Apply Now    

Security Analyst – Attack Analysis - Associate

Req #: 170108053
Location: London, ENG, UK
Job Category: Technology
Potential Referral Amount: 3500 Pound Sterling (GBP)

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the worlds most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at

Cybersecurity is chartered with managing and directing the security programs focused on the discipline of cyber security design, implementation, analytics, threats, monitoring, response, and investigation across the organization. Our core services are focused on assuring the security of the computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. This is accomplished through strong information risk governance, active collaboration with business risk managers, and providing high quality security solutions and services which enable improving the organization's overall risk posture.

The Security Analyst in Attack Analysis will utilize their background in technology and incident response procedures to act as a defender of the firm.  As a security analyst on the Attack Analysis team, you will use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.

Key responsibilities include:

- Correlate log data from multiple sources and develop "detect" to identify adversary behavior

- Contribute to the maturity of cyber threat hunting framework within the team

- Conduct network forensics, log analysis, and malware triage in support of security events/incidents

- Recognize and organize attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.

- Examine network topologies to understand how data flows through the network

- Assist in the creation of processes/procedures, technical documentation, as well as completion of projects

- Develop internal tools and automate processes/work flows in support of incident response

- Assist with incident handling functions as well as with direct response activities for security events/incidents


- Experience working in a security role performing Security Analysis, Incident Response, Attack Analysis, or Computer Network Defense (CND) capacity

- Knowledge of SIEM products and the ability to develop advanced correlation rules

- Solid understanding of network protocols and experience conducting packet analysis using appropriate tools (e.g. tcpdump, wireshark, tshark)

- Programming experience in at least one of the following languages: Python, Perl, Powershell as well as an automation mindset

- Understanding of regular expressions

- Knowledge of intrusion detection methodologies (IDS/IPS) and techniques for detecting host and network-based intrusions via intrusion detection technologies

- Familiarity with Malware / Reverse Engineering with ability to assist in Static and Dynamic Analysis

- Familiarity with multiple operating systems (e.g., Windows, Unix, Mac)


- Experience working as a penetration/red team tester with the ability to translate adversary behavior across multiple platforms (e.g., Windows, Unix, Mac) into identifiable patterns

- Understanding of post exploitation frameworks (e.g. Powersploit/Empire, Veil) and ability to identify activity associated with their usage

- Experience working with statistics to provide context and visual representation of data (e.g. R, numpy)

- Previous experience working as part of a Computer Security Incident Response Team (CSIRT)

- Familiarity with web application vulnerabilities and OWASP Top 10


This position is anticipated to require the use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment.

The Global Attack Analysis team is a 24x7, follow-the-sun operation and as such, this person may be required to cover shift rotational days, weekends, and holidays.

JPMorgan Chase & Co offers an exceptional benefits programme and a highly competitive compensation package.  JPMorgan Chase & Co is an Equal Opportunity Employer.

Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Things to note

Sign in to our application system to continue your job search or update your profile.

Current employees sign in here. Contractors sign in here.

Any information you provide is confidential and will only be viewed by our recruiters in an effort to fill open positions. In addition, the information you provide is subject to our privacy policy practices.

Please note that J.P. Morgan will not accept unsolicited approaches or speculative CVs, nor will J.P. Morgan be responsible for any related fees, from Third Party Firms who are not preferred suppliers.

The firm invites all interested and qualified candidates to apply for employment opportunities.

Need disability related assistance?

If you are a US or Canadian applicant with a disability who is unable to use our online tools to search and apply for jobs, please click here.

Important links

Click here to view the "EEO is the Law" poster.

Click here to view the "EEO is the Law" supplemental poster.

Click here to view our U.S. Pay Transparency Policy.

JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.