Assessments & Exercises Vice President - Red Team Lead

Posted 2 Days Ago
Be an Early Applicant
Wilmington, DE
Hybrid
Financial Services
We’re one of the world’s biggest technology-driven companies
The Role
Contribute to leading-edge security and resilience efforts, enhancing cybersecurity or resiliency posture by identifying risks in people, processes, and technology. Manage and lead a team of technical Red Team operators, oversee adversary simulation engagements, design testing and simulations, evaluate controls, collaborate with cross-functional teams, and utilize threat intelligence for continuous improvement.
Summary Generated by Built In

Job Description
Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement.
As an Assessments & Exercises Vice President in the Cybersecurity and Tech Controls line of business, you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology. Design and deploy risk-driven tests and simulations (or manage a highly-skilled team that does) and inform analysis to clearly outline root-causes. In this role, you will evaluate preventative controls, incident response processes, and detection capabilities, and advise cross-functional teams on security strategy and risk management.
JPMC's Assurance Operations organization is looking to expand its Cybersecurity Red Team with a North America Lead position. The North America Lead is tasked with managing and providing critical support to the firm's internal team of highly skilled and qualified Red Team members who conduct advanced adversary emulation operations to replicate relevant cyber security threats targeting the firm. Your track record in leading advanced network exploitation operations, to include Red Team operations will lead you to excel. You will utilize your experience in Information Security , people management , written and oral communication , and project management . This position is anticipated to require the use of one or more High Risk Role (HRR) systems, which mandates successful completion of enhanced screening, including criminal and credit background checks, before starting employment and annually thereafter.
Job responsibilities

  • Manage and develop an effective team of technical Red Team operators, providing leadership, coaching, guidance, and performance evaluations. Ensure team members are effectively trained and equipped to operate safely in highly-sensitive environments.
  • Develop and implement comprehensive strategies to enhance the effectiveness of the Red Team program in alignment with team or organizational goals.
  • Oversee a diverse portfolio of adversary simulation engagements, ensuring each project is meticulously planned and executed. Coordinate with stakeholders to define objectives, scope, and deliverables for each engagement. Manage engagements to test and improve the organization's security defenses, and provide detailed reports and recommendations based on findings to enhance overall cybersecurity resilience
  • Design and execute testing and simulations - such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations, and contribute to the development and refinement of assessment methodologies, tools, and frameworks to ensure alignment with the firm's strategy and compliance with regulatory requirements
  • Evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation
  • Collaborate closely with cross-functional teams to develop comprehensive assessment reports - including detailed findings, risk assessments, and remediation recommendations - making data-driven decisions that encourage continuous improvement
  • Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm's assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics


Required qualifications, capabilities, and skills

  • 5+ years of experience in cybersecurity or resiliency, with demonstrated exceptional organizational skills to plan, design, and coordinate the development of offensive security testing, assessments, or simulation exercises
  • Proven ability with at least 2+ years of experience managing teams of technical staff, or ability to create long term strategic plans, and experience conducting process improvement based on operational lessons learned and threat intelligence inputs. Should have a strong understanding of networking fundamentals (all OSI layers, protocols), Windows/Linux/Unix/Mac operating systems, system and software vulnerabilities and exploitation techniques, and web application vulnerabilities and exploitation techniques
  • Technical knowledge or experience developing in house scripting, using interpreted languages such as Ruby, Python, or Perl, compiled languages such as C, C++, C#, or Java, and security tools or technology such as Firewalls, IDS/IPS, EDR, Web Proxies, DLP and the ability to articulate and visually present complex penetration testing and Red Team results
  • Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
  • Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
  • Expertise in Agile and can work with at least one of the common frameworks
  • BS/BA degree or equivalent
  • Knowledge of US financial services sector cybersecurity or resiliency organization practices, operations risk management processes, principles, regulations, threats, risks, and incident response methodologies
  • Ability to identify systemic security or resiliency issues as they relate to threats, vulnerabilities, or risks, with a focus on recommendations for enhancements or remediation, and proficiency in multiple security assessment methodologies (e.g., Open Worldwide Application Security Project (OWASP) Top Ten, National Institute of Standards and Technology (NIST) Cybersecurity Framework), offensive testing tools, or resiliency testing equivalents
  • Excellent communication, collaboration, and report writing skills, with the ability to influence and engage stakeholders across various functions and levels


Preferred qualifications, capabilities, and skills

  • Preferred qualifications include: Intelligence Community background, understanding of financial sector or other large security and IT infrastructures, and hold relevant industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Offensive Security (OSCP, OSEP, OSED, OSEE, OSCE), SANS (GPEN, GXPN, GWAPT), CREST/Tiger Scheme Certified Tester, and detailed knowledge of current international best practices in privacy and information security
  • Technical knowledge or experience developing in house scripting, using interpreted languages such as Ruby, Python, or Perl, compiled languages such as C, C++, C#, or Java, and security tools or technology such as Firewalls, IDS/IPS, EDR, Web Proxies, DLP and the ability to articulate and visually present complex penetration testing and Red Team results is highly desirablee want to meet you.


About Us
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set, and location. For those in eligible roles, we offer discretionary incentive compensation which may be awarded in recognition of firm performance and individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.

What the Team is Saying

Nick S.
Lupe C.
Edwin T.
Dawn T.
Meng M.
The Company
HQ: New York, NY
289,097 Employees
Hybrid Workplace
Year Founded: 1799

What We Do

JPMorgan Chase & Co. (NYSE: JPM) is a leading global financial services firm with assets of $3.7 trillion and operations worldwide. The firm is a leader in investment banking, financial services for consumers and small businesses, commercial banking, financial transaction processing, and asset management. A component of the Dow Jones Industrial Average, JPMorgan Chase & Co. serves millions of consumers in the United States and many of the world’s most prominent corporate, institutional and government clients under its J.P. Morgan and Chase brands.

Technology fuels every aspect of our company and is at the heart of everything we do. With over 50,000 technologists globally and an annual tech spend of $12 billion, we are dedicated to improving the design, analytics, development, coding, testing and application programming that goes into creating high quality software and new products.

Learn more about technology at our firm, explore resources from our Distinguished Engineers, AI & ML researchers, and other experts; access the latest episode of our TechTrends podcast, and more at www.jpmorgan.com/technology. Information about JPMorgan Chase & Co. is available at www.jpmorganchase.com.

©2023 JPMorgan Chase & Co. All rights reserved. JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans.

Why Work With Us

Our technologists work on a diverse range of solutions that include strategic technology initiatives, big data, mobile, electronic payments, machine learning, cybersecurity, enterprise cloud development, and other state-of-the-art technologies.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

JPMorganChase Teams

Team
Product + Tech
About our Teams

JPMorganChase Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
Company Office Image
HQNew York, NY
GB
SG
Bengaluru, Karnataka
Bournemouth, GB
Brooklyn, NY
Buenos Aires, Avaya
Chicago, IL
Dallas, TX
Dublin, IE
Houston, TX
Hyderabad, Telangana
London, GB
Mumbai, Maharashtra
Philadelphia, PA
San Francisco, CA
Tampa, FL
Westerville, OH
Wilmington, DE
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account