Cybersecurity is chartered with managing and directing the security programs focused on the discipline of cyber security design, implementation, analytics, threats, monitoring, response, and investigation across the organization. Our core services are focused on assuring the security of the computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. This is accomplished through strong information risk governance, active collaboration with business risk managers, and providing high quality security solutions and services which enable improving the organization's overall risk posture.
Global Cybersecurity is currently looking for Security Assurance Operations Analysts to be responsible for providing eyes on glass monitoring and triage of security events.
- Performing daily operational ‘eyes on glass’ real-time monitoring and analysis of internal security events from but not limited to events from Security Information Monitoring tools, network and host based intrusion detection systems, mainframe, midrange, applications and databases.
- Reviewing firewall logs, database logs, email logs and system logs to ensure that end user actions adhere to JPMC security standards
- Additional responsibilities will include reporting, documenting team procedures and workflows, documentation review and improvements, attending meetings as required and working on projects to drive efficiencies
- Working with global teams and Line of Business contacts for issue escalations and resolution
The Global Security Assurance Operations team is a 23x5, follow-the-sun operation and as such, the Analyst will need to attend off-office hours business calls, cover shift on rotational days and weekends as per business requirements.
- Experience/Skills (Required):Degree in Computer Science or related field or equivalent experience
- At least 5-10+ years experience in Information Technology
- Familiarity with Privilege Access Management, insider threats and threat detection and analysis
- Demonstrable comprehension of Information Systems Security including compliance, policies and procedures, vulnerability management, Data Loss Protection/Prevention (DLP), malware infections, and cyber attacks
- Working knowledge of windows Desktop and Server platforms including Windows 7, Windows 2003/2008/2008 R2/2012
- Working knowledge of Active Directory on an enterprise platform supporting various services such as Microsoft Exchange and SharePoint servers
- Working knowledge of PowerShell & AD Scripting
- Experience with Windows and Linux/Unix commands, database structure and queries
- Experience with reviewing raw log files from various sources, data/events correlation, and analysis
- Familiarity or experience with two or more of the following environments
- Application, Web, and Database servers,
- Software Development Life Cycle,
- Programming languages,
- Version Control Systems,
- Development Platforms such as (.NET & Java),
- Software Installation, Updates, Upgrades, and Migration,
- Backups & Disaster Recovery.
- Familiarity with Encryption and SSL certificates
Understanding of networking fundamentals including protocols, ports, and firewalls.People Skills:
- Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
- Ability to work with a sense of urgency and pay attention to detail
- Possess drive, passion and fortitude, dynamic and independent, resourceful and a self-starter
- Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
- Must be reliable and adaptableOutstanding integrity and work ethic
- Experience with working on global teams across time zones, cultures and languages
- Ability to follow operational processes and workflows, with experience in incidents handling and response
- Ability to present complex solutions and methods to a general community and the higher management
- Excellent written and verbal communication and organizational skills
- Excellent interpersonal skills to work with diverse personnel and stakeholders regionally and globally
CISSP, CISA, CEH, Security+ certification will be advantageous
Previous experience working for a large financial institution
This position is anticipated to require the use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment.