, conduct risk assessments, and identify emerging threats, driving the creation of new data identifiers and governance policies to ensure compliance and data integrity.
• Communicate effectively with senior leaders and stakeholders, presenting insights and solutions for existing and emerging threats in data loss prevention and internal threat management.
• Partner with stakeholders to offer guidance on best practices, define data management needs, and establish strategic controls and procedures that deliver cost-effective solutions prioritizing our clients.
• Support talent development by mentoring junior team members, identifying growth opportunities, and fostering a culture of continuous learning and retention

Required qualifications, capabilities and skills

• Bring at least 7 years of experience in cybersecurity operations or SOC, including 2 years in a technical lead role with strong project management capabilities
• Experience in developing and implementing DLP or Insider Threat programs using tools such as Microsoft Purview/M365 DLP, Palo Alto DLP, CASB, Symantec DLP, CrowdStrike, Island Browser, and Splunk or other SIEM tools.
• Demonstrates success in managing and configuring DLP and EDR solutions in large-scale enterprise settings, with proficiency in Information Protection/Sensitivity Labels, Data Loss Prevention, Secure Browsers, and Insider Risk/Threat Management.
• Utilizes Comprehensive knowledge of cybersecurity practices, Data Loss Prevention, security incident triage, Insider Threat, and operations risk management, along with expertise in architectural requirements, engineering threats, vulnerabilities, and incident response.
• Posses strong scripting with PowerShell, Python, and JavaScript, with a solid understanding of regular expressions and APIs.
• Brings strong analytical and problem-solving abilities, adept at translating complex technical concepts into actionable solutions aligned with risk assessment and risk appetite.

'Preferred qualifications, capabilities and skills

• Minimum 7 years of experience in cybersecurity operations or SOC
• Possess two or more of the following certifications - Microsoft Certified: Information Protection and Compliance Administrator Associate, Microsoft Certified: Security, Compliance and Identity Fundamentals, , Palo Alto Networks Certified Network Security Administrator, Prisma Cloud Data Security, Azure Security Engineer, CISSP, Broadcom Certified DLP Administrator, Splunk Certified Power User
• Experience with Agile methodology and the ability to work with at least one of the common frameworks with knowledge of tools like Confluence, JIRA and ServiceNow.
• Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation based on in-depth risk assessment.
• Good understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity and foundational knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing.