Singapore
35 days ago
Security Operations Vice President, SIEM Content Engineer

The job description is for a Security Operations Vice President within the Cybersecurity Insider Threat Content Engineering team at JPMorgan Chase. The role involves protecting the organization's digital assets and infrastructure, detecting and responding to threats, vulnerabilities, and security incidents, and collaborating with cross-functional teams to develop a unified approach to security. The candidate will need advanced analytical, technical, and problem-solving skills to promote operational excellence and devise innovative solutions to complex security challenges. They will also need to stay updated with industry best practices, policies, and procedures to maintain a secure digital environment and foster continuous improvement.

Job Responsibilities

Execute and influence the design of comprehensive security strategies, policies, and procedures to enhance threat detection capabilities and protect the organization's digital assets and infrastructure from cybersecurity threats Monitor and analyze complex data and systems proactively to identify indicators of vulnerabilities and compromises, utilizing advanced tools and techniques to detect anomalies and contribute to the development of strategies for security investigation, threat mitigation, and incident response Use effective communication skills to present findings and solutions for existing and emerging insider threats to senior leaders and stakeholders. Evaluate and enhance the organization's security posture by staying current with industry trends, emerging threats, and regulatory requirements, driving innovation and process improvements. Contribute to a great team and a winning culture through sharing of expertise and supporting growth opportunities for junior members of the team.

Required qualifications, capabilities, and skills

Formal training or certification on cybersecurity concepts and 5+ years applied experience in cybersecurity operations, network security with a focus on threat detection, incident response, and security infrastructure management Bachelor's Degree in Computer Science or equivalent Demonstrated expertise in multiple security domains, including network security, malware analysis, threat hunting, and security architecture and design, with proficiency in using Security Information and Event Management (SIEM) tools and advanced analytics techniques Advanced knowledge of network and infrastructure configuration/security, including experience in designing and implementing security solutions for on-prem, cloud, or hybrid environments Possess excellent grasp of the Splunk SPL language – significant expertise in the development of efficient and effective Splunk searches, macros, dashboards and other knowledge objects and integrations with Splunk. Proven ability to create powerful, reliable, and efficient interactive dashboards in Splunk Possess excellent analytical and problem-solving skills with the ability to translate complex technical concepts into practical solutions based on risk assessment and risk appetite Possess excellent command of cybersecurity organization practices, insider threats, data loss prevention concepts, security incident triage, operations risk management principles and processes, architectural requirements, emerging threats and vulnerabilities, and incident response methodologies Possess excellent verbal and written communication skills with the ability to communicate complex technical concepts, recommendations and solutions to senior leadership and key stakeholders

Preferred qualifications, capabilities, and skills

Possess recognized industry certifications (such as CISSP, CISM, CISA, CCSP, CSX-S, CSX-E)  Previous cybersecurity operations experience within a large multi-national financial services organization is preferred Experience with Security Orchestration, Automation and Response (SOAR), Endpoint Detection & Response (EDR) or other tools used for security monitoring, detection, and response Experience with agile methodology and the ability to work with at least one of the common frameworks with knowledge of tools like Confluence, JIRA and ServiceNow Knowledge of scripting skills such as Python, PowerShell, etc Possess a good understanding of national and international laws, regulations, policies, and ethics related to financial industry cybersecurity and foundational knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing
Confirm your E-mail: Send Email