Technology Support III, Incident Management & Response (IMR)

Job Description
Propel operational success with your expertise in technology support and a commitment to continuous improvement.
As a Technology Support III team member in Cybersecurity & Tech Controls, you will fit into a Global team providing 24/7 Incident Management and Response support, acting as the frontline defense for attacks against the firms' infrastructure. You will be responsible for the execution of the Firm-wide Cybersecurity Incident Management Playbook designed to provide a set of steps to orchestrate a framework of actions to be considered during the lifecycle of a Cybersecurity event, in effort to prevent impact, or during an impacting Cybersecurity incident. The process executes against the firmwide Technology incident Management Standards and leverages ITIL best practices to govern remediation and safeguard failures. The team also covers internal and external engagements with our LOB partners including regulatory, compliance, privacy and/or media communications. Our incidents are categorized: technical outages (e.g. hardware failures, code/configuration issues, DB corruption, access issues, etc.); and cybersecurity events (e.g. malware, credential high jacking, zero-day vulnerabilities.
Job responsibilities

• Serve as a key member of the Cybersecurity & Technology Controls (CTC) Incident Management & Response (IMR) team within the Global Incident Command Center (GICC), providing 24/7 support for incident management and response.
• Execute the Firm-wide Cybersecurity Incident Management Playbook to orchestrate actions during the lifecycle of cybersecurity events, aiming to prevent or mitigate impacts.
• Act as the frontline defense for cybersecurity incidents, ensuring effective and timely resolution of security issues against the firm's infrastructure.
• Collaborate with internal and external partners, including regulatory, compliance, privacy, and media communications teams, to manage incidents.
• Utilize command and control, communication, and documentation skills to ensure the stability, capacity, and resiliency of products.
• Work closely with Cybersecurity Operations Incident Response teams and Enterprise Technology Product and Engineering teams to mitigate and remediate events and incidents.
• Analyze operational metrics to identify process improvements and deliver constructive feedback to the team.
• Engage in continuous improvement of practices and processes, and participate in research, internal procedure uplift, and internal tools development.

Required qualifications, capabilities, and skills

• Bachelor's Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
• 3+ years of experience in an Incident Management or Incident Response function in an enterprise environment.
• Demonstrated command and control, documentation, and communication skills in previous roles.
• Experience communicating technical topics both in writing and verbally to senior management from technical and non-technical backgrounds.
• Ability to work closely with business, technology, and project management partners to execute projects and improvements for the CTC IMR team.
• Strong understanding of the ITIL framework and experience with incident management tools.
• Basic understanding of various operating systems, network fundamentals, cyber tools, and cloud architecture.
• High-level understanding of cybersecurity attack frameworks, such as MITRE ATT&CK and Cyber Kill Chain.
• Ability to exercise excellent judgment and decision-making skills under pressure and know when to escalate issues.
• Ability to influence senior technology managers across organizational boundaries through formal and informal channels.
• Proactive with a strong bias for action, naturally inquisitive, and committed to continuous improvement.

Preferred qualifications, capabilities, and skills

• ITIL Certification.
• Baseline cybersecurity certifications, such as Security+ or Google Cybersecurity Certificate.
• Appreciation of the wider roles of interconnecting cybersecurity teams and collaboration with teams like Forensics, Threat Intelligence, Penetration Testing, and Vulnerability Management.

#CTC
About Us
J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.