Security Operations Vice President / Manager- Attack Analysis

Embrace the challenge of maintaining robust digital security, driving operational excellence, and implementing cutting-edge solutions in cybersecurity.

As a Security Operations Vice President / Manager- Attack Analysis at JPMorgan Chase in the Corporate Sector- Cybersecurity & Technology Controls, within the Cybersecurity Operations Attack Analysis team, you will contribute significantly to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. You will regularly collaborate with cross-functional teams to develop a coordinated approach to security, ensuring the integrity, confidentiality, and availability of sensitive data and systems. You will apply advanced analytical, technical, and problem-solving skills to enable operational excellence and implement innovative solutions to address complex security challenges. By staying current with industry best practices, policies, and procedures, you will contribute to maintaining a secure digital environment and driving continuous improvement in the firm.

Job responsibilities

• Manage a team of security operations analysts and ensuring an effective execution of operational procedures to triage and investigate security alerts and respond to security incidents
• Represent Attack Analysis during security incident calls and drive actions to respond effectively to them
• Pro-active identification of improvements to Attack Analysis's security operations processes and procedures
• Coach security analysts to ensure that they are performing their work at the optimum levels
• Collaborate effectively with other regional teams to deliver Attack Analysis's mission and objectives
• Work with partners in other teams within CTC to drive threat mitigation activities including sharing security incident details with product lines, participate in security architecture discussions and identifying opportunities to implement new detection rules

Required qualifications, capabilities, and skills

• 5+ years of experience working in a security operations center environment
• Leadership / team management experience
• Demonstrated knowledge and experience in multiple security domains, including network security, malware analysis, threat hunting, and security incident response, with proficiency in using Security Information and Event Management (SIEM) tools and developing alerts triaging and investigations procedures
• Advanced knowledge of network and infrastructure configuration/security, including experience in designing and implementing security solutions for on-prem, cloud, or hybrid environments

Preferred qualifications, capabilities, and skills

• Splunk, CrowdStrike
• Windows or Linux operating systems and AWS, Azure and GCP
• Security Incident response
• MITRE ATTT&CK