Vulnerability Management, Security Operations Vice President

Job Description
Embrace the challenge of maintaining robust digital security, driving operational excellence, and implementing cutting-edge solutions in cybersecurity.
As a Security Operations Vice President in Cybersecurity & Tech Controls, you will contribute significantly to safeguarding the organization's digital assets and infrastructure by proactively detecting, assessing, and responding to threats, vulnerabilities, and security incidents. You will be on the front lines of managing vulnerabilities by making critical decisions on the inherent risk to the infrastructure or the application itself and thus the risk to the firm clients & customers. You will be working with a highly motivated team laser-focused on analyzing, scoping, developing, and delivering solutions built to stop adversaries and strengthen our security posture. Your research and work will ensure stability and resiliency of our current technology products, emerging technology, and our vast application estate. Working in tandem with various internal teams both in Cyber and various Line of Business partners, as well as technologists and innovators across our global network, by leading the positive actions that will stop adversaries and strengthen customer's confidence. .
Job responsibilities

• Review new vulnerabilities published from multiple sources and identify those that may pose risk to the firm.
• Define an accurate risk rating in line with proprietary and industry standard risk rating methodologies.
• Identify the impacted assets and/or application(s) at risk.
• Document the vulnerability providing a detailed write-up on the risk and exposure.
• Confirm any risk mitigation factors and define the remediation activity if known.
• Assess exploit code and/or conceptual code to determine attack vectors.
• Recommend any risk mitigation factors and define the remediation activity if known.
• Assess security researcher identified vulnerabilities to provide recommendations on remediation and identify additional risk.
• Drive the global teams' daily workflow, undertaking daily case-load analysis and prioritization.
• Represent the global team and be the technical lead on major incidents impacting the Vulnerability Management space.

Required qualifications, capabilities, and skills

• Bachelor's Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
• 5+ years' experience in a Cyber Operations/Vulnerability Management role with a strong knowledge of operational processes supporting Vulnerability Management and the wider SOC; with the ability to demonstrate comprehension of the end-to-end Vulnerability Management workflow (to include industry standards such as CVE, CPE, CVSS).
• Proven experience in vulnerability assessment and exploitation.
• Strong knowledge of security protocols, encryption, and network architecture.
• Familiarity with ethical hacking practices and penetration testing methodologies.
• Proven experience in command & control practices like Incident Management and/or Cyber incident response methodologies.
• Strong and broad understanding of Cyber Security Controls (Physical, Logical, Processes and Procedures)
• Strong and broad understanding of leading vendor products/applications e.g., Oracle [Java], VMWare, F5, Citrix, Microsoft; to include product lifecycle & release schedules.
• Strong and broad understanding of open-source software deployment in a large technology estate.
• Strong understanding of Cloud and Public/Private Cloud environments.
• Demonstrate prior experience in managing 24x7 operations.

Preferred qualifications, capabilities, and skills

• Experience with Agile and experience working to manage remediation actions via an active backlog and Jira an advantage.
• Familiarity with Cyber scanning tools including Qualys, Snyk, CrowdStrike, and other tools is an advantage.
• Experience of working with data sources via SQL, JSON, APIs and Splunk will be highly beneficial.

About Us
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.