Apply Now    

Cyber Intrusions Forensics Lead

Req #: 170085087_1
Location: New York, NY, US
Job Category: Technology
Potential Referral Amount: 5000 US Dollar (USD)

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.5 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/.

 

 

Job Summary:

 

The Intrusions Forensics Lead will be required to conduct complex digital forensic analysis involving breaches of critical IT infrastructure, tier 4 and critical forensic investigations, high impact legal and privacy issues requiring digital investigations, and high profile network forensic investigations. The successful candidate will have a proven track record of independently handling large scale, complex post-incident investigations, where techniques such as advanced network forensics, log analysis, timeline creation, and host-based forensics have been applied.

 

Responsibilities:

  • Demonstrating a deep understanding of digital forensic skills, techniques and tools necessary you will conduct live forensics on critical systems, and produce detailed analysis of the root cause of any incidents.

  • Use host-based and network forensic capabilities to develop information regarding Indicators of Compromise (IOC) and Tactics, Techniques & Procedures (TTPs) for threat actors and malware, which can be shared amongst other internal teams.

  • Leverage practical experience to develop methodologies for proactive hunting of threat actors in the absence of alerting or rules-based appliances.

  • Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents.

  • Develop processes and techniques for forensic analysis of emerging architecture in support of critical investigations.

  • Assist with the development of in-house training programs to ensure world class high-tech investigation standards.

Key Skills & Experience:

 

Essential:

  • 5 + years of experience working in the computer forensics, cybercrime investigation and other related fields.
  • Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools.
  • Proficient in performing live forensics acquisition/analysis, memory forensics log-file analysis, network forensics and using forensic techniques to perform malware analysis.
  • Proficient with investigating large data compromise events as well as online banking fraud.
  • Knowledge of networking protocols and packet analysis.
  • Knowledge of computer forensic best practices and industry standard methodologies for investigating network threats.
  • Experience working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.).
  • Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners.
  • Mastery of concepts in at least two of the following domains: NTFS file system forensics, memory forensics, Linux forensics, scripting, cloud computing technologies, networking and network security.
Desirable:
  • Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc) are a plus.
  • Industry standard information security technology certifications (GCIH, GREM, etc) are a plus.
  • Memberships and participation in relevant professional associations.
  • Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc.)
  • Experience with public or private cloud technologies

 

J.P. Morgan is a place for talented people from all backgrounds and perspectives because our clients come from all backgrounds and perspectives. We encourage a culture of inclusion, where everyone's opinion counts and all employees have the freedom to deliver their absolute best. This is why we work hard and invest in attracting and developing a diverse workforce.  Learn more about our Business Resource Groups in how they help our employees build successful careers and reach their greatest potential.
Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Things to note

Sign in to our application system to continue your job search or update your profile.

Current employees sign in here. Contractors sign in here.

Any information you provide is confidential and will only be viewed by our recruiters in an effort to fill open positions. In addition, the information you provide is subject to our privacy policy practices.

Please note that J.P. Morgan will not accept unsolicited approaches or speculative CVs, nor will J.P. Morgan be responsible for any related fees, from Third Party Firms who are not preferred suppliers.

The firm invites all interested and qualified candidates to apply for employment opportunities.

Need disability related assistance?

If you are a US or Canadian applicant with a disability who is unable to use our online tools to search and apply for jobs, please click here.

Important links

Click here to view the "EEO is the Law" poster.

Click here to view the "EEO is the Law" supplemental poster.

Click here to view our U.S. Pay Transparency Policy.

JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.