Cyber Threat and Intelligence (CTI) holds the global mandate for JPMorgan Chase's cyber threat information and intelligence collection, analysis, and dissemination of finished product to JPMorgan Chase's population of security operations teams, information technology teams, information technology risk teams, and overall executive decision makers. This team also is responsible for external engagement with peer groups and information security circles over cyber threats and on the development of global cyber policy to address events ranging from intrusions, malware, DDoS, unauthorized access, insider attacks and loss of proprietary information. This includes developing deep understanding of global threat actors and the geopolitical drivers of cyberspace.
CTI also plays an integral role in the alerting, response, and mitigation of computer security incidents at JPMC and CTI works closely with the incident response team, various lines of business, and United States Government entities to mitigate risk to the firm
The Senior Malware Analyst/Reverse Engineer will be required to conduct complex static and dynamic analysis of malcode identified from external sources, and investigations. The successful candidate will have a proven track record in reverse engineering malware.
The responsibilities of this position include:
- Conducting malware analysis and reverse engineering on suspicious code, and producing a detailed report of the findings
- Automation of intelligence gathering, and malware analysis systems.
- Conduct deep dive technical analysis of cyber-attack tools, tactics, and procedures.
- Regularly develop and produce written intelligence reports and white papers constructed from technical analysis results and collected threat information for JPMC internal consumers.
- Assist CTI peers in regular production and dissemination of intelligence reports.
- Review threat information and maintain threat repository.
- Contribute cybersecurity perspective to discussions and decisions regarding JPMC global technology infrastructure and technology deployments.
- Partner with the incident response team and investigations team to understand incidents and support technical analysis of malicious cyber security events.
- Communicate effectively with representatives of the Lines of Business, technology specialists, and vendors.
- Work closely with the technology risk teams to assess risk and provide recommendations for improving our security posture.
- Conduct advanced computer and network tests relating to various forms of malware analysis, computer intrusion, theft of information, denial of service, multi-national organized criminal groups, and Advanced Persistent Threats (APT).
- 7-10 years of professional experience in Information Technology
- 4+ years’ experience in a large, mission-critical environment.
- 3+ years’ malware analysis, virus exploitation and mitigation techniques experience.
- Experience in network intrusion methods, network containment, and segregation techniques and technologies experience.
- Ability to apply a thorough knowledge of attacker capabilities, intentions, motives, and historical operations/targets to inform JPMC Cybersecurity strategies quickly, clearly and effectively.
- IP Protocol Suite; knowledge of IP Routing protocols.
- Proficiency with Windows & UNIX.
- Strong written and verbal communication skills; ability to understand complex problems while formally presenting them simplistically.
- Knowledge of incident response, investigations and crisis management.
- Ability to identify both tactical and strategic solutions.
- Knowledge of computer forensics both host and network based.
- Bachelor's Degree in Computer Science or related field or equivalent experience.
Highly Desired :
- Incident Response and or Threat Analysis experience.
- Knowledge of Novell, Mac OSX operating systems.
- Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors.
- Coding (scripting) experience e.g. Perl, VB Script, Python etc.
- Experience in partnering with major government agencies and authorities around the world.
- Experience in safely and legally maintain multi-national network for collection of threat information.
This position is anticipated to require the use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment.