Working in cybersecurity takes passion for technology, speed, a desire to learn, and vigilance in order to keep every asset safe. You'll be on the front lines of innovation, working with a highly motivated team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations.
Your research and work will ensure stability, capacity and resiliency of our products. Working with your internal team, as well as technologists and innovators across our global network, your ability to identify threats, provide intelligent analysis and positive actions will stop crimes and strengthen our data. As a member of the Attack Analysis team, you will fit into a Global team providing 24/7 monitoring and Incident Response, acting as the frontline for attacks against the firms' infrastructure.
As a technical lead, your role will include advanced analysis, threat hunting, evaluation of new security technology as well as ensuring larger technology projects at the company are ready to be integrated into the Attack Analysis team and monitoring function. There is also an emphasis on coaching and mentoring in this role; you'll work to bring up the technical expertise of the entire team around you. This could include running training sessions for the team in range or virtual environments, leading hunting exercises, serving as a technical escalation point and coaching the team through adopting monitoring responsibility.
As a SIEM Application Developer you will focus on building net-new capabilities in Splunk and Phantom via custom applications and SOAR playbooks to augment analyst capabilities. Primary Qualifications: 5+ years of experience working in a Cyber or Information Security Operations functioning in a Security Analysis, Incident Response, Attack Analysis, or Computer Network Defense (CND) capacity in a in a large, mission-critical environment This role requires experience effectively communicating event details and technical analysis, technical audiences within the global cyber organization and other technology groups Significant experience in Security Operations, Cybersecurity Consulting, Incident Response, Computer Network Operations (CNO), Computer Network Defense (CND) or equivalent roles in a large, mission-critical environment. Experience with a major SIEM (Splunk, ArcSight, QRadar) Experience with a security automation and orchestration platforms (Phantom, Demisto) Experience with the automation of repetitive tasks for a larger group of SOC analysts.
Experience with the creation and tuning of alerting rules from a SIEM and other devices in response to changing threats. JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law.
In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.Equal Opportunity Employer/Disability/Veterans.