J.P. Morgan logo
Senior Malware Analyst / Reverse Engineer - J.P. Morgan USA Bookmark Share Print 897 0 3

Listing Description

The Cybersecurity Intelligence Group (CIG) holds the global mandate for JPMC's cyber intelligence collection, analysis, and dissemination of finished products to the firm's Cybersecurity & Technology Controls teams, lines of business, and overall executive decision makers. The team is also responsible for tracking threats and incidents involving the firm's third-party suppliers, subsidiaries, and key clients to address events such as intrusions, malware, DDoS, unauthorized access, insider attacks, and loss of proprietary information. This includes developing a deep understanding of global threat actors and their tactics, techniques, and procedures employed during cyberattacks. CIG also plays an integral role in the alerting, response, and mitigation of incidents at JPMC and works closely with other internal teams and external partners to mitigate risk to the firm.

CIG’s Malware Analysis and Active Defense component conducts technical research in support of the above goals. As a Senior Malware Analyst / Reverse Engineer you’ll perform complex static and dynamic analysis of malicious code identified through internal investigations and from external sources ranging from commodity malware to Advanced Persistent Threat (APT) nation-state malware. We’re looking for a self-motivated individual with a proven track record in reverse engineering malware and an insatiable curiosity towards all things Cyber to join our team.

Key responsibilities:

  • Conducting malware analysis and reverse engineering of suspicious code
  • Performing deep dive technical analysis of cyberattack tactics, techniques, and procedures (TTPs)
  • Developing signatures to identify malware families, actor techniques, and other noteworthy code sequences
  • Automating malware analysis and intelligence gathering processes
  • Hunting for novel samples, indicators of compromise (IOCs), and actor TTPs in internal and external datasets
  • Researching threats, vulnerabilities, and exploits to enhance monitoring and detection capabilities
  • Partnering with the Incident Response (IR) teams to understand incidents and support technical analysis of malicious cyber events
  • Documenting and presenting findings in comprehensive technical analysis reports
  • Communicating effectively with business representatives, technology specialists, and vendors
  • Assisting peer analysts in the production and dissemination of intelligence reports
  • Contributing technical expertise and Cybersecurity perspectives to discussions regarding JPMC global technology infrastructure

Desired Qualifications:

  • A proven track record in reverse engineering malware and an insatiable curiosity towards all things Cyber
  • Experience with debuggers, disassemblers, and other malware analysis tools (i.e. IDA Pro, Ghidra)
  • Coding (scripting) experience (i.e. Python, C, JavaScript, VBScript, etc.)
  • Prior background in Forensics, Log Analysis, Incident Response, Threat Intelligence, and / or Security Research
  • Knowledge in Operating Systems (i.e. Windows, Linux, Mac, Mobile), processor architectures (i.e. x86, x64), and computer networking
  • Experience in developing both tactical and strategic tools and capabilities
  • Strong written and verbal communication skills; ability to understand complex problems while formally presenting them simplistically.
  • Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors.
  • 5+ years of professional experience in Information Technology
  • 3+ years of professional experience in malware analysis / reverse engineering
  • Bachelor's Degree in Computer Science or related field or equivalent experience

About Us

JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world’s most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as any mental health or physical disability needs.
 
The health and safety of our colleagues, candidates, clients and communities has been a top priority in light of the COVID-19 pandemic. JPMorgan Chase was awarded the “WELL Health-Safety Rating” for all of our 6,200 locations globally based on our operational policies, maintenance protocols, stakeholder engagement and emergency plans to address a post-COVID-19 environment.

As a part of our commitment to health and safety, we have implemented various COVID-related health and safety requirements for our workforce. These requirements may include sharing information in the firm’s vaccine record tool, vaccination or regular testing, mask wearing, social distancing and daily health checks. Requirements may change in the future with the evolving public health landscape. JPMorgan Chase will consider accommodation requests.

Equal Opportunity Employer/Disability/Veterans

About the Team

The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.
 

High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.

Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!