1. Home
  2. Global Head of Cyber Attack Analysis - Cyber Security Operations
Expires soon
J.P. Morgan

Global Head of Cyber Attack Analysis - Cyber Security Operations

  • New York, United States
  • Infra / Networks / Telecom
Apply Now

Job description

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/ .

Summary:

Reporting to the Global Head of Cybersecurity Operations, the Global Head of Attack Analysis will lead the team providing proactive 24 x 7 monitoring of the JPMC information environment to detect, analyze, track, and mitigate external threats. You will provide oversight and direction of the Security Operation Center teams in New York, London and Singapore.

Core Responsibilities:

· Oversight and direction of attack analysis team that monitors JPMC networks and systems from 3 strategic Security Operations Centers (New York City, London, Singapore)
· Oversee a team of 60+ analysts providing 24x7x365 follow the sun coverage
· Build out of global team including integration with Lines of Business
· Developing tight integration with threat intelligence to accelerate ability to uncover and track advanced cyber threats
· Development of firm wide operational processes for incident response
· Significant process development and improvement to focus on effectiveness of threat identification and detection
· Significant integration with cyber technology and engineering to ensure operational capabilities are aligned to threat environment
· Full concept of operations development, leadership of all attack analysis operations, presentations to executive leadership

Desired profile

Requirements

·  Demonstrated experience leading security operations centers with globally distributed teams
·  Demonstrated experience in driving new monitoring methods
·  Understanding of intelligence-driven approaches to computer network defense.
·  Deep understanding of the talent needed to successfully deliver a world class function
·  Experience working across multiple lines of business in a corporate function
·  Executive presence, strong ability to communicate written and verbally upwards and to peers. ·  This role will have supervisory responsibilities. As such, the individual must have a minimum of ten years' experience in the area of people management.
·  10+ year's Cyber Security Incident Response, Security Operations Center and/or Attack Analysis in a large, mission-critical environment with a background in the following:
·  In-depth knowledge of network intrusion methods, network containment and segregation techniques
·  In-depth knowledge of operating systems (Windows & UNIX, Mac OS X a plus)
·  Expert understanding of TCP/IP networking, routing protocols and full packet capture analysis
·  In-depth network security expertise including firewall, IDS and IPS
·  Experience building baselines of network activity for use in anomaly detection
·  Experience with proactive threat hunting techniques and concepts in an enterprise environment.
·  Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
·  Knowledge of enterprise systems and infrastructure
·  Proven understanding of log parsing and analysis at a large scale with data clustering tools or techniques
·  Experience with a scripting language such as Perl, Ruby, Python, and BASH
·  Bachelor's Degree in Computer Science or related field
·  Master's Degree in Engineering, Business Management, or Technology related fields a major plus

This position is anticipated to require the use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment

Make every future a success.
  • Job directory
  • Business directory
    •