Security Operations Associate - Data Loss Prevention (DLP)

Join our cybersecurity team, implementing innovative strategies and tools to protect sensitive data and maintain a secure digital environment.

As a Security Operations Associate in Cybersecurity Technology & Controls at JP Morgan Chase, you will contribute to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. Leveraging your in-depth understanding of security principles and practices, you will exercise initiative and judgment to resolve cybersecurity-related problems and contribute to the improvement of current working methods. Collaborating with cross-functional teams, you will develop a coordinated approach to cybersecurity and educate employees on best practices, policies, and procedures. Your work will have a direct impact on the integrity, confidentiality, and availability of sensitive data and systems within the department, ensuring a secure digital environment for JPMorgan Chase.

Working in cybersecurity takes passion for technology, speed, a desire to learn, and vigilance in order to keep every asset safe. You’ll be on the front lines of innovation, working with a highly motivated team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. Your research and work will ensure stability, capacity, and resiliency of our products. Working with your internal team, as well as technologists and innovators across our global network, your ability to identify threats, provide intelligent analysis, and positive actions will stop crimes and strengthen our data.

Data Loss Prevention (DLP) Triage Analysts perform many functions in support of data security at the firm. They review prioritized alerts generated by monitoring systems, perform an initial investigation and determine if the associated activity requires further investigation by Global Security, assist in technology and process improvement efforts, work with the content development team to refine detection and prioritization capabilities, analyze trends and patterns in DLP activity and work with stakeholders to reduce the risk of data loss across all lines of business. 

Job responsibilities

• Conduct security investigations, log analysis, threat hunting, and vulnerability impact assessment to proactively identify and mitigate potential risks, vulnerabilities, and security breaches
• Utilize security tools and technologies, such as Security Information and Event Management (SIEM), intrusion detection systems, endpoint detection, and malware analysis, to enhance threat detection and response capabilities
• Collaborate with cross-functional teams to implement coordinated security strategies, policies, and procedures
• Contribute to continuous improvement of security operations processes and methodologies, proposing enhancements to threat detection and response playbooks and contributing to the overall security posture of the organization

Required qualifications, capabilities, and skills

• Obtain 2+ years of experience in cybersecurity operations, network security, or a related field
• Bachelor’s degree in Computer Science, Information Systems or related field
• Min. 3 years of relevant experience
• Investigative mindset and the ability to follow data and build a case
• Foundational knowledge of cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering and threats and vulnerabilities, including incident response methodologies
• Ability to collaborate with high-performing Agile teams and individuals throughout the firm to accomplish goals
• Proficiency in the use of Splunk, staying current with skills, participating in multiple forums related to cybersecurity, Data Loss Prevention or Insider Threat

Preferred qualifications, capabilities, and skills

• Knowledge of Data Loss Prevention (DLP), potentially including experience developing risk-aligned DLP monitoring rules, knowledge of DLP systems and products or experience on a security assurance operations team performing DLP triage operations functions
• Experience reviewing logs, developing Splunk queries and dashboards, automating manual tasks is a plus
• Foundational knowledge of: computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing is preferable 
• Ability to analyze vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence
• Foundational knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design is preferable
• Knowledge and experience related to Insider Threat monitoring and operations is a plus