Digital Forensics & Incident Response (DFIR) Senior Associate - Senior Investigator

Job Description
Empower digital safety through forensic analysis in our cybersecurity team.
As aDigital Forensics Senior Associate in Cybersecurity & Tech Controls , you play a key role in protecting the firm's digital assets using your advanced analytical, technical, and problem-solving skills to collect, preserve, and analyze digital evidence. Working across lines of business, you help manage complex cybersecurity incidents by identifying gaps and making strategic recommendations. Your expertise in digital forensics, cybersecurity operations, and threat intelligence is vital to the firm's risk reduction efforts. Staying ahead of emerging technologies and engaging in forensic research and development projects, you contribute to maintaining a secure digital environment at JPMorgan Chase.
Job responsibilities

• Use digital forensic tools and techniques to gather, preserve, and analyze evidence from various sources to support internal employee investigations and cybersecurity incident response
• Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents
• Use host-based and network forensic capabilities to develop information regarding threat actor and malware IOCs and TTPs which in partnership with other cybersecurity operations teams can be used to pinpoint vulnerabilities, bolster security, and proactively mitigate potential risks
• Demonstrate strong written and verbal communication skills necessary to effectively interpret investigative requirements, provide technical guidance, and provide detailed documentation of analysis findings
• Develop and implement innovative forensic research and development projects to stay ahead of emerging technologies and enhance cybersecurity posture
• Define and execute procedures for identifying, managing, collecting, preserving, analyzing, and documenting findings
• Develop and implement digital-forensics and data-protection security solutions and standards, adhering to industry best practices

Required qualifications, capabilities, and skills

• Bachelor's Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
• 3+ years in digital forensics and incident response, or a similar cybersecurity operations role
• Working knowledge of digital forensic best practices and industry standard methodologies for investigating host-based and network analysis.
• Experience with investigating data compromise events, networking protocols and packet analysis, and working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT, Cellebrite, etc.)
• A proven track record in live digital forensics, log-file analysis and network forensics
• Ability to work independently and/or with a team to conduct forensic examinations
• Strong attention to detail in conducting forensic analysis combined with an ability to articulate and visually present complex forensic investigation and analysis results
• Demonstrated proficiency in scripting languages like Python, Bash, JavaScript, or PowerShell for automation and data analysis

Preferred qualifications, capabilities, and skills

• Hands-on experience with public cloud digital forensics and incident response
• Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc.)
• Industry standard information security technology certifications (GCIH, GREM, etc.)

About Us
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
About the Team
The Cybersecurity & Technology Controls group at JPMorganChase aligns the firm's cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group's number one priority is to enable the business by keeping the firm safe, stable and resilient.
High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.