JPMorgan Chase Intrusions Forensics Lead in Jersey City, New Jersey

As an experienced professional in our Cybersecurity organization, you’re equally committed to watching over our data today, as well as finding innovative new ways to protect it in the future. To do that, you’ll be part of a highly motivated team laser-focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. You’ll take the lead on incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving and selecting cost-effective solutions. You’ll deploy best practices, new policies, and emerging trends to strengthen our strategic roadmap. You’ll keep management, executive directors, managing directors and stakeholders in the loop. As part of JPMorgan Chase & Co.’s global team of technologists and innovators, your work will have a massive impact, both on us as a company, as well as our clients and our business partners around the world.

Job Summary:

The Intrusion Forensics Lead will be required to conduct complex digital forensic analysis involving breaches of critical IT infrastructure, tier 4 and critical forensic investigations, high impact legal and privacy issues requiring digital investigations, and high profile network forensic investigations. The successful candidate will have a proven track record of independently handling large scale, complex post-incident investigations, where techniques such as advanced network forensics, malware reverse engineering, log analysis, timeline creation, and host-based forensics have been applied.

Responsibilities:

  • Demonstrating a deep understanding of digital forensic skills, techniques and tools necessary you will conduct live forensics on critical systems, and produce detailed analysis of the root cause of any incidents.

  • Use host-based and network forensic capabilities to develop information regarding Indicators of Compromise (IOC) and Tactics, Techniques & Procedures (TTPs) for threat actors and malware, which can be shared amongst other internal teams

  • Leverage practical experience to develop methodologies for proactive hunting of threat actors in the absence of alerting or rules-based appliances.

  • Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents.

  • Develop processes and techniques for analysis of malware and detection of direct threats to the Firm.

  • Assist with the development of in-house training programs to ensure world class high-tech investigation standards.

Key Skills & Experience:

Essential:

  • 5 + years of experience working in the computer forensics, cybercrime investigation and other related fields

  • Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools.

  • Proficient in performing live forensics acquisition/analysis, log-file analysis, network forensics and using forensic techniques to perform malware analysis.

  • Proficient with investigating large data compromise events as well as online banking fraud.

  • Knowledge of networking protocols and packet analysis.

  • Knowledge of computer forensic best practices and industry standard methodologies for investigating network threats

  • Experience working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.)

  • Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners.

Desirable:

  • Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc) are a plus.

  • Industry standard information security technology certifications (GCIH, GREM, etc) are a plus.

  • Memberships and participation in relevant professional associations.

  • Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc.)

This position is anticipated to require the use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment.

Qualifications:

This role requires a wide variety of strengths and capabilities, including:

5 + years of experience working in the computer forensics, cybercrime investigation and other related fields.

  • Proficient in performing live forensics acquisition/analysis, memory forensics log-file analysis, network forensics and using forensic techniques to perform malware analysis.

  • Proficient with investigating large data compromise events as well as online banking fraud.

  • Knowledge of computer forensic best practices and industry standard methodologies for investigating network threats.

  • Experience working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.).

  • Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners.

  • Mastery of concepts in at least two of the following domains: NTFS file system forensics, memory forensics, Linux forensics, scripting, cloud computing technologies, networking and network security.

Desirable:

  • Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc) are a plus.

  • Industry standard information security technology certifications (GCIH, GREM, etc) are a plus.

  • Memberships and participation in relevant professional associations.

  • Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc.)

  • Experience with public or private cloud technologies

Cyber :

Your expertise in cyber, combined with your desire to provide innovative security services, will be an asset to our Cybersecurity team. Help deliver high-quality security solutions across all our lines of business around the world by creating, designing, implementing, and maintaining next-level technology. The work you’ll do is vital, as it will protect over $18 trillion of assets under custody and $393 billion in deposits every day.

When you work at JPMorgan Chase & Co., you’re not just working at a global financial institution. You’re an integral part of one of the world’s biggest tech companies. In 14 technology hubs worldwide, our team of 40,000+ technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $9.5B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world.

At JPMorgan Chase & Co. we value the unique skills of every employee, and we’re building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you’re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.

JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.