Security Operations Vice President- Threat Detection Engineer

Job Description
Embrace the challenge of maintaining robust digital security, driving operational excellence, and implementing cutting-edge solutions in cybersecurity.
As a Security Operations Vice President within JPMC's Cybersecurity and Technology Controls, you will contribute significantly to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. This team is responsible for enhancing the firm's ability to assess and mitigate Insider Threat Technology Risk through advanced pattern-based and behavior-based detections. This expanded team, known as Global Technology Insider Threat, acts as the central authority for assessing Insider Risks within the Global Technology domain, serving as the primary point of contact for all technological Insider Threat detections and referrals. Our commitment is to proactively hunt insider threats using cutting-edge intelligence, develop sophisticated detection logic, and implement behavior-based detections to safeguard the firm's invaluable assets and data. By leveraging the expertise of our broader Cybersecurity Operations and Global Security teams, we ensure swift and effective incident response. Our goal is to foster a secure and resilient IT environment, maintaining the highest standards of protection and trust for our organization.
Job responsibilities

• Execute and influence the design of comprehensive security strategies, policies, and procedures to enhance threat detection capabilities and protect the organization's digital assets and infrastructure from cybersecurity threats.
• Proactively monitor and analyze complex data and systems to identify indicators of vulnerabilities and compromises, utilizing advanced tools and techniques to detect anomalies and contribute to the development of strategies for security investigation, threat mitigation, and incident response.
• Collaborate with cross-functional teams to ensure a coordinated approach to security, sharing insights, and promoting best practices across the organization.
• Evaluate and enhance the organization's security posture by staying current with industry trends, emerging threats, and regulatory requirements, driving innovation and process improvements.
• Utilize various data elements from a library of control objectives and procedures, threat behavior and likelihood assessments, prevention and detection policies, and security log data feeds to identify potential insider threats. Recommend appropriate mitigation strategies based on your analysis.
• Actively search for insider threats using advanced intelligence and sophisticated correlation searches to protect the firm's assets and data.
• Create and implement customized pattern-based and behavior-based detection strategies to identify and mitigate insider threats within the organization.

Required qualifications, capabilities, and skills

• Formal training or certification on security concepts and 5+ years of applied experience in cybersecurity operations, with a focus on threat detection, incident response, and security infrastructure management.
• Demonstrated expertise in multiple security domains, including network security, malware analysis, threat hunting, and security architecture and design, with proficiency in using Security Information and Event Management (SIEM) tools and advanced analytics techniques.
• Advanced knowledge of network and infrastructure configuration/security, including experience in designing and implementing security solutions for on-prem, cloud, or hybrid environments.
• Good hands on experience in designing and implementing user behavior analytics (UBA) and AI/ML methodologies to detect anomalies.
• Proficient in identifying attacks through log analysis and develop and maintain insider threat detection tools and methodologies.
• Good working knowledge of designing and automating security workflows, working with cloud services, containerization, and orchestration tools.
• Good understanding of cybersecurity organization practices, operational risk management processes, security controls, architectural design, engineering threat detections, and incident response methodologies.

Preferred qualifications, capabilities, and skills

• Experience in security operations, detection engineering, and risk management.
• Experience in automation and cloud technologies.
• Experience with statistical models, data loss prevention, and both endpoint and network security.
• Certifications such as CISSP, CISM, or SANS (GCIA, GCIH, GCDA, GDAT).
• Experience in the financial services or similar industry and their IT systems.

About Us
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans
About the Team
The Cybersecurity & Technology Controls group at JPMorganChase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.