Vulnerability Management Response Analyst
JPMorgan Chase & Co
Singapore, Singapore
2d ago

Working in cybersecurity takes passion for technology, speed, a desire to learn, and vigilance in order to keep every asset safe.

You’ll be on the front lines of innovation, working with a highly motivated team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations.

Your research and work will ensure stability, capacity, and resiliency of our products. Working with your internal team, as well as technologists and innovators across our global network, your ability to identify threats, provide intelligent analysis, and positive actions will stop crimes and strengthen our data.

The Cybersecurity Vulnerability Management Response Team is responsible for the initial vulnerability assessment, impact analysis firm wide, risk assessment for the firm, coordination & communication of critical vulnerabilities identified as impacting JPMorgan Chase applications and / or infrastructure components.

This function is performed globally and at the scale of which JPMC operates by coordinating a response that could be firm wide or application specific.

The response team’s actions are driven based on the criticality of the vulnerability by balancing risk and the ability for our Line of Business partner to service their clients and customers globally.

As a Vulnerability Management Response Analyst, you will work directly with all Line of Business App Teams, Subject matter experts, Production Management Teams, Product Owners, Senior Technology Management, and Risk and Control functions on :

  • Defining each new vulnerability
  • Work to define a CVSS score and initial risk to the firm
  • Identifying the list of assets and / or application(s) at risk
  • Document the vulnerability
  • Provide a detailed write up on the risk and exposure
  • Define the remediation activity if known
  • Define the final firm wide vulnerability rating
  • The candidate will also need to learn to use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening, which includes both criminal and credit background checks, and / or other enhanced screening at the time of accepting the position and on an annual basis thereafter.

    The enhanced screening will need to be successfully completed prior to commencing employment or assignment.

    This role requires a wide variety of strengths and capabilities, including :

  • BS / BA degree or equivalent experience
  • Minimum of 2-4 years’ experience in a Cyber Vulnerability Management role with knowledge of operation practices supporting Vulnerability Management
  • Minimum of 3 years’ experience of risk management processes with the ability to demonstrable comprehension of end to end Vulnerability Management workflow to include industry standards such as CVE, CPE, CVSS
  • Minimum of 5 years’ experience in command & control practices like Incident Management and / or Cyber incident response methodologies
  • Familiarity with Cyber scanning tools including Qualys, BlackDuck, Snyk, and Tanium
  • Knowledge or experience with Splunk, WireShark, Excel, and SQL
  • Python development skillset with the ability to quickly understand a problem or use case and efficiently develop solutions taking a structured approach including Python coding, debugging, data structures, libraries, frameworks, and release packaging
  • Experience of databases, ORM, SQL, APIs and Splunk will be highly beneficial
  • Experience with Agile and experience working to manage remediation actions via an active backlog & Jira
  • Sound awareness of leading vendor products / applications from Oracle Java , Adobe and Microsoft to include product lifecycle & release schedules
  • Strong deductive reasoning, multi-tasking, critical thinking, problem solving, and prioritization skills
  • Previous 24 x 7 operations experience
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form