JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of trillion and operations in more than 60 countries. The firm is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity.
Cyber Security is chartered with managing and directing the security programs focused on the discipline of cyber security design, implementation, analytics, threats, monitoring, response, and investigation across the organization. Our core services are focused on assuring the security of the computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. This is accomplished through strong information risk governance, active collaboration with business risk managers, and providing high quality security solutions and services which enable improving the organization's overall risk posture.
This Cybersecurity Content Developer will be responsible for the creation and implementation of Security Monitoring content (i.e. alerts/rules) on various security monitoring and correlation technologies. This individual will be expected to closely partner with SOC, Intel, Engineering, and Incident Response. A successful candidate will have a proven track record in information security derived from an all-round Information Technology background, hands on SOC/SIEM experience, and possess a combination of the skills and competencies below.
Bachelors degree in computer science, information systems or related field along with 5 - 10 years of hands-on experience in Network Security, Security Analysis and Incident Response. Equivalent experience may be considered in lieu of degree.
- Solid understanding of additional security technologies / concepts such as firewalls, intrusion prevention, encryption, threat analysis, and vulnerability assessment.
- Comfortable with managing complex, enterprise-scale logging, including ensuring alerting is effective to protect against security threats.
- 4+ Years using SIM/correlation platforms
- In-Depth/Hands on knowledge of Linux, Windows, Databases, networking, SIM/logging technologies, and security operations.
- Candidate should have hands on experience in day to day use of creating content for SIM/correlation/behavioral analytics platforms.
- Ability to automate tasks through the use of scripting tools in multiple languages such as Perl, Java, and Python
- A strong candidate will have multiple security related certifications like CISSP, SSCP, CCFP and CEH
- Able to develop tools to assist in log analysis and/or log message parsing for proper SIM integration
- Able to develop long term trend and reporting capabilities for security threats, operational process service level objectives, health of log platform and security posture
- Good documentation and communication skills, both oral and written
- Good team work skills and ability to work in a distributed global team environment
- Strong analytical and problem solving skills
- Self-motivated, proactive and with determination to achieve goals
- Flexible and able to deliver quality results in the required timeframe
- Familiar and experienced in the software development lifecycle process
- Influencing skills to drive development standards
- Stay current with the Threat Landscape including malware network propagation techniques, intrusion attempt indicators and indicators of compromise of systems, applications and databases
- On call 24x7 security support and potential crisis situations; this may involve complex technical hardware and/or software problems
- This position is anticipated to require the use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment.