Acquisition Cybersecurity Team (ACT) - Senior SOC Analyst

Seize the opportunity to enhance cybersecurity, utilising your expertise in threat analysis and incident response to protect vital data and systems. As a Security Operations Senior Associate in the Cybersecurity and Tech Controls line of business, you will play a critical role in safeguarding the organisation's digital assets and infrastructure. You will proactively detect, assess and respond to threats, vulnerabilities, and security incidents. Leveraging your deep knowledge of security principles and practices you will collaborate with cross‑functional teams to develop coordinated security strategies and educate employees on best practices. Your work will directly impact departmental outcomes driving progress, identifying gaps in information, and solving complex cybersecurity challenges. By utilising your advanced analytical, technical, and problem‑solving skills, you will contribute to the continuous improvement of our cybersecurity posture and help maintain the integrity, confidentiality, and availability of sensitive data and systems.

Job responsibilities

• Monitor and analyse security infrastructure, contributing to detection and response to threats, vulnerabilities, and incidents to ensure the integrity, confidentiality, and availability of sensitive data and systems.
• Conduct in‑depth security investigations, including log analysis, network trace review, and other data sources to identify root causes, assess impact, and gather evidence for response and mitigation actions.
• Triage and remediation of security alerts, along with end‑to‑end ownership of an investigation and active participation in incident response.
• Create and maintain process documentation to support consistent and effective incident response.
• Develop and maintain threat detection and response playbooks, incorporating industry best practices, regulatory requirements, and lessons learnt from previous incidents.
• Collaborate with cross‑functional teams to develop and implement coordinated security strategies, policies, and procedures, while educating employees on best practices.
• Provide intelligence services to JPMorgan Chase acquisitions, including drafting and disseminating vulnerability and intelligence reports.
• Liaise regularly with acquisitions to maintain lines of communication, understand and document their cybersecurity posture and unique challenges, identifying uplift opportunities where possible.
• Willing to work a shift schedule that includes weekend work every four weeks and complying with firm‑wide in‑office attendance policies.
• Take active ownership of issues affecting acquisitions and drive any identified uplifts to completion.
• Act as a point of escalation for analysts on the team.

Required qualifications, capabilities, and skills

• Minimum 3 years of experience in cybersecurity operations, including threat detection, incident response, or vulnerability management.
• Proven experience in network trace analysis, log analysis, vulnerability assessment, exploitation techniques, and security investigations in response to security incidents.
• Proficiency in scripting for task automation, implementing controls, and data manipulation.
• Strong understanding of security protocols, cryptography, authentication, authorisation, and security architecture design principles.
• Hands‑on experience with security tools and technologies such as Security Information and Event Management (SIEM), Intrusion Detection System (IDS), Endpoint Detection and Response (EDR), malware analysis tools and email security solutions.
• Knowledge of adversary tactics, attack stages, and detection methods.
• Familiarity with enterprise security technologies, Windows and Linux operating systems (OS) and the ability to identify signs of compromise.
• Excellent communication skills, with the ability to present risks and findings to both technical and non‑technical audiences.

Preferred qualifications, capabilities, and skills

• Experience with a broad range of cybersecurity tools, including Extended Detection & Response (XDR) platforms.
• Experience reviewing vulnerabilities and the effectiveness of mitigation measures.
• Basic understanding of cloud architecture and attacker techniques in cloud environments.
• The ability to manage fluctuating workloads and conflicting priorities.
• Project management experience, with a track record of driving projects and issues to completion while documenting progress.

About Us

J.P. Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations, governments, wealthy individuals and institutional investors. Our first‑class business in a first‑class way approach to serving clients drives everything we do. We strive to build trusted, long‑term partnerships to help our clients achieve their business objectives. We recognise that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

About the Team

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.