Cybersecurity Attack Analyst Technical Lead
With JPMorgan Chase & Co. in London - GBMore jobs from JPMorgan Chase & Co.
Posted on September 11, 2020
About this job
Job type: Full-time
Role: Data Scientist, System Administrator
Industry: Financial Services
Company size: 10k+ people
Company type: Public
r, sysadmin, security
Working in cybersecurity takes passion for technology, speed, a desire to learn, and vigilance in order to keep every asset safe. You'll be on the front lines of innovation, working with a highly motivated team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. Your research and work will ensure stability, capacity and resiliency of our products. Working with your internal team, as well as technologists and innovators across our global network, your ability to identify threats, provide intelligent analysis and positive actions will stop crimes and strengthen our data.
As a member of the Attack Analysis team, you will fit into a Global team providing 24/7 monitoring and Incident Response, acting as the frontline for attacks against the firms' infrastructure. As a technical lead, your role will include advanced analysis, threat hunting, evaluation of new security technology as well as ensuring larger technology projects at the company are ready to be integrated into the Attack Analysis team and monitoring function. There is also an emphasis on coaching and mentoring in this role; you'll work to bring up the technical expertise of the entire team around you. This could include running training sessions for the team in range or virtual environments, leading hunting exercises, serving as a technical escalation point and coaching the team through adopting monitoring responsibility. You won't be directly managing a team, but will be seen as a leader.
This role requires a wide variety of strengths and capabilities, including:
* Significant experience in Security Operations, Cybersecurity Consulting, Incident Response, Computer Network Operations (CNO), Computer Network Defense (CND) or equivalent roles in a large, mission-critical environment.
* Excellent written and verbal communication skills to describe security event details and technical analysis with audiences within the cybersecurity organization and other technology groups.
* Experience with threat hunting on a large, enterprise network both as an individual and leading hunting exercises with other team members.
* Experience with log analysis from multiple sources (e.g. firewall, IDS, endpoints) to identify and investigate security events and anomalies.
* Experience with malware analysis (both static and dynamic), binary triage, and file format analysis
* Experience with packet-level analysis (e.g., Wireshark, tcpdump, tshark) and knowledge of TCP/IP protocols (OSI layers 3-7) for investigating network traffic.
* Experience with the creation and tuning of alerting rules from a SIEM and other devices in response to changing threats.
* Experience using scripting languages (Python, Powershell, Bash, etc.) to parse machine-generated data, interact with REST APIs and automate repetitive tasks.
Additional Technical Qualifications:
* Experience with regular expressions and their applications.
* Experience with host forensics including memory forensics, file system analysis and building host-level timelines.
* Knowledge of operating system internals (Windows, UNIX)
* Knowledge with command line tools across Windows and UNIX.
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.