Acquisition Cybersecurity Team (ACT) - Senior SOC Analyst

Seize the opportunity to enhance cybersecurity, utilizing your expertise in threat analysis and incident response to protect vital data and systems.

As a Security Operations Senior Associate in the Cybersecurity and Tech Controls line of business, you will play a critical role in safeguarding the organization's digital assets and infrastructure. You will proactively detect, assess and respond to threats, vulnerabilities, and security incidents. Leveraging your deep knowledge of security principles and practices you will collaborate with cross-functional teams to develop coordinated security strategies and educate employees on best practices. Your work will directly impact departmental outcomes driving progress, identifying gaps in information, and solving complex cybersecurity challenges. By utilizing your advanced analytical, technical, and problem-solving skills, you will contribute to the continuous improvement of our cybersecurity posture and help maintain the integrity, confidentiality, and availability of sensitive data and systems.

• Monitor and analyze security infrastructure, contributing to detection and response to threats, vulnerabilities, and incidents to ensure the integrity, confidentiality, and availability of sensitive data and systems
• Conduct in-depth security investigations, including log analysis, network trace review, and other data sources to identify root causes, assess impact, and gather evidence for response and mitigation actions
• Triage and remediation of security alerts, along with end-to-end ownership of an investigation and active participation in incident response
• Create and maintain process documentation to support consistent and effective incident response
• Develop and maintain threat detection and response playbooks, incorporating industry best practices, regulatory requirements, and lessons learnt from previous incidents
• Collaborate with cross-functional teams to develop and implement coordinated security strategies, policies, and procedures, while educating employees on best practices
• Provide intelligence services to JPMorgan Chase acquisitions, including drafting and disseminating vulnerability and intelligence reports.
• Liaise regularly with acquisitions to maintain lines of communication, understand and document their cybersecurity posture and unique challenges, identifying uplift opportunities where possible.
• Willing to work a shift schedule that includes weekend work every four weeks and complying with firmwide in-office attendance policies
• Take active ownership of issues affecting acquisitions and drive any identified uplifts to completion
• Act as a point of escalation for analysts on the team

• Minimum 3 years of experience in cybersecurity operations, including threat detection, incident response, or vulnerability management
• Proven experience in network trace analysis, log analysis, vulnerability assessment, exploitation techniques, and security investigations in response to security incidents
• Proficiency in scripting for task automation, implementing controls, and data manipulation
• Strong understanding of security protocols, cryptography, authentication, authorization, and security architecture design principles
• Hands-on experience with security tools and technologies such as Security Information and Event Management (SIEM), Intrusion Detection System (IDS), Endpoint Detection and Response (EDR), malware analysis tools and email security solutions
• Knowledge of adversary tactics, attack stages, and detection methods
• Familiarity with enterprise security technologies, Windows and Linux operating systems (OS) and the ability to identify signs of compromise
• Excellent communication skills, with the ability to present risks and findings to both technical and non-technical audiences.

• Experience with a broad range of cybersecurity tools, including Extended Detection & Response (XDR) platforms
• Experience reviewing vulnerabilities and the effectiveness of mitigation measures
• Basic understanding of cloud architecture and attacker techniques in cloud environments
• The ability to manage fluctuating workloads and conflicting priorities
• Project management experience, with a track record of driving projects and issues to completion while documenting progress.