Cybersecurity Solutions Engineer - Assessments and Exercises

Description:
Are you passionate about addressing cyber issues and driving innovative solutions? Do you excel in both technical and non-technical analysis, root cause evaluation, stakeholder engagement, and novel approaches to problem-solving? If this sounds like you, apply to join the Findings Analysis and Solutions Team (FAST) within JPMC's Cybersecurity & Technology Controls (CTC) organization to tackle these challenges on a massive scale.

In this role, you will investigate security issues uncovered by our Red Team and other Assessments and Operations teams to understand the core problems and help solve them at both a tactical and operational level.

The ideal candidate will be self-motivated, possess extensive technical curiosity, have a drive to understand complex cybersecurity issues, and be able to collaborate with both technical and non-technical peers.

Job Responsibilities:
• Assess the potential impact of vulnerabilities on business and technology operations using data-driven risk prioritization.
• Conduct root cause analysis (RCA) of security issues identified during assessments across various technologies and transform your findings into actionable insights.
• Collaborate with stakeholders throughout the firm to understand, address findings, and achieve the common goal of improving the security posture of the firm.
• Identify, design, and implement technical, procedural, educational, or other solutions to effectively mitigate security issues.
• Present analysis, insights, and conclusions to both technical and non-technical audiences, including senior leaders, ensuring clarity and understanding.
• Prioritize remediation efforts using multiple criteria to ensure the most worthwhile issues are addressed first.

Required Qualifications:
• An insatiable technical curiosity about all things Cyber and a desire to expand your skillset.
• Demonstrated ability to be proactive and resourceful, identifying and using appropriate sources for data-driven investigations.
• Knowledge of or experience in offensive or defensive cybersecurity roles and processes such as Incident Response, Threat Intelligence, Penetration Testing, Red Teaming, Risk Management, Cyber Engineering, Cyber Architecture, and Data Privacy.
• Familiarity with network architecture concepts, including cloud architectures, and deploying large-scale applications in an enterprise environment.
• Experience with enterprise level security technologies like firewalls, IDS/IPS, web proxies, DLP, SIEM, SOAR, and others.
• Experience in building analytical processes, templates, and documentation.
• Strong written and verbal communication skills; ability to understand complex problems and present them simply.
• Ability to collaborate with high-performing teams, senior leaders, business stakeholders, third-party vendors, and technical individuals throughout the firm to effectively articulate risk and drive change.
• A strong commitment to ethical practices and d...