Shape the future of cybersecurity through advanced digital forensics, contributing to firm-wide innovation and security.
As a Digital Forensics Vice President in the Cyber and Tech Controls line of business, you will enhance the firm's cybersecurity posture through the collection, preservation, and examination of digital evidence. Your expertise in digital forensics principles and practices supports incident response efforts, litigation, and regulatory proceedings. Your expertise will enable you to make strategic decisions to reduce firm-wide risks. Fostering collaboration and leveraging advanced technical knowledge, you contribute to innovative solutions and continuous improvement in the digital landscape.
Job responsibilities:
- Use digital forensic tools and techniques to support internal fraud and employee investigations and use host-based and network forensic capabilities to develop information regarding IOCs and TTPs for threat actors and malware, which can be shared amongst other internal teams
- Leverage practical experience to develop methodologies for proactive hunting of threat actors in the absence of alerting or rules-based appliances
- Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents
- Prepare in-depth investigation reports into forensic investigations, breach reports, privacy incidents and data exposure type cases
- Assist with the development of in-house training programs to ensure world class high-tech investigation standards
- Demonstrate strong written and verbal communication skills necessary to effectively interpret investigative requirements, provide technical guidance, and provide detailed documentation of analysis finding
- Develop and implement innovative forensic research and development projects to stay ahead of emerging technologies and enhance cybersecurity posture
- Define and execute procedures for identifying, managing, collecting, preserving, analyzing, and documenting findings
- Develop and implement digital-forensics and data-protection security solutions and standards, adhering to industry best practices
- Design and customize audit procedures for JPMorgan Chase’s digital forensics environment, evaluate incident response and evidence handling procedures, and provide improvement recommendations
- Collaborate with Legal, Technology, and HR to support incident response, litigation, and regulatory proceedings
Required qualifications, capabilities, and skills:
- 5+ years of experience in digital forensics, incident response, e-discovery, and malware analysis
- Expert knowledge of computer forensic best practices and industry standard methodologies for investigating host-based and network analysis.
- A proven track record in live digital forensics, log-file analysis and network forensics.
- Experience with investigating data compromise events, networking protocols and packet analysis, and working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT, Cellebrite, etc.)
- Able to work independently and/or with a team to conduct forensic examinations
- Able to articulate and visually present complex forensic investigation and analysis results
- The ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective
- Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation
- Expertise in multiple scripting languages (e.g., Python, Bash, JavaScript, PowerShell, etc.) and ability to create, debug, and modify scripts to automate tasks and manipulate data
- Advanced knowledge of digital forensics tools and techniques, including memory forensics, network traffic analysis, and reverse engineering of malware
- Proven ability to develop digital forensics solutions and standards
Preferred qualifications, capabilities, and skills:
- Experience with malware reverse engineering
- Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc.)
- Industry standard information security technology certifications (GCIH, GREM, etc.)
- Ability to automate tasks using a scripting language (Python, Perl, Ruby, Bash, etc.)