Job type: Full-time Role: System Administrator Industry: Banking Company size: 10k+ people Company type: Public
java, python, sql
CTC (Cybersecurity & Technology Controls)
The Cybersecurity & Technology Controls group at JPMorgan Chase aligns the firm’s cybersecurity, access management, controls and resiliency teams. The group proactively and strategically partners with all lines of business and functions to enable them to design, adopt and integrate appropriate controls; deliver processes and solutions efficiently and consistently; and drive automation of controls. The group’s number one priority is to enable the business by keeping the firm safe, stable and resilient.
We are looking for multi-disciplined forward-looking technologists like you with diverse backgrounds and experiences including in areas such as cybersecurity, big data, machine learning risk management and controls, compliance and oversight, cloud security.
The Data Loss Prevention (DLP) Engineer role provides subject matter expertise and solutions to support data protection programs and data loss prevention technologies for the firm globally. The DLP Engineer will drive improvements in the DLP Program including concepts, standards, procedures, and technology and be accountable to plan, coordinate, and implement the organization's data security architectures including the design, implementation and maintenance of firm's data loss prevention environment.
Provide direction and expertise for data security and data loss prevention objectives
Identify inadequacies within the environment and construct solutions to address data loss prevention supporting cyber and insider threat landscape
Provide expertise in data loss prevention across large global environments, platforms and architectures
Support development and refinement of policies and incident management processes
React quickly, assess risks, and resolve problems to reduce risk of data loss while limiting disruption to expected business activities
Identify, design, and implement DLP rules, incorporating business, regulatory, and privacy requirements while ensuring platform stability.
Define and refine the process to regularly develop and deploy DLP Rules and Splunk Analytics to production, while ensuring all required controls such as: requirements management, change management, traceability, code and test reviews, testing, rollback for every change, and segregation of duties.
Provide support to the lines of business and Cyber Operations on DLP rule coverage and effectiveness, and assist with acceptance of rule enhancements
Understand and recommend uplifts in DLP, Splunk, and Big Data analytics to achieve the highest possible DLP risk mitigation
Develop scripts, tools, and applications to automate manual operational tasks and to monitor and report on platform, rule, and control performance, coverage and effectiveness
BS/BA degree or equivalent experience
6-10+ years of experience in the following areas: Data Protection, Data Security, Cyber Security, Information Security, Technology Engineering and Architecture
6-10+ years of overall IT experience with the ability to articulate and document infrastructure support and operational processes, various tools and monitoring agents.
Experience with Data Loss Prevention systems and methodology
Ability to rapidly find, assimilate and synthesize information correctly while under pressure
Ability to think strategically; work with a sense of urgency and pay attention to detail
Strong team player who collaborates well with others to solve problems and actively incorporates input from various sources
Excellent written and verbal communications and organizational skills
Strong negotiation and mediation skills
Understand and decision problems that involve trade-offs between security, cost containment and timeliness of service
Technical understanding of multiple large enterprise environments
CISSP, CISA, SANS GIAC, or relevant security certification(s) desired
Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity
Noted cybersecurity expert, keeping technical skills current and participating in multiple forums
Expertise in Agile and can work with at least one of the common frameworks
Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
This position is anticipated to require the use of one or more High Security Access (HSA) systems. Users of these systems are subject to enhanced screening which includes both criminal and credit background checks, and/or other enhanced screening at the time of accepting the position and on an annual basis thereafter. The enhanced screening will need to be successfully completed prior to commencing employment or assignment.
When you work at JPMorgan Chase & Co., you’re not just working at a global financial institution. You’re an integral part of one of the world’s biggest tech companies. In 14 technology hubs worldwide, our team of 40,000+ technologists design, build and deploy everything from enterprise technology initiatives to big data and mobile solutions, as well as innovations in electronic payments, cybersecurity, machine learning, and cloud development. Our $9.5B+ annual investment in technology enables us to hire people to create innovative solutions that will not only transform the financial services industry, but also change the world.
At JPMorgan Chase & Co. we value the unique skills of every employee, and we’re building a technology organization that thrives on diversity. We encourage professional growth and career development, and offer competitive benefits and compensation. If you’re looking to build your career as part of a global technology team tackling big challenges that impact the lives of people and companies all around the world, we want to meet you.