As a member of the Cybersecurity & Technology Controls (CTC) Incident Management & Response (IMR) team within the JPMorgan Chase & Co. Global Incident Command Center (GICC), you will fit into a Global team providing 24/7 Incident Management and Response support, acting as the frontline defense for attacks against the firms’ infrastructure. You will be responsible for the execution of the Firm-wide Cybersecurity Incident Management Playbook designed to provide a set of steps to orchestrate a framework of actions to be considered during the lifecycle of a Cybersecurity event, in effort to prevent impact, or during an impacting Cybersecurity incident. The process executes against the firmwide Technology incident Management Standards and leverages ITIL best practices to govern remediation and safeguard failures. The team also covers internal and external engagements with our LOB partners including regulatory, compliance, privacy and/or media communications.​​​​​​​Our incidents are categorized: technical outages (e.g. hardware failures, code/configuration issues, DB corruption, access issues, etc.); and cybersecurity events (e.g. malware, credential high jacking, zero-day vulnerabilities, DDoS, data exfiltration, etc.).

Working in cybersecurity takes passion for technology, speed, a desire to learn, and vigilance in order to keep every asset safe. You’ll be on the front lines of innovation, working with a highly motivated team responsible for command and control over technology operations groups during any Cybersecurity events and incidents. Your command and control, communication and documentation skills will ensure stability, capacity and resiliency of our products. Working with your internal team, as well as technologists and innovators across our global network, you will have the ability to respond to incidents, collaborate with Cybersecurity Operations Incident Response teams, and Enterprise Technology Product and Engineering teams to mitigate and remediate events and incidents to prevent impacts to JPMC businesses.

Qualifications:

The role requires a wide variety of strengths and capabilities, both technical and non-technical.

• Experience in an Incident Management or Incident Response function in an Enterprise environment.
• Demonstrate Command & Controls, Documentation and Communication skills in previous roles.
• Experience with communicating technical topics both in writing and verbally to senior management from a technical or non-technical background.
• Ability to work closely in partnership with the business, technology, and project management partners to execute on projects and improvements for the CTC IMR team, e.g., research, internal procedure uplift, internal tools development and uplift, as well as work quality improvements.
• Appreciation of the wider roles of interconnecting Cyber Security teams and collaboration with each of those (i.e., Forensics, Threat Intelligence, Penetration Testing, Vulnerability Management, etc.).
• Ability to ask questions and understand the technologies and business functions supported well enough to facilitate working troubleshooting sessions.
• Ability to influence senior technology managers across organizational boundaries through formal and informal channels
• Ability to be proactive with a strong bias for action, naturally inquisitive, and bias for continuous improvement of practices / process.
• Must possess the ability to exercise excellent judgment and decision making skills in the heat of the moment, and understand when to escalate issues
• Experience with analyzing operational metrics to identify process improvements.
• Experience with delivering constructive feedback to a team on a continuous basis.
• Demonstrated ability to multitask and prioritize in a stressful environment; results-oriented
• Strong understanding of the ITIL framework and experience with Incident Management tool. ITIL Certification desired.
• Basic understanding of various Operations Systems, Network Fundamentals, Cyber Tools, Cloud architecture, etc.
• High level understanding of cybersecurity attack frameworks, i.e. MITRE ATT&CK, Cyber Kill Chain.
• Baseline Cybersecurity Certifications (i.e. Security+, etc.) desired.