Join a team dedicated to safeguarding our people, data, and assets from within. 

 

As an Insider Threat Senior Associate at JPMorgan Chase within the Cybersecurity Technology and Controls, you will proactively detect, assess, and respond to potential insider threats impacting our organization and acquisitions. You will collaborate with cross-functional teams to develop and implement strategies that protect sensitive information and maintain a secure environment. Your work will help drive a culture of security awareness, identify risk, and solve complex challenges related to insider activity. By applying your analytical and technical skills, you will help ensure the integrity, confidentiality, and availability of our data and systems.

 

Job Responsibilities:

Monitor and analyze user activity and security infrastructure to detect and respond to potential insider threatsConduct in-depth investigations of anomalous behavior, including log and network trace analysis, to identify root causes and gather evidenceTriage and remediate insider threat alerts, taking end-to-end ownership of investigations and participating in incident responseCreate and maintain process documentation and playbooks for insider threat detection and responseDevelop and update insider threat detection strategies using industry best practices and regulatory requirementsCollaborate with teams to implement insider threat awareness programs, policies, and procedures, and educate employees on best practicesProvide intelligence services to acquisitions, drafting and sharing insider threat and vulnerability reportsLiaise with acquisitions to understand their unique insider threat challenges and identify opportunities for improvementWork a shift schedule that includes weekend coverage and comply with in-office attendance policiesTake ownership of issues affecting acquisitions and drive identified improvements to completionAct as a point of escalation for team analysts on insider threat matters

 

Required Qualifications, Capabilities, and Skills:

Experience in cybersecurity operations with a focus on insider threat detection, incident response, or vulnerability managementProficiency in user activity monitoring, network trace analysis, log analysis, and security investigationsAbility to script for task automation, implement controls, and manipulate dataStrong understanding of security protocols, authentication, authorization, and security architecture principlesHands-on experience with security tools such as SIEM, UEBA, IDS, EDR, and email security solutionsKnowledge of adversary tactics, insider threat indicators, and detection methodsFamiliarity with enterprise security technologies and both Windows and Linux operating systemsAbility to identify signs of compromise and anomalous behavior across platformsExcellent communication skills for presenting risks and findings to technical and non-technical audiences

 

Preferred Qualifications, Capabilities, and Skills:

Experience with a range of cybersecurity tools, including XDR and UEBA platformsExperience reviewing vulnerabilities and the effectiveness of mitigation measuresBasic understanding of cloud architecture and attacker techniques in cloud environmentsAbility to manage fluctuating workloads and conflicting prioritiesProject management experience with a track record of driving projects and documenting progress

 

#CTC