Bulge Bracket Investment Banks

Posted 6 days ago

No clicks

**Security Operations Vice President - Vulnerability Management** Lead our Plano, TX team in managing technology vulnerabilities. Review new vulnerabilities, assess risks, and drive global team workflow. Collaborate with technology leaders to mitigate risks and enhance security posture. Leverage enterprise AI capabilities to accelerate security processes. Requires 5+ years in Cyber Operations/Vulnerability Management, strong understanding of operational processes, and experience with leading vendor products. Demonstrate comprehension of end-to-end vulnerability management workflow and industry standards such as CVE, CPE, and CVSS.

Compensation: Not specified USD
City: Not specified
Country: United States

Full Job Description

Location: Plano, TX, United States

Working in Cybersecurity takes a passion for balancing technology with determining the inherent risk of a vulnerability by balancing preventative controls against known exploits, and above all, vigilance in keeping JPMC technology secure for our customers & clients. Youll be on the front lines of managing vulnerabilities by making critical decisions on the inherent risk to the infrastructure or the application itself and thus the risk to the firm clients & customers. You will be working with a highly-motivated team laser-focused on analyzing, scoping, developing and delivering solutions built to stop adversaries and strengthen our security posture. Your research and work will ensure stability and resiliency of our current technology products, emerging technology and our vast application estate. Working in tandem with various internal teams both in Cyber and various Line of Business partners, as well as technologists and innovators across our global network, by leading the positive actions that will stop adversaries and strengthen customers confidence.

Job Responsibilities

Review new vulnerabilities published from multiple sources and identify those that may pose risk to the firm.
Define an accurate risk rating in line with proprietary and industry standard risk rating methodologies. Document impacted assets and/or application(s) providing a detailed write up on the risk and exposure posed by vulnerabilities.
Assess threat actor intelligence, exploit code, and/or conceptual code to determine attack vectors. Recommend any risk mitigation factors and define the remediation activity if known.
Assess security researcher identified vulnerabilities to provide recommendations on remediation and identify additional risk
Drive the global teams daily workflow, undertaking daily case-load analysis and prioritization. Represent the global team and be the technical lead on major incidents impacting the Vulnerability Management space.
Demonstrate the ability to develop and form strong working relationships with the partnering Cybersecurity Operations functions and key technology leaders in the region. Provide technical leadership within the team, mentoring and guiding junior team members.
Uses enterprise-authorized AI capabilities within the work environment to accelerate security investigation triage and incident reporting, validating outputs and handling operational data according to sensitivity and security requirements.
Drives reuse-first adoption of AI-assisted workflows to enhance threat detection and response processes, ensuring outputs are validated and aligned to security, resiliency, and auditability expectations.

Required qualifications, capabilities, and skills

Formal Training or certification with 5+ years experience in a Cyber Operations/Vulnerability Management role with a strong knowledge of operational processes supporting Vulnerability Management and the wider Security Operations Center; with the ability to demonstrate comprehension of the end-to-end Vulnerability Management workflow (to include industry standards such as CVE, CPE, CVSS).
Demonstrated experience coordinating Incident Management and/or cyber incident response, including cross-team alignment and clear stakeholder communications.
Strong and broad understanding of Cyber Security Controls (Physical, Logical, Processes and Procedures). Strong and broad understanding of leading vendor products/applications e.g., Oracle [Java], VMWare, F5, Citrix, Microsoft; to include product lifecycle & release schedules.
Strong and broad understanding of open-source software deployment in a large technology estate. Strong understanding of Cloud and Public/Private Cloud environments. Strong deductive reasoning, multi-tasking, critical thinking, problem solving, and prioritization skills.
Familiarity with Cyber vulnerability detection and scanning tools. Experience of working with data sources via SQL, JSON, APIs and Splunk will be highly beneficial.
Experience with Agile and experience working to manage remediation actions via an active backlog and Jira an advantage.
Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security operations workflows with strong validation habits and awareness of data sensitivity
Ability to review and validate AI-assisted investigation findings and recommendations before implementation, escalating when uncertain and ensuring outcomes align to security and auditability expectations.

Preferred qualifications, capabilities, and skills

Have an aptitude for Vulnerability Research and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. through capture the flag challenges).
Experience with frontier AI models and the ability to conduct AI assisted vulnerability research.
Be operationally focused and enjoy working in a dynamic environment, with the day-to-day focus on quick and timely risk reduction activities.
Be a self-starter who will take the initiative while being able to work independently and challenge the status quo.

#CTC

Vulnerability Management Operations is responsible for the firm-wide impact analysis, overall risk assessment, and coordination/communication of critical vulnerabilities identified as impacting JPMorgan Chase applications and/or infrastructure components. This function is performed globally and at the scale of which JPMC operates by coordinating a response that could be firm-wide or application specific. The teams actions are performed using a risk-based approach considering the criticality of the vulnerability and the ability for our Line of Business partners to service their clients and customers globally.

Full Job Description

Location: Plano, TX, United States

Job Responsibilities

Review new vulnerabilities published from multiple sources and identify those that may pose risk to the firm.
Define an accurate risk rating in line with proprietary and industry standard risk rating methodologies. Document impacted assets and/or application(s) providing a detailed write up on the risk and exposure posed by vulnerabilities.
Assess threat actor intelligence, exploit code, and/or conceptual code to determine attack vectors. Recommend any risk mitigation factors and define the remediation activity if known.
Assess security researcher identified vulnerabilities to provide recommendations on remediation and identify additional risk
Drive the global teams daily workflow, undertaking daily case-load analysis and prioritization. Represent the global team and be the technical lead on major incidents impacting the Vulnerability Management space.
Demonstrate the ability to develop and form strong working relationships with the partnering Cybersecurity Operations functions and key technology leaders in the region. Provide technical leadership within the team, mentoring and guiding junior team members.
Uses enterprise-authorized AI capabilities within the work environment to accelerate security investigation triage and incident reporting, validating outputs and handling operational data according to sensitivity and security requirements.
Drives reuse-first adoption of AI-assisted workflows to enhance threat detection and response processes, ensuring outputs are validated and aligned to security, resiliency, and auditability expectations.

Required qualifications, capabilities, and skills

Formal Training or certification with 5+ years experience in a Cyber Operations/Vulnerability Management role with a strong knowledge of operational processes supporting Vulnerability Management and the wider Security Operations Center; with the ability to demonstrate comprehension of the end-to-end Vulnerability Management workflow (to include industry standards such as CVE, CPE, CVSS).
Demonstrated experience coordinating Incident Management and/or cyber incident response, including cross-team alignment and clear stakeholder communications.
Strong and broad understanding of Cyber Security Controls (Physical, Logical, Processes and Procedures). Strong and broad understanding of leading vendor products/applications e.g., Oracle [Java], VMWare, F5, Citrix, Microsoft; to include product lifecycle & release schedules.
Strong and broad understanding of open-source software deployment in a large technology estate. Strong understanding of Cloud and Public/Private Cloud environments. Strong deductive reasoning, multi-tasking, critical thinking, problem solving, and prioritization skills.
Familiarity with Cyber vulnerability detection and scanning tools. Experience of working with data sources via SQL, JSON, APIs and Splunk will be highly beneficial.
Experience with Agile and experience working to manage remediation actions via an active backlog and Jira an advantage.
Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support security operations workflows with strong validation habits and awareness of data sensitivity
Ability to review and validate AI-assisted investigation findings and recommendations before implementation, escalating when uncertain and ensuring outcomes align to security and auditability expectations.

Preferred qualifications, capabilities, and skills

Have an aptitude for Vulnerability Research and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. through capture the flag challenges).
Experience with frontier AI models and the ability to conduct AI assisted vulnerability research.
Be operationally focused and enjoy working in a dynamic environment, with the day-to-day focus on quick and timely risk reduction activities.
Be a self-starter who will take the initiative while being able to work independently and challenge the status quo.

#CTC

Security Operations Vice President - Vulnerability Management

Full Job Description

SIMILAR OPPORTUNITIES

Cybersecurity Engineer - Vulnerability Management

Senior Cyber Analyst in VULNERABILITY MANAGEMENT

Vice President - Information Security

Cyber Risk Senior Officer - Senior Vice President

Security Operations Associate

Security Operations Vice President - Vulnerability Management

Full Job Description

SIMILAR OPPORTUNITIES

Cybersecurity Engineer - Vulnerability Management

Senior Cyber Analyst in VULNERABILITY MANAGEMENT

Vice President - Information Security

Cyber Risk Senior Officer - Senior Vice President

Security Operations Associate