Apply Now    

Senior Security Analyst - Attack Analysis, Cybersecurity, Vice President

Req #: 170064963
Location: Singapore, 01, SG
Job Category: Technology
Job Description:

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.6 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the worlds most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at

Cybersecurity is chartered with managing and directing the security programs focused on the discipline of cyber security design, implementation, analytics, threats, monitoring, response, and investigation across the organization. Our core services are focused on assuring the security of the computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. This is accomplished through strong information risk governance, active collaboration with business risk managers, and providing high quality security solutions and services which enable improving the organization's overall risk posture.

The Senior Security Analyst in Attack Analysis will utilize their background in technology and incident response procedures to act as a subject matter expert in incident response.  As a senior security analyst on the Attack Analysis team you will use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.


Key responsibilities include:

  • You will be responsible for the execution of incident handling functions as well as direct response activities for security events/incidents
  • Correlate log data from multiple sources and develop "detect" to identify adversary behavior
  • Contribute to the maturity of cyber threat hunting framework within the team
  • Conduct host forensics, network, forensics, log analysis, and malware triage in support of security events/incidents
  • Recognize and organize attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.
  • Examine network topologies to understand how data flows through the network
  • Assist in the creation of processes/procedures, technical documentation, as well as completion of projects
  • Develop internal tools and automate processes/work flows in support of incident response
  • Work closely with security engineering to articulate and define requirements for new security products
  • Provide mentorship and training to junior security analysts and contribute to their career by developing challenges and exercises
  • Extensive experience working in a security role performing Security Analysis, Incident Response, Attack Analysis, or Computer Network Defense (CND) capacity in a in a large, mission-critical environment
  • In-depth knowledge of SIEM products and the ability to develop advanced correlation rules
  • Solid understanding network protocols and experience conducting packet analysis using appropriate tools (e.g. tcpdump, wireshark, tshark)
  • Programming experience in at least one of the following languages: Python, Perl, Powershell as well as an automation mindset
  • Comprehensive understanding of regular expressions
  • Previous experience working in an incident response position
  • Knowledge of intrusion detection methodologies (IDS/IPS) and techniques for detecting host and network-based intrusions via intrusion detection technologies
  • Experience with Malware / Reverse Engineering with ability to assist in Static and Dynamic Analysis
  • Familiarity with multiple operating systems (e.g., Windows, Unix, Mac)



  • Experience working as a penetration/red team tester with the ability to translate adversary behavior across multiple platforms (e.g., Windows, Unix, Mac) into identifiable patterns
  • Understanding of post exploitation frameworks (e.g. Powersploit/Empire, Veil) and ability to identify activity associated with their usage
  • Experience working with statistics to provide context and visual representation of data (e.g. R, numpy)
  • Previous experience working as part of a Computer Security Incident Response Team (CSIRT)
  • Familiarity with web application vulnerabilities and OWASP Top 10


The Global Attack Analysis team is a 24x7, follow-the-sun operation and as such, this person may be required to cover shift rotational days, weekends, and holidays.

J.P. Morgan is a place for talented people from all backgrounds and perspectives because our clients come from all backgrounds and perspectives. We encourage a culture of inclusion, where everyone's opinion counts and all employees have the freedom to deliver their absolute best. This is why we work hard and invest in attracting and developing a diverse workforce.  Learn more about our Business Resource Groups in how they help our employees build successful careers and reach their greatest potential.

Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Other Information

Apply Using LinkedIn

You can also apply using your LinkedIn® profile. It may save you some time because your information will be automatically transferred into our system. Just click on the LinkedIn logo when you get to the application screen and follow the directions.

Submit an Updated Résumé

During the application process, be sure you have an up-to-date copy of your Résumé, your cover letter and any other documentation you would like to submit.