Security Operations Vice President, SIEM Content Engineer
Singapore
JPMorgan Chase & Co.
As a Security Operations Vice President from the Cybersecurity Insider Threat Content Engineering team at JPMorgan Chase, you will contribute significantly to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. You will regularly collaborate with cross-functional teams to develop a coordinated approach to security, ensuring the integrity, confidentiality, and availability of sensitive data and systems.
You will apply advanced analytical, technical, and problem-solving skills to enable operational excellence and implement innovative solutions to address complex security challenges. By staying current with industry best practices, policies, and procedures, you will contribute to maintaining a secure digital environment and driving continuous improvement in the firm.
Job Responsibilities
- Execute and influence the design of comprehensive security strategies, policies, and procedures to enhance threat detection capabilities and protect the organization's digital assets and infrastructure from cybersecurity threats
- Monitor and analyze complex data and systems proactively to identify indicators of vulnerabilities and compromises, utilizing advanced tools and techniques to detect anomalies and contribute to the development of strategies for security investigation, threat mitigation, and incident response
- Use effective communication skills to present findings and solutions for existing and emerging insider threats to senior leaders and stakeholders.
- Evaluate and enhance the organization's security posture by staying current with industry trends, emerging threats, and regulatory requirements, driving innovation and process improvements.
- Contribute to a great team and a winning culture through sharing of expertise and supporting growth opportunities for junior members of the team.
Required qualifications, capabilities, and skills
- Formal training or certification on cybersecurity concepts and 5+ years applied experience in cybersecurity operations, network security with a focus on threat detection, incident response, and security infrastructure management
- Demonstrated expertise in multiple security domains, including network security, malware analysis, threat hunting, and security architecture and design, with proficiency in using Security Information and Event Management (SIEM) tools and advanced analytics techniques
- Advanced knowledge of network and infrastructure configuration/security, including experience in designing and implementing security solutions for on-prem, cloud, or hybrid environments
- Possess excellent grasp of the Splunk SPL language – significant expertise in the development of efficient and effective Splunk searches, macros, dashboards and other knowledge objects and integrations with Splunk. Proven ability to create powerful, reliable, and efficient interactive dashboards in Splunk
- Possess excellent analytical and problem-solving skills with the ability to translate complex technical concepts into practical solutions based on risk assessment and risk appetite
- Possess excellent command of cybersecurity organization practices, insider threats, data loss prevention concepts, security incident triage, operations risk management principles and processes, architectural requirements, emerging threats and vulnerabilities, and incident response methodologies
- Possess excellent verbal and written communication skills with the ability to communicate complex technical concepts, recommendations and solutions to senior leadership and key stakeholders
Preferred qualifications, capabilities, and skills
- Possess recognized industry certifications (such as CISSP, CISM, CISA, CCSP, CSX-S, CSX-E)
- Previous cybersecurity operations experience within a large multi-national financial services organization is preferred
- Experience with Security Orchestration, Automation and Response (SOAR), Endpoint Detection & Response (EDR) or other tools used for security monitoring, detection, and response
- Experience with agile methodology and the ability to work with at least one of the common frameworks with knowledge of tools like Confluence, JIRA and ServiceNow
- Knowledge of scripting skills such as Python, PowerShell, etc
- Possess a good understanding of national and international laws, regulations, policies, and ethics related to financial industry cybersecurity and foundational knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Automation CCSP CISA CISM CISSP Cloud Confluence EDR Forensics Incident response Jira Malware Monitoring Network security PowerShell Python Risk assessment Risk management Scripting SIEM SOAR Splunk Threat detection Vulnerabilities
Perks/benefits: Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.