Digital Forensics and Incident Response (DFIR) Vice President
JP Morgan
London
GBP 100,000 - 125,000
Job description
Shape the future of cybersecurity through advanced digital forensics, contributing to firm-wide innovation and security.
As a Digital Forensics Vice President inthe Cyber and Tech Controls line of business, you will enhance the firm's cybersecurity posture through the collection, preservation, and examination of digital evidence. Your expertise in digital forensics principles and practices supports incident response efforts, litigation, and regulatory proceedings. Your expertise will enable you to make strategic decisions to reduce firm-wide risks. Fostering collaboration and leveraging advanced technical knowledge, you contribute to innovative solutions and continuous improvement in the digital landscape.
Job responsibilities:
Use digital forensic tools and techniques to support internal fraud and employee investigations and use host-based and network forensic capabilities to develop information regarding IOCs and TTPs for threat actors and malware, which can be shared amongst other internal teams
Leverage practical experience to develop methodologies for proactive hunting of threat actors in the absence of alerting or rules-based appliances
Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents
Prepare in-depth investigation reports into forensic investigations, breach reports, privacy incidents and data exposure type cases
Assist with the development of in-house training programs to ensure world class high-tech investigation standards
Demonstrate strong written and verbal communication skills necessary to effectively interpret investigative requirements, provide technical guidance, and provide detailed documentation of analysis finding
Develop and implement innovative forensic research and development projects to stay ahead of emerging technologies and enhance cybersecurity posture
Define and execute procedures for identifying, managing, collecting, preserving, analyzing, and documenting findings
Develop and implement digital-forensics and data-protection security solutions and standards, adhering to industry best practices
Design and customize audit procedures for JPMorgan Chase's digital forensics environment, evaluate incident response and evidence handling procedures, and provide improvement recommendations
Collaborate with Legal, Technology, and HR to support incident response, litigation, and regulatory proceedings
Required qualifications, capabilities, and skills:
5+ years of experience in digital forensics, incident response, e-discovery, and malware analysis
Expert knowledge of computer forensic best practices and industry standard methodologies for investigating host-based and network analysis.
A proven track record in live digital forensics, log-file analysis and network forensics.
Experience with investigating data compromise events, networking protocols and packet analysis, and working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT, Cellebrite, etc.)
Able to work independently and/or with a team to conduct forensic examinations
Able to articulate and visually present complex forensic investigation and analysis results
The ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective
Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation
Expertise in multiple scripting languages (e.g., Python, Bash, JavaScript, PowerShell, etc.) and ability to create, debug, and modify scripts to automate tasks and manipulate data
Advanced knowledge of digital forensics tools and techniques, including memory forensics, network traffic analysis, and reverse engineering of malware
Proven ability to develop digital forensics solutions and standards
Preferred qualifications, capabilities, and skills:
Experience with malware reverse engineering
Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc.)
Industry standard information security technology certifications (GCIH, GREM, etc.)
Ability to automate tasks using a scripting language (Python, Perl, Ruby, Bash, etc.)