As a Threat Intelligence Analyst at JPMorgan Chase within the Cybersecurity Technology and Controls, Cybersecurity Intelligence Group, you play an essential role in defending the firm against sophisticated cyber threats. Doing so will require you to investigate advanced threat actors, conduct proactive research on emerging threats, and generate forward-looking assessments to guide decision making at the highest levels. You’ll use your subject matter expertise to give guidance, best practices, and support to business and technology stakeholders during the deployment of critical business and technology initiatives. You’ll support threat analysis, incident response, and risk reviews, all of which drive cost-effective solutioning. As part of JPMorgan Chase & Co.’s global team of technologists and innovators, your work will have a massive impact, both on us as a company, as well as our clients and our business partners around the world. 

The Cybersecurity Intelligence Group (CIG) holds the global mandate for JPMC’s cyber intelligence collection, analysis, and dissemination of finished products to the firm’s Cybersecurity & Technology Controls teams, lines of business, and overall executive decision makers. This team is responsible for tracking threats and incidents targeting the firm and also involving the firm’s third party suppliers, subsidiaries, and key clients to address events such as intrusions, malware, DDoS, unauthorized access, insider attacks, and loss of proprietary information. This includes developing a deep understanding of global threat actors and their tactics, techniques, and procedures employed during cyberattacks. The work is varied, so the requirements of the role are multifaceted. Experience in cybersecurity, security controls, Internet technology, networking, and current affairs is a prerequisite, as is the ability to articulate complex information with clarity and brevity. 

Prospective applicants should be able to demonstrate a deep understanding of issues pertaining to cybersecurity and their intersection with geopolitical affairs, as well as the intelligence process and analysis. Being self-motivated and able to articulate complex information with clarity and brevity is a must. A demonstrated history of leading others through influence or creating specific analytic tools or techniques with impact across a large mission space would put you at a distinct advantage. 

Job responsibilities

 Being able to articulate a forward-looking view of the cyber threat landscape as it relates to JPMC and the wider financial sector, predicting shifts in adversarial intent, goals, and strategic objectives.

Hunting and tracking organized groups of threat actors using open and closed source tools Creating detailed threat actor profiles on adversaries of interest/relevance to the firm, covering tactics, techniques and procedures, intent, goals and strategic objectives Clearly and accurately conveying analytic findings through finished reports, executive communications, and verbal briefings to an array of customers. Providing detailed analysis of cyber events and their relevance to JPMC or the wider financial sector. Collaborating with and at times leading teams across cybersecurity operations to augment investigations into complex cybersecurity events and ensure the firm institutes the proper controls to defend against today’s most pressing threats.

This role requires the following essential qualifications and capabilities:

Bachelor's Degree in Computer Science, Cybersecurity, or similar work experience in a related field. Excellent communication skills, with the ability to articulate complex threat information to technical and non-technical audiences, both verbally and in writing  Demonstrated understanding of the vulnerability landscape and how it impacts the overall cyber threat landscape  An understanding in current affairs and international relations, evidenced by an understanding of geopolitical dynamics as they relate to state-sponsored intelligence operations. An understanding of the intelligence cycle, analysis methodologies, and processes. An understanding of computer networking concepts, the OSI model and underlying network protocols (e.g., TCP/IP), network traffic analysis, packet and protocol analysis (packet capture and netflow analytics).  An understanding of the MITRE ATT&CK Framework, stages of an attack and sub-techniques. Primarily sub-techniques associated with initial access, network communications, or deployment of malware.  Experience with threat intelligence techniques and processes in an enterprise level organization General knowledge of global cyber threats, threat actors and the tactics, techniques, and procedures used by cyber adversaries Working knowledge of basic programming languages or database management systems, examples being: Python Scripting  RESTful API use Publish Subscribe model messaging  JSON (use and manipulation) HTML/CSS Javascript ElasticSearch

 

Highly Desirable:

Intelligence community experience, or comparable private sector experience. Financial sector experience. Industry certifications related to Cyber Threat Intelligence, Pen Testing, Forensics, Networking or Security