Description The Acquisition Cybersecurity Team (ACT) detects, analyzes, and responds to potential and actual cyber threats to JPMorgan Chase’s acquisitions. The team also conducts vulnerability management and incident response-related activities and creates and disseminates intelligence. As a member of ACT, you will have access to industry-leading cybersecurity products, and each acquisition’s unique environment will challenge you in new and interesting ways. A strong technical foundation and investigative mindset are essential and the ability to think outside of the box is strongly encouraged. As an Acquisition Security Operations Center Analyst, you will be part of a global team that monitors and acts as the first line of defense against cyber threats to the firm’s acquisitions. You will monitor alerts, investigate incidents, hunt for threats, analyze files, investigate and remediate knowledge gaps, and help the team grow. Finally, as part of our efforts to ensure that security measures across acquisitions are consistent with JPMorgan Chase’s standards, you will have the opportunity to present risks posed by gaps in security measures to senior leaders and other stakeholders. Required qualifications include At least three years of relevant cybersecurity operations, security system operations management, or related experience. Strong logical and analytical thinking skills. The ability to navigate unfamiliar environments to derive answers. Knowledge of network fundamentals. Knowledge of Windows and/or Linux operating systems (OS) and the ability to detect signs of compromise in these systems. Understanding how adversaries compromise networks including phishing, port-scanning, web application, distributed denial-of-service (DDoS) attacks, and lateral movement. Demonstrated knowledge of log, PCAP, and file analysis methods. Ability to extract indicators of compromise (IOCs), report findings, and implement mitigatory measures. A structured, analytical approach to investigating alerts and IOCs. Good communication skills The ability to present potential risks and actual findings to a wide audience. The ability to collaborate with other cybersecurity teams including Digital Forensics, Threat Intelligence, Penetration Testing, Vulnerability Management, and Purple Teaming. Willing to work a shift pattern Preferred qualifications include Knowledge of a range of cybersecurity tools. Experience with Extended Detection & Response (XDR) tools. Experience with crafting regular expressions (regex). Experience reviewing vulnerabilities and the effectiveness of the mitigatory measures. A basic understanding of cloud architecture and an understanding of how attackers leverage these platforms. Knowledge of scripting languages like Python, PowerShell, and JavaScript and understanding how scripting languages are used in a cybersecurity context. The ability to manage fluctuating workloads and conflicting priorities.