Apply Now    

Cyber Intrusions Forensics Lead

Req #: 170085087_3
Location: Westerville, OH, US
Job Category: Technology
Job Description:

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $2.5 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small business, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world's most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands. Information about JPMorgan Chase & Co. is available at http://www.jpmorganchase.com/.

 

 

Job Summary:

 

The Intrusions Forensics Lead will be required to conduct complex digital forensic analysis involving breaches of critical IT infrastructure, tier 4 and critical forensic investigations, high impact legal and privacy issues requiring digital investigations, and high profile network forensic investigations. The successful candidate will have a proven track record of independently handling large scale, complex post-incident investigations, where techniques such as advanced network forensics, log analysis, timeline creation, and host-based forensics have been applied.

 

Responsibilities:

  • Demonstrating a deep understanding of digital forensic skills, techniques and tools necessary you will conduct live forensics on critical systems, and produce detailed analysis of the root cause of any incidents.

  • Use host-based and network forensic capabilities to develop information regarding Indicators of Compromise (IOC) and Tactics, Techniques & Procedures (TTPs) for threat actors and malware, which can be shared amongst other internal teams.

  • Leverage practical experience to develop methodologies for proactive hunting of threat actors in the absence of alerting or rules-based appliances.

  • Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents.

  • Develop processes and techniques for forensic analysis of emerging architecture in support of critical investigations.

  • Assist with the development of in-house training programs to ensure world class high-tech investigation standards.

Key Skills & Experience:

 

Essential:

  • 5 + years of experience working in the computer forensics, cybercrime investigation and other related fields.
  • Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools.
  • Proficient in performing live forensics acquisition/analysis, memory forensics log-file analysis, network forensics and using forensic techniques to perform malware analysis.
  • Proficient with investigating large data compromise events as well as online banking fraud.
  • Knowledge of networking protocols and packet analysis.
  • Knowledge of computer forensic best practices and industry standard methodologies for investigating network threats.
  • Experience working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT etc.).
  • Able to articulate and visually present complex forensic investigation and analysis results equally effectively to both industry professionals and internal business partners.
  • Mastery of concepts in at least two of the following domains: NTFS file system forensics, memory forensics, Linux forensics, scripting, cloud computing technologies, networking and network security.
Desirable:
  • Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc) are a plus.
  • Industry standard information security technology certifications (GCIH, GREM, etc) are a plus.
  • Memberships and participation in relevant professional associations.
  • Ability to automate tasks using a scripting language (Python, Perl, Ruby, etc.)
  • Experience with public or private cloud technologies

 

J.P. Morgan is a place for talented people from all backgrounds and perspectives because our clients come from all backgrounds and perspectives. We encourage a culture of inclusion, where everyone's opinion counts and all employees have the freedom to deliver their absolute best. This is why we work hard and invest in attracting and developing a diverse workforce.  Learn more about our Business Resource Groups in how they help our employees build successful careers and reach their greatest potential.
Apply Now    

Join our Talent Community

Not ready to apply? Leave your information with us and we will keep you up to date with new career opportunities.

Other Information

Apply Using LinkedIn

You can also apply using your LinkedIn® profile. It may save you some time because your information will be automatically transferred into our system. Just click on the LinkedIn logo when you get to the application screen and follow the directions.

Submit an Updated Résumé

During the application process, be sure you have an up-to-date copy of your Résumé, your cover letter and any other documentation you would like to submit.