Security Operations Vice President - Vulnerability Management

JPMorgan Chase JPMorgan Chase · Banking · Plano, TX +1 · Corporate Sector

This role focuses on managing security vulnerabilities within JPMorgan Chase's infrastructure. While it involves using AI capabilities to enhance security operations, the core function is not building AI models but rather applying AI tools to improve existing security processes like vulnerability triage and incident reporting. The role requires a strong understanding of cybersecurity, vulnerability management, and incident response, with an emphasis on risk assessment and mitigation.

What you'd actually do

  1. Review new vulnerabilities published from multiple sources and identify those that may pose risk to the firm.
  2. Define an accurate risk rating in line with proprietary and industry standard risk rating methodologies. Document impacted assets and/or application(s) providing a detailed write up on the risk and exposure posed by vulnerabilities.
  3. Assess threat actor intelligence, exploit code, and/or conceptual code to determine attack vectors. Recommend any risk mitigation factors and define the remediation activity if known.
  4. Assess security researcher identified vulnerabilities to provide recommendations on remediation and identify additional risk
  5. Drive the global teams’ daily workflow, undertaking daily case-load analysis and prioritization. Represent the global team and be the technical lead on major incidents impacting the Vulnerability Management space.

Skills

Required

  • Cyber Operations/Vulnerability Management
  • Vulnerability Management workflow (CVE, CPE, CVSS)
  • Incident Management and/or cyber incident response
  • Cross-team alignment
  • Stakeholder communications
  • Cyber Security Controls
  • Cloud and Public/Private Cloud environments
  • Deductive reasoning
  • Multi-tasking
  • Critical thinking
  • Problem solving
  • Prioritization skills
  • Cyber vulnerability detection and scanning tools
  • SQL
  • JSON
  • APIs
  • Splunk
  • Agile
  • Jira
  • Enterprise-authorized AI capabilities
  • Validation habits
  • Data sensitivity awareness

Nice to have

  • Formal Training or certification
  • Experience with Agile
  • Experience working to manage remediation actions via an active backlog and Jira
  • Vulnerability Research and Exploit Development
  • Capture the flag challenges
  • Frontier AI models
  • AI assisted vulnerability research

What the JD emphasized

  • 5+ years’ experience in a Cyber Operations/Vulnerability Management role with a strong knowledge of operational processes supporting Vulnerability Management and the wider Security Operations Center; with the ability to demonstrate comprehension of the end-to-end Vulnerability Management workflow (to include industry standards such as CVE, CPE, CVSS).
  • Demonstrated experience coordinating Incident Management and/or cyber incident response, including cross-team alignment and clear stakeholder communications.
  • Strong and broad understanding of Cyber Security Controls (Physical, Logical, Processes and Procedures).
  • Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security operations workflows with strong validation habits and awareness of data sensitivity
  • Ability to review and validate AI-assisted investigation findings and recommendations before implementation, escalating when uncertain and ensuring outcomes align to security and auditability expectations.