Cyber Security Incident Response Management Lead - Digital
Graduate job New York (New York County) Infra / Networks / Telecom
Job description
JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world"s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/ . The online and mobile channels for Chase currently support more than 32 million active customers; 9 million customers interact with us daily, making Chase the most visited banking portal in the US. Within Consumer and Community Banking , the Digital IT team is responsible for setting and executing strategies that align with business objectives and drive innovation across Chase Online and Mobile, helping to establish the best Digital banking customer experience in the industry. As a Cyber Security Incident Response Lead , you will provide operational support for J.P. Morgan Chase"s Digital applications (including Chase Online). This position requires a high level of technology expertise with Internet based programming architectures, incident response management, and security domain knowledge. The abilities to problem solve, make good risk based decisions with limited information, function calmly under pressure and communicate effectively are also required. Responsibilities include: ·Cyber Response planning and Cyber Incident management ·Liaise with the Firm's SOC to respond to emerging incidents in a timely manner; triage details and provide support to both the SOC and Business Managers ·Analyze alerts from various sources within the enterprise and determine possible causes of such alerts ·Provide timely detection, identification, and alerts of possible anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities ·Identifies false-positives and false-negatives from alerting ·Quantify exposure/severity of vulnerabilities/threats and potential business impacts ·Track and communicate response status to multiple levels of the organization
Desired profile
·Minimum five years of Cyber Security Incident Response handling and event management with experience assisting the resolution of customer escalations, incident handling, and response ·3 years of experience in Application Security specifically around Web, Mobile and Digital Security. ·Solid and demonstrable comprehension of Information Security including vulnerability & compliance management, Data Loss Protection [DLP], emerging threats and attacks ·Strong understanding of perimeter and core infrastructure security, including an excellent understanding of web, server, messaging and database platforms ·Understanding of OWASP security concepts and common application security risks, such as XSS, XSRF, SQL Injection, Cookie Manipulation, etc. ·Experience with reviewing raw log files, data correlation, and analysis (i.e. user/system access, application, firewall, network flow, IDS, system/database logs) ·Able to articulate and visually present complex forensic investigation and analysis results ·Able to work under pressure in time critical situations ·Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work ·Strong business sense and experience in the financial services or technology industry ·Ability to think strategically, work with a sense of urgency and pay attention to detail ·Strong deductive reasoning, critical thinking, problem solving, and prioritization skills ·Experience in making good decisions with limited information ·Outstanding work ethic, reliable and adaptable ·Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources ·Experience with working on global teams across time zones, cultures and languages ·Ability to present complex solutions and methods to a general community ·Excellent written and verbal communication and organizational skills ·Bachelor"s Degree in Engineering, Business Management, or Technology related fields a major plus Preferred Qualifications: ·Information security certifications (such as CISSP, SANS, CEH or related certifications) ·Knowledge of networking fundamentals (all OSI layers), protocols and packet analysis ·Knowledge of Bluecoat, Siteminder, Guardium, Vormetric, and related encryption and tokenization technologies ·Experience writing PL/SQL or SQL scripts. Ability to write stored procedures, triggers, functions, and tables. ·Understanding of database structure and queries ·Demonstrated understanding of financial sector, or other large organization, security and IT infrastructures ·Data Analysis – understand, interpret, validate, manipulate data using excel and other tools, and present conclusions and recommendations