J.P. Morgan’s Malware Analysis and Applied Discovery (MAAD) team is a highly technical team specializing in analyzing malware targeting the firm and organizations around the world, while expanding the firm’s cyber monitoring capabilities into new and exciting areas
This role is a greenfield opportunity to help address one of the most challenging cyber problems impacting the Cybersecurity industry today – securing the software supply chain. You’ll spend a majority of your time conducting application assessments – not traditional malware analysis – identifying and reducing cybersecurity risk by conducting detailed and thorough reviews of software applications, their supporting infrastructure and processes. You’ll also be helping to design, develop, and build the related processes and innovative capabilities to perform this important work, with mentoring provided by senior members of our team.
Key Responsibilities:
• Help defend the Firm against software supply chain attacks
• Make recommendations on how to detect, prevent and respond to identified risk in applications used by the Firm
• Conduct static and dynamic analysis of software, binaries, components and related network traffic and design elements to identify cybersecurity risks such as malicious code or functionality, malware and other vulnerabilities or security issues
• Perform threat and impact assessments through static and dynamic analysis, vulnerability research, code audit, black box testing and reverse engineering
• Perform security assessments to identify authentication or authorization problems in applications/systems/services and demonstrate how they could be abused or otherwise pose a potential cybersecurity threat
• Create processes and templates to effectively analyze large-scale applications
• Build tooling and lab environments to serve as analysis aids
• Overcome different types of obfuscation, encoding, and encryption
• Develop scripts to enhance analysis efforts
• Prototype new tools and techniques
• Write signatures to identify applications, malware families, network traffic and noteworthy code sequences
• Research threats, vulnerabilities, and exploits to enhance monitoring and detection capabilities
• Partner with the Incident Response (IR) teams to understand incidents and support technical analysis of malicious cyber events
• Document and present findings in technical reports
• Communicate effectively with business representatives, technology specialists, and vendors
Desired Qualifications and Experience
• Bachelor's Degree in Computer Science, Cybersecurity or related field
• Minimum 5 years of relevant work experience in Cybersecurity
• Experience in reverse engineering software and the tools used in the field (i.e. debuggers, disassemblers, etc.)
• Basic coding (scripting) experience (i.e. Python, C, JavaScript, VBScript, etc.)
• Experience with Cloud platforms (i.e. AWS, Azure, etc.) and Virtualization technologies (i.e VMWare)
• Familiarity with network architecture concepts and deploying large-scale applications in an enterprise environment
• As this is a hands on role we'd expect that candidates would have used at least some of the following tools: SIEM, SOAR, OSINT, IDA Pro, Ghidra, Wireshark, Jupyter, SQL, YARA, AWS Lambda
• Foundational understanding of Forensics, Log Analysis, Incident Response and/or Threat and Fraud Intelligence
• Knowledge in Operating Systems (i.e. Windows, Linux, Mac, Mobile), processor architectures (i.e. x86, x64), and computer networking
• Strong written and verbal communication skills; ability to understand complex problems while formally presenting them simplistically
• A firm belief in doing what's right and following ethical practices
• Experience in developing both tactical and strategic tools and capabilities
• Capable of building analysis processes, templates, and documentation
• Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors.
Our team is a component of JPMC’s Cybersecurity Intelligence Group (CIG) which holds the global mandate for JPMC's cyber intelligence collection, analysis, and dissemination of finished products to the firm's Cybersecurity & Technology Controls teams, lines of business, and overall executive decision makers. CIG is also responsible for tracking threats and incidents involving the firm's third-party suppliers, subsidiaries, and key clients to address events such as intrusions, malware, DDoS, unauthorized access, insider attacks, and loss of proprietary information. This includes developing a deep understanding of global threat actors and their tactics, techniques, and procedures employed during cyberattacks. CIG also plays an integral role in the alerting, response, and mitigation of incidents at JPMC and works closely with other internal teams and external partners to mitigate risk to the firm.
To apply for this position, please use the following URL:
https://ars2.equest.com/?response_id=27309c771995eb1afea6fe280dc0c5d9
