Location: New York, NY, United States

Join a team dedicated to safeguarding our people, data, and assets from within. 

As an Insider Threat Senior Associate at JPMorgan Chase within the Cybersecurity Technology and Controls, you will proactively detect, assess, and respond to potential insider threats impacting our organization and acquisitions. You will collaborate with cross-functional teams to develop and implement strategies that protect sensitive information and maintain a secure environment. Your work will help drive a culture of security awareness, identify risk, and solve complex challenges related to insider activity. By applying your analytical and technical skills, you will help ensure the integrity, confidentiality, and availability of our data and systems.

Job Responsibilities:

• Monitor and analyze user activity and security infrastructure to detect and respond to potential insider threats
• Conduct in-depth investigations of anomalous behavior, including log and network trace analysis, to identify root causes and gather evidence
• Triage and remediate insider threat alerts, taking end-to-end ownership of investigations and participating in incident response
• Create and maintain process documentation and playbooks for insider threat detection and response
• Develop and update insider threat detection strategies using industry best practices and regulatory requirements
• Collaborate with teams to implement insider threat awareness programs, policies, and procedures, and educate employees on best practices
• Provide intelligence services to acquisitions, drafting and sharing insider threat and vulnerability reports
• Liaise with acquisitions to understand their unique insider threat challenges and identify opportunities for improvement
• Work a shift schedule that includes weekend coverage and comply with in-office attendance policies
• Take ownership of issues affecting acquisitions and drive identified improvements to completion
• Act as a point of escalation for team analysts on insider threat matters

Required Qualifications, Capabilities, and Skills:

• Experience in cybersecurity operations with a focus on insider threat detection, incident response, or vulnerability management
• Proficiency in user activity monitoring, network trace analysis, log analysis, and security investigations
• Ability to script for task automation, implement controls, and manipulate data
• Strong understanding of security protocols, authentication, authorization, and security architecture principles
• Hands-on experience with security tools such as SIEM, UEBA, IDS, EDR, and email security solutions
• Knowledge of adversary tactics, insider threat indicators, and detection methods
• Familiarity with enterprise security technologies and both Windows and Linux operating systems
• Ability to identify signs of compromise and anomalous behavior across platforms
• Excellent communication skills for presenting risks and findings to technical and non-technical audiences

Preferred Qualifications, Capabilities, and Skills:

• Experience with a range of cybersecurity tools, including XDR and UEBA platforms
• Experience reviewing vulnerabilities and the effectiveness of mitigation measures
• Basic understanding of cloud architecture and attacker techniques in cloud environments
• Ability to manage fluctuating workloads and conflicting priorities
• Project management experience with a track record of driving projects and documenting progress

#CTC