Are you passionate about addressing complex cyber issues and driving innovative solutions? Do you excel in both technical and non-technical analysis, root cause evaluation, and identifying novel approaches to problem-solving? If this sounds like you, apply to join the Findings Analysis and Solutions Team (FAST) within JPMC’s Cybersecurity & Technology Controls (CTC) organization to tackle these challenges on a massive scale. In this role, you will investigate security issues uncovered by our Red Team and other Assessments and Operations teams to understand the core problems and help solve them at both a tactical and strategic level. The ideal candidate will be self-motivated, possess extensive technical curiosity, have a drive to understand complex cybersecurity issues, and be able to collaborate with both technical and non-technical peers.

 

Job responsibilities

Assess the potential impact of vulnerabilities on business and technology operations using data-driven risk prioritization.Utilize advanced data analytics to conduct comprehensive root cause analysis (RCA) of security issues identified during assessments across various technologies. Transform findings into actionable insights.Collaborate with stakeholders throughout the firm to understand, address findings, and achieve the common goal of improving the security posture of the firm.Identify, design, and implement technical, procedural, educational, or other solutions to effectively mitigate security issues.Propose and drive novel, data-centric approaches to detect, mitigate and prevent the identified issues, leveraging the latest technologies and methodologies.Present data analysis, insights, and conclusions to both technical and non-technical audiences, including senior leaders, ensuring clarity and understanding.Prioritize remediation efforts using multiple criteria to ensure the most worthwhile issues are addressed first.

Required qualifications, capabilities, and skills

Formal training or certification on software engineering concepts and 5+ years applied experience.An insatiable technical curiosity about all things Cyber and a desire to expand your skillset.A strong commitment to ethical practices and doing what is right.Proven experience in either offensive or defensive technical Cybersecurity roles, with a focus on solutioning to reduce Cybersecurity risks.Demonstrated proficiency in coding (scripting) experience (e.g., Python, C, JavaScript, VBScript).Demonstrated ability to be proactive and resourceful, identifying and analyzing appropriate data sources for data-driven investigations.Experience in cybersecurity roles and processes such as Incident Response, Threat Intelligence, Penetration Testing, Red Teaming, Risk Management, Cyber Engineering, Cyber Architecture, and Data Privacy.Strong written and verbal communication skills; ability to understand complex problems and present them simply.Ability to collaborate with high-performing teams, senior leaders, business stakeholders, third-party vendors, and technical individuals throughout the firm to effectively articulate risk and drive change.

Preferred qualifications, capabilities, and skills

Familiarity with network architecture concepts, including cloud architectures, and deploying large-scale applications in an enterprise environment.Experience with enterprise level security technologies like firewalls, IDS/IPS, web proxies, DLP, SIEM, SOAR, and others.Experience in developing both tactical and strategic tools and capabilities.Experience in building analytical processes, templates, and documentation.