As a Security Operations Associate in Cyber and Tech Controls line of business, you will contribute to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. Leveraging your in-depth understanding of security principles and practices, you will exercise initiative and judgment to resolve cybersecurity-related problems and contribute to the improvement of current working methods. Collaborating with cross-functional teams, you will develop a coordinated approach to cybersecurity and educate employees on best practices, policies, and procedures. Your work will have a direct impact on the integrity, confidentiality, and availability of sensitive data and systems within the department, ensuring a secure digital environment for JPMorgan Chase.
Job Responsibilities
- Conduct security investigations, log analysis, threat hunting, and vulnerability impact assessment to proactively identify and mitigate potential risks, vulnerabilities, and security breaches
- Utilize security tools and technologies, such as Security Information and Event Management (SIEM), intrusion detection systems, endpoint detection, and malware analysis, to enhance threat detection and response capabilities
- Collaborate with cross-functional teams to implement coordinated security strategies, policies, and procedures
- Contribute to continuous improvement of security operations processes and methodologies, proposing enhancements to threat detection and response playbooks and contributing to the overall security posture of the organization
- Liaise regularly with JPMorgan Chase subsidiaries to understand and document their cybersecurity posture and unique challenges, and to identify opportunities for improvement
- Triage and remediation of security alerts, along with end-to-end ownership of an investigation and active participation in incident response
Required qualifications, capabilities, and skills
- Bachelor's degree in Computer Science or equivalent
- Formal training or certification on software engineering concepts and 2+ years applied experience in cybersecurity operations, network security, or a related field
- Demonstrated proficiency in scripting languages for automating security tasks and processes
- Strong understanding of security protocols, cryptography, authentication, authorization, and network security concepts
- Experience with security tools and technologies, including SIEM, intrusion detection systems, log analysis, and malware analysis
- Understanding how adversaries compromise networks, the different stages of an attack and how they can be detected
- Knowledge of typical enterprise security technologies, Windows and Linux operating systems (OS) and the ability to detect signs of compromise in these systems
- Good communication skills, including the ability to present potential risks and actual findings to a wide audience
- Strong logical and analytical thinking skills to navigate diverse technology environments
- Willing to work a scheduled shift pattern that includes one day of the weekend every two weeks or as required. The shift pattern will also require analysts to work up to ten hours a day for four days a week or eight hours a day for five days a week
Preferred qualifications, capabilities, and skills
- Experience with crafting regular expressions (regex)
- Experience reviewing vulnerabilities and the effectiveness of the mitigatory measures
- Possess a basic understanding of cloud architecture and an understanding of how attackers leverage these platforms
- Knowledge of scripting languages like Python, PowerShell, and JavaScript and understanding how scripting languages are used in a cybersecurity context
- Possess the ability to manage fluctuating workloads and conflicting priorities