1. Home
  2. Red Team / Attack Operator Lead - Cyber Security
Expires soon
J.P. Morgan

Red Team / Attack Operator Lead - Cyber Security

  • Jersey City (Hudson County)
  • Infra / Networks / Telecom
Apply Now

Job description

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/ .

Cybersecurity's purpose is to ensure the security and resiliency of the Firm's computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high quality security solutions and services that are focused on improving the Firm's risk posture. The Cybersecurity team is composed of firmwide functions (IT Risk Management, Infrastructure Security Solutions, Identity & Access Management, and Application security) as well as business-aligned risk & resiliency management teams that affect the technology risk program.

The Cyber Security Red Team / Penetration Tester is tasked with identifying and containing advanced cyber security threats targeting the firm. The successful candidate will have a proven track record in conducting network exploitation operations, to include Cyber Red Team operations. Additionally, candidate will have proven experience with in-depth technical analysis of computer networks culminating in the identification of existing and potential vulnerabilities that if exploited would allow unauthorized access to JPMC systems.

Desired profile

ยท ยท  Overall 3-5 years of Information Security experience with one of the following:
ยท  At least 3years' experience performing network penetration testing
ยท  At least 2 years' experience performing application security assessments
ยท  At least 3years' experience with Cyber Red Team operations
ยท  At least 3 years' experience performing network exploitation operations.
o U.S. Intelligence Community background highly preferred.
Required Qualifications:

ยท  Knowledge of networking fundamentals (all OSI layers)
ยท  Knowledge of the Windows and *NIX operating systems to include boot process through understanding of the execution flow of boot time processes
ยท  Knowledge of software exploitation (web, client-server and mobile) on modern operation systems. Familiarization with XSS, SSJS, filter bypassing, etc.
ยท  Familiarity with interpreting log output from networking devices, operating systems and infrastructure services
ยท  Familiarity with common reconnaissance, exploitation, and post exploitation frameworks.

Preferred Qualifications:

ยท  Bachelor's Degree in Engineering, Business Management, or Technology related fields a major plus
ยท  Knowledge of conducting physical security penetration testing is small independent teams.
ยท  Knowledge of malware packing and obfuscation techniques
ยท  Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc).
ยท  Strong knowledge of networking protocols and packet analysis
ยท  Must have the ability to perform targeted penetration tests without use of automated tools
ยท  Well versed in multiple security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP amongst others
ยท  Demonstrated understanding of financial sector, or other large organization, security and IT infrastructures
ยท  Ability to program in C, C++, C#, Objective C, Python, Java, PHP and/or ASM (x86)

People Skills:
ยท  Able to work either independently or in a team
ยท  The ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective.
ยท  Able to articulate and visually present complex forensic investigation and analysis results.
ยท  Able to work under pressure in time critical situations.
Process Skills:
ยท  Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work.
ยท  Detailed knowledge of current international best practices in privacy.
Communication Skills:
ยท  Excellent written and verbal communication skills are required.
ยท  Ability to communicate effectively with business representatives in explaining forensic findings clearly and where necessary, in layman's terms.

Make every future a success.
  • Job directory
  • Business directory
    •