Job description
JPMC’s Malware Analysis and Applied Discovery (MAAD) team is a highly technical team specializing in analyzing malware targeting the firm and organizations around the world, while expanding the firm's cyber monitoring capabilities into new and exciting areas. We’re looking for a self-motivated junior analyst with an insatiable curiosity towards all things Cyber to join our team. You’ll spend a majority of your time designing, developing, and building innovative capabilities, while also hunting threats, investigating anomalies, and analyzing malware, with mentoring provided by senior members of our team.
Key Responsibilities:
- Automating and innovating everywhere
- Developing scripts to gather and analyze intelligence data
- Integrating new datasets into existing analysis platforms
- Prototyping new tools and techniques
- Hunting for novel samples and indicators of compromise (IOCs)
- Performing technical analysis of cyberattack tactics, techniques, and procedures (TTPs)
- Conducting malware analysis of suspicious code
- Creating and investigating alerts into anomalous activity
- Developing signatures to identify malware families and other noteworthy code sequences
- Researching threats, vulnerabilities, and exploits to enhance monitoring and detection capabilities
- Partnering with the Incident Response (IR) teams to understand incidents and support technical analysis of malicious cyber events
- Documenting and presenting findings in technical reports
- Communicating effectively with business representatives, technology specialists, and vendors
- ==QMgU2ZhR3cgQWZ0VGbw12bjBSdvlHIyVGdpVncjVmcgUGa0BCbsVGV
- =IzMwITN2cjNxYDN3MzNwIDN2UjN0cTN2MmNwcDZ2YmNzYDMyUzNmZTO3AjMycTN2QzN5YTN3IzNzYTN2IzNwITN2gjN0cDMyMmNjZTN2QTN
- Q0FMR19SQzQgIktlZXAgZ29pbmcuLi4i
- 802468e99cea9ff353e2c7be22515fbcc0f2a0ad3ea1690b48ba6f3fa9e8fdc1855628d6d941488dfdcb
Desired Qualifications
- An insatiable technical curiosity towards all things Cyber and an appetite to expand your skillset
- Basic coding (scripting) experience (i.e. Python, C, JavaScript, VBScript, etc.)
- Familiarity with Cloud platforms (i.e. AWS, Azure, etc.) and Virtualization technologies (i.e VMWare)
- Experience with some of the following: SIEM, SOAR, OSINT, IDA Pro, Ghidra, Wireshark, Jupyter, SQL, YARA, AWS Lambda
- A firm belief in doing what's right and following ethical practices
- Foundational understanding of Forensics, Log Analysis, Incident Response and / or Threat and Fraud Intelligence
- Knowledge in Operating Systems (i.e. Windows, Linux, Mac, Mobile), processor architectures (i.e. x86, x64), and computer networking
- Strong written and verbal communication skills; ability to understand complex problems while formally presenting them simplistically
- Ability to coordinate, work with, and gain the trust of business stakeholders, technical resources, and third-party vendors.
- Bachelor's Degree in Computer Science or related field or equivalent experience
Our team is a component of JPMC’s Cybersecurity Intelligence Group (CIG) which holds the global mandate for JPMC's cyber intelligence collection, analysis, and dissemination of finished products to the firm's Cybersecurity & Technology Controls teams, lines of business, and overall executive decision makers. CIG is also responsible for tracking threats and incidents involving the firm's third-party suppliers, subsidiaries, and key clients to address events such as intrusions, malware, DDoS, unauthorized access, insider attacks, and loss of proprietary information. This includes developing a deep understanding of global threat actors and their tactics, techniques, and procedures employed during cyberattacks. CIG also plays an integral role in the alerting, response, and mitigation of incidents at JPMC and works closely with other internal teams and external partners to mitigate risk to the firm.
ABOUT USJ.P. Morgan is a global leader in financial services, providing strategic advice and products to the world’s most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.
ABOUT THE TEAM
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.