"Alerted.org

Join our elite STIIR (Supplier Threat Intelligence and Incident Response) team and be at the forefront of innovative third-party cyber risk management strategies. In this dynamic role, you'll leverage cutting-edge technology and intelligence to protect our digital landscape, making a real-world impact on global cybersecurity. Your expertise will help shape the future of secure digital operations, safeguarding critical assets and fortifying our cyber defenses.

As a Cybersecurity Intelligence Senior Associate in Cybersecurity Operations, you will play a pivotal role in advancing the firm's SBOM (Software Bill of Materials) program and supporting proactive third-party cyber risk management. You will manage the end-to-end process for collecting, scanning, and analyzing supplier SBOMs, drive supplier outreach for remediation of critical vulnerabilities, and deliver regular reporting and tailored communications to both internal and external stakeholders. Your work will directly contribute to cyber awareness, vulnerability surveys, and monthly newsletters, enhancing the firm's overall cyber resilience.

Job responsibilities

+ Lead the cross-functional process for scanning supplier SBOMs to identify open source vulnerabilities and malicious packages. Oversee supplier outreach for remediation of prioritized findings, especially those with high-risk ratings.

+ Develop and deliver regular reports to internal stakeholders, including executive summaries and technical deep-dives. Create tailored external communications such as cyber awareness materials, vulnerability surveys, and monthly newsletters.

+ Proactively identify and assess global and industry-specific attack vectors, emerging trends, and potential risks. Analyze the third party threat landscape to inform and shape the firm's cybersecurity strategy.

+ Work closely with cross-functional teams in Cyber, Technology, and the Business to drive continuous improvement and implement recommended mitigations.

Required qualifications, capabilities, and skills

+ Minimum 3 years of relevant cybersecurity experience, including scanning and analysis for open source vulnerabilities and malicious packages.

+ Outstanding written, verbal, and presentation skills; able to communicate complex technical information to diverse audiences.

+ Strong working knowledge of Software Development Life Cycle (SDLC) and DevSecOps practices.

+ Experience in offensive cybersecurity, including proactive testing and evaluation of systems, networks, and applications to identify vulnerabilities.

+ Excellent analytical and problem-solving skills, with keen attention to detail.

+ Proven ability to collaborate across organizational boundaries and develop actionable improvement plans.

+ Self-starter with a drive to deliver results and a continuous improvement mindset.

Preferred qualifications, capabilities, and skills

+ Familiarity with industry risk frameworks (ISO27001, NIST Cybersecurity Framework, MITRE ATT&CK, etc.).

+ Professional certifications such as CISSP, CISA, CISM, CCSP, or CRISC.

+ Background in Product Security, Incident Response, or Technology/Cyber Audit.

+ Basic programming skills (Python preferred) to support automation, data analysis, and process improvement.

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans