Security Operations Vice President

As Vice President in the Cybersecurity Perimeter Response Team at JPMorgan

Chase, you will play a critical role in defending the Firm's digital perimeter against sophisticated Layer 3/4 and Layer 7 DDoS attacks. You will personally create, test, implement, and monitor web application firewall (WAF) and DDoS policy across platforms such as Akamai, Cloudflare, AWS WAF, and F5, ensuring robust protection for our global enterprise. This hands‑on position involves incident response, but is primarily focused on continuous evaluation and uplift of security policy for the Firm's internet‑exposed services.

• Investigate anomalous network traffic patterns and events, collaborating with application teams, subject matter experts, and senior management.
• Develop, maintain, and optimize DoS and WAF policies to protect the Firm, balancing operational risk and security posture.
• Identify, document, and mitigate risks from emerging threats, leveraging intelligence from peer organizations.
• Test and validate policy rules and signatures for effectiveness and applicability.
• Profile new and existing applications, mapping them to appropriate perimeter security policies.
• Deliver incident response support for DoS, DDoS, and related application attacks.
• Provide regular activity and progress reporting to Cyber Operations management.
• Follow best practices in threat recognition, pattern analysis, and surveillance detection to establish efficient, high‑quality security processes.
• Note:
  
  this is neither a management nor auditing‑related role.

• Formal training or certification with 5+ years of experience in cybersecurity operations, security system management, or related roles.
• 3+ years of hands‑on WAF administration experience with perimeter defense infrastructure such as Akamai, Cloudflare, F5, etc. (custom signature authoring, deployment governance, patching, efficacy evaluation, policy testing).
• Network performance management (e.g., troubleshooting server response and routing issues) or Web application development/administration (troubleshooting web servers, application stacks, containers, OS, micro‑services, and API/data validation errors).
• TCP/IP network administration, optimization, and troubleshooting.
• Incident response for inbound application attacks, with experience in a formal Security Operations Center (SOC) and proficiency in distinguishing suspicious from benign internet sources.

• Direct, hands‑on experience with perimeter defense infrastructure systems.
• Direct, hands‑on experience with SIEM tools (e.g., Splunk) and complex search compilation.
• Application development skills, including scripting (Python/Java), regular expressions, and proof‑of‑concept creation for zero‑day exploits.
• Previous 24x7 operations experience.
• 1+ years of cybersecurity operations experience, including threat and risk assessment documentation.

We offer a competitive total rewards package, including base salary and benefits such as comprehensive health care coverage, retirement savings plans, tuition reimbursement, mental health support, and more.

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law.

We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation. JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans.