at JPMORGAN CHASE & CO. in Wilmington, Delaware, United States
Job Description
JPMorgan Chase & Co. seeks a Red Team Operator in Wilmington, DE.
LOCATION: 880 Powder Mill Road, Wilmington, Delaware 19803. Telecommuting permitted up to 60% of the week.
DUTIES: Drive and participate in hands-on ethical hacking engagements focused on simulating real-world attacker tactics, techniques and procedures. Facilitate peer tasks during operations. Develop customs tools, exploits, Tactics, Techniques, and Procedures including custom malware and exploit scripts. Conduct knowledge sharing with and provide mentorship and feedback to internal and external teams. Serve as a Subject Matter Expert in Active Directory Security. Analyze vulnerabilities, threats, and architectural design to produce reports. Document observations and findings from operations in a clear and concise fashion in formal reports. Perform debriefs or visual presentations in a clear and articulate manner.
REQUIREMENTS: Bachelor's Degree in Computer Engineering, Computer Information Systems, Computer Security, or related field of study plus 5 years of experience in the job offered or as Red Team Operator, Application/Software Developer, Penetration Tester, Vulnerability Researcher, Security Consultant or related occupation. The employer will alternatively accept a Master’s Degree in Computer Engineering, Computer Information Systems, Computer Security, or related field of study plus 3 years of experience in the job offered or as Red Team Operator, Application/Software Developer, Penetration Tester, Vulnerability Researcher, Security Consultant or related occupation. Requires experience in the following: conducting network exploitation operations, including Red Team operations; computer networking; modern threats and vulnerabilities; Red Team attack methodologies; Red Team tools including Cobalt Strike and Metasploit; networking in all OSI layers and protocols; databases including MySQL and Neo4j; System administration in Windows, Linux, Unix, and Mac operating systems; computer forensics; operating system and software vulnerability research and exploitation; offensive security tools for reconnaissance, scanning, and exploitation including Nmap, BurpSuite, Bloodhound, PowerSploit, Empire, and GhostPack; log output from networking devices, operating systems, and infrastructure services; cloud administration and exploitation in AWS and Azure; developing in-house scripts using scripting languages in PowerShell and Python; compiled languages including C++, C#, JavaScript, and PHP; security tools or technology including Firewalls, Intrusion Detection Systems, Web Proxies, and Data Loss Prevention; articulating and visually presenting complex penetration testing and Red Team results to internal teams and senior leaders; Active Directory Security; competing-in and running information security capture- the-flag competitions; administering and building complex, virtualized, and anonymized computer networking infrastructures utilized in adversary emulation simulations; building hands-on Active Directory Attacks for testing; conducting live training sessions; presenting at major security conferences on subject of Active Directory Attacks. Must possess the following certification: Offensive Security Certified Professional (OSCP).
To apply for this position, please email your resume to my.resume@jpmchase.com with following job ID clearly indicated: [MR-RT-SS-2568]. JPMorgan Chase & Co. is an Equal Opportunity and Affirmative Action Employer, M/F/D/V.
