What you'd actually do

Engineer automations and operations toward identifying vulnerability and exploitation probability both internal and external to the firm

Uses enterprise-authorized AI capabilities within the work environment to accelerate threat research synthesis and risk assessment documentation, validating outputs and handling data according to sensitivity and security requirements.

Support incident response with internal partners and external suppliers to minimize risk to firm assets

Provide remediation guidance and qualify exploitability to close the loop on active cyber campaigns

Partner to raise awareness and drive improvements in third-party controls using cyber incident information and threat intelligence

Skills

Required

Formal training or certification on cyber intelligence concepts and 3+ years applied experience
Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support threat intelligence and security research workflows with strong validation habits and awareness of data sensitivity.
Ability to review and validate AI-assisted intelligence findings and risk recommendations before use, escalating when uncertain and following security and data handling requirements.
Ability to develop Python scripts and applications for large-scale operations, automations
Ability to both populate / retrieve large quantities of multivariate data to / from databases, S3 buckets, Excel spreadsheets for analysis
Ability to design complex AWS architectures and build out infrastructure with attention to sensitive security considerations
Ability to interface efficiently with GraphQL and RESTful APIs
Understanding of key cybersecurity principles that mitigate common threat actor techniques, including email, network, endpoint, monitoring, vulnerability management, and identity and access management
Ability to collaborate and navigate internal and external boundaries to develop improvement plans and recommended mitigations
Ability to clearly translate and communicate cyber risk through written, verbal, and presentation formats to a variety of stakeholders across cybersecurity, technology, and business functions

Nice to have

Background in software engineering, product security, incident response, or technology and cyber audit
Understanding of AI and machine learning models and their integration within software solutions, including guardrail applications
Proficiency with shellcode, bash, or C for vulnerability exploit comprehension and React-octagon UI experience
Familiarity with data handling, visualization, and analysis tools for security reporting purposes
Understanding of industry risk frameworks such as ISO 27001, the NIST Cybersecurity Framework, and the MITRE ATT&CK framework

Other signals

Uses enterprise-authorized AI capabilities within the work environment to accelerate threat research synthesis and risk assessment documentation

Applies reuse-first, AI-assisted approaches to improve automation in threat detection and analysis workflows

Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support threat intelligence and security research workflows

Join our elite Cyber Intelligence team and be at the forefront of innovative security strategies. In this dynamic role, you'll harness cutting-edge technology and intelligence to protect our digital landscape, making a real-world impact on global cybersecurity. Your expertise will shape the future of secure digital operations, safeguarding critical assets and fortifying our cyber defenses.

As a Cyber Intelligence Senior Associate at JPMorganChase within Supplier Emerging Threats and Vulnerabilities in Cybersecurity Technology and Controls, you will be an integral member of the organization that safeguards the firm's digital assets and infrastructure from cyber threats. Utilizing your extensive knowledge of cybersecurity, you will proactively identify and assess global and industry-specific attack vectors, emerging trends, and potential risks. Your expertise in threat assessment, intelligence analysis, and security research are vital for providing insights and recommendations to enhance the firm's security posture and protect its clients. By collaborating with cross-functional teams and deeply analyzing the threat landscape, your insights will inform and shape JPMorganChase's cybersecurity strategy.

Job responsibilities

Engineer automations and operations toward identifying vulnerability and exploitation probability both internal and external to the firm
Uses enterprise-authorized AI capabilities within the work environment to accelerate threat research synthesis and risk assessment documentation, validating outputs and handling data according to sensitivity and security requirements.
Support incident response with internal partners and external suppliers to minimize risk to firm assets
Provide remediation guidance and qualify exploitability to close the loop on active cyber campaigns
Partner to raise awareness and drive improvements in third-party controls using cyber incident information and threat intelligence
Participate in analysis to identify trends and common issues in supplier cybersecurity posture
Support development of third-party supplier cyber risk and resiliency metrics
Applies reuse-first, AI-assisted approaches to improve automation in threat detection and analysis workflows, ensuring outputs are validated and aligned to security expectations.
Develop and deliver timely communications to business, technology, and third-party supplier groups.

Required qualifications, capabilities, and skills

Formal training or certification on cyber intelligence concepts and 3+ years applied experience
Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support threat intelligence and security research workflows with strong validation habits and awareness of data sensitivity.
Ability to review and validate AI-assisted intelligence findings and risk recommendations before use, escalating when uncertain and following security and data handling requirements.
Ability to develop Python scripts and applications for large-scale operations, automations
Ability to both populate / retrieve large quantities of multivariate data to / from databases, S3 buckets, Excel spreadsheets for analysis
Ability to design complex AWS architectures and build out infrastructure with attention to sensitive security considerations
Ability to interface efficiently with GraphQL and RESTful APIs
Understanding of key cybersecurity principles that mitigate common threat actor techniques, including email, network, endpoint, monitoring, vulnerability management, and identity and access management
Ability to collaborate and navigate internal and external boundaries to develop improvement plans and recommended mitigations
Ability to clearly translate and communicate cyber risk through written, verbal, and presentation formats to a variety of stakeholders across cybersecurity, technology, and business functions

Preferred qualifications, capabilities, and skills

Background in software engineering, product security, incident response, or technology and cyber audit
Understanding of AI and machine learning models and their integration within software solutions, including guardrail applications
Proficiency with shellcode, bash, or C for vulnerability exploit comprehension and React-octagon UI experience
Familiarity with data handling, visualization, and analysis tools for security reporting purposes
Understanding of industry risk frameworks such as ISO 27001, the NIST Cybersecurity Framework, and the MITRE ATT&CK framework

#CTC