1. Home
  2. Security Analyst – Attack Analysis - Associate - London
Expires soon
J.P. Morgan

Security Analyst – Attack Analysis - Associate - London

  • London (Greater London)
  • Infra / Networks / Telecom
Apply Now

Job description

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the worlds most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/ .

 

Cybersecurity is chartered with managing and directing the security programs focused on the discipline of cyber security design, implementation, analytics, threats, monitoring, response, and investigation across the organization. Our core services are focused on assuring the security of the computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. This is accomplished through strong information risk governance, active collaboration with business risk managers, and providing high quality security solutions and services which enable improving the organization's overall risk posture.

 

The Security Analyst in Attack Analysis will utilize their background in technology and incident response procedures to act as a defender of the firm.  As a security analyst on the Attack Analysis team, you will use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.

 

Key responsibilities include:

- Correlate log data from multiple sources and develop "detect" to identify adversary behavior

- Contribute to the maturity of cyber threat hunting framework within the team

- Conduct network forensics, log analysis, and malware triage in support of security events/incidents

- Recognize and organize attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.

- Examine network topologies to understand how data flows through the network

- Assist in the creation of processes/procedures, technical documentation, as well as completion of projects

- Develop internal tools and automate processes/work flows in support of incident response

- Assist with incident handling functions as well as with direct response activities for security events/incidents

Required:

- Experience working in a security role performing Security Analysis, Incident Response, Attack Analysis, or Computer Network Defense (CND) capacity

- Knowledge of SIEM products and the ability to develop advanced correlation rules

- Solid understanding of network protocols and experience conducting packet analysis using appropriate tools (e.g. tcpdump, wireshark, tshark)

- Programming experience in at least one of the following languages: Python, Perl, Powershell as well as an automation mindset

- Understanding of regular expressions

- Knowledge of intrusion detection methodologies (IDS/IPS) and techniques for detecting host and network-based intrusions via intrusion detection technologies

- Familiarity with Malware / Reverse Engineering with ability to assist in Static and Dynamic Analysis

- Familiarity with multiple operating systems (e.g., Windows, Unix, Mac)

Preferred

- Experience working as a penetration/red team tester with the ability to translate adversary behavior across multiple platforms (e.g., Windows, Unix, Mac) into identifiable patterns

- Understanding of post exploitation frameworks (e.g. Powersploit/Empire, Veil) and ability to identify activity associated with their usage

- Experience working with statistics to provide context and visual representation of data (e.g. R, numpy)

- Previous experience working as part of a Computer Security Incident Response Team (CSIRT)

- Familiarity with web application vulnerabilities and OWASP Top 10

 

This position is anticipated to require the use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment.

The Global Attack Analysis team is a 24x7, follow-the-sun operation and as such, this person may be required to cover shift rotational days, weekends, and holidays.

JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.

 

About J.P. Morgan’s Corporate & Investment Bank

J.P. Morgan’s Corporate & Investment Bank is a global leader across banking, markets and investor services. The world’s most important corporations, governments and institutions entrust us with their business in more than 100 countries. With $18 trillion of assets under custody and $393 billion in deposits, the Corporate & Investment Bank provides strategic advice, raises capital, manages risk and extends liquidity in markets around the world.  Further information about J.P. Morgan is available at www.jpmorgan.com .

JPMorgan Chase & Co. offers an exceptional benefits program and a highly competitive compensation package. JPMorgan Chase & Co. is an Equal Opportunity Employer.

Closing date : 17th October 2017

Make every future a success.
  • Job directory
  • Business directory
    •