Posted on 2021-10-08

Digital Forensics and Incident Response, Cybersecurity Operations, Vice President

JPMorgan Chase Bank, N.A.

Vice President, Digital Forensics and Incident Response ("DFIR") will be required to conduct digital forensic analysis in support of HR/ER, Legal, Compliance, Cybersecurity, and Global Security investigations. Additionally, DFIR is responsible for examining post-exploitation artifacts across JPMC digital assets with a focus toward extracting and sharing Indicators of Compromise ("IoCs") or details of control gaps in support of live incidents, post-incident investigations, or internal investigations.

A successful candidate will have experience working independently and/or as part of a team in digital forensic investigations. They will also possess a strong investigative mindset, attention to detail, strong problem-solving skills, strong technical skills, good self-awareness and a drive to be thorough, timely and accurate.


  • Collects digital evidence from a variety of sources to include computers, cloud platforms, mobile devices, logs from applications/aggregation platforms and network evidence keeping forensic principles in mind.
  • Analyzes host and network based artifacts generated by users or software to be able to reconstruct activities which occurred on computing assets.
  • Communicates with stakeholders clearly and effectively during and after the completion of an investigation to ensure that all concerns are addressed and the circumstances surrounding the situation are fully understood.
  • Writes detailed notes and reports which properly document the steps taken during an investigation so that the methods used and outcome obtained are understandable and repeatable.
  • Works with team members as well as other internal and external teams or stakeholders to develop forensic processes for new technologies as well as to automate existing and new processes to increase efficiency and scalability.
  • Works with other team members to improve procedures in order to increase the efficiency of the team and the robustness of the team's work product.
  • Validates, verifies and documents new and existing forensic toolsets for use by the team.
  • Engages in continuous learning and shares information with team mates.

Skills and abilities:

Some, but not all of the diverse skills expected from a candidate for this position would include the following:

  • The ability to function well in a leader-leader environment, where individuals take ownership of work or projects and are responsible for the outcome
  • An understanding of digital forensic tools and techniques used to support internal fraud and employee investigations
  • An understanding of how tools work as well as the willingness and ability to manually examine data when required
  • An understanding of the scientific method and how it applies to digital forensics
  • Use host-based and network forensic capabilities to reconstruct actions on a computer or develop information regarding IOCs and TTPs for threat actors and malware, which can be shared amongst other internal teams
  • Leverage practical experience to develop methodologies for proactive hunting of threat actors in the absence of alerting or rules-based detections
  • Experience preparing in-depth investigation reports into forensic investigations, breach reports, privacy incidents and data exposure type cases
  • Demonstrate strong written and verbal communication skills necessary to effectively interpret investigative requirements, provide technical guidance, and provide detailed documentation of analysis findings

Required Qualifications:

  • Bachelor's Degree in Computer Science or other Technology related field preferred
  • Minimum 7 years of experience working in the computer forensics, cybercrime investigations, and other related technical fields
  • Well-developed knowledge of computer forensic best practices and industry standard methodologies for investigating host-based and network-based investigations
  • Experience with networking protocols and packet analysis
  • Experience working with industry standard tools (X-Ways, EnCase, Volatility, Rekall, Wireshark, SIFT, Cellebrite, etc.)
  • Able to work independently and/or with a team to conduct forensic examinations.
  • Able to articulate and visually present complex forensic investigation and analysis results.
  • Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation.
  • The ability to coordinate, work with and gain the trust of business stakeholders to achieve a desired objective.
  • Able to work under pressure in time critical situations.
  • Excellent written and verbal communication skills are required.
  • Ability to communicate effectively with business representatives in explaining forensic findings clearly and where necessary, in non-technical terms.

Desired Qualifications:

  • Digital Forensics and Incident Response experience in large and highly regulated enterprises.
  • Experience with malware reverse engineering
  • Experience with investigating data compromise events
  • Ability to automate tasks using a scripting language (Python, PowerShell, Bash, etc.)
  • Industry standard digital forensics certifications (GCFA, GNFA, GCFE, CFCE, etc.)
  • Industry standard information security technology certifications (GCIH, GREM, etc.)
  • Memberships and participation in relevant professional associations


We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.

Interested parties please click Apply Now to apply job.


All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.

More job information
Job Function
Employment Term
  • Permanent
  • Full-time
  • 7 years - 12 years
Career Level
  • Senior management level
  • Degree