Assessments & Exercises Senior Associate - Red Team Operator
1 month ago
Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement.
As an Assessments & Exercises Senior Associate in the Cybersecurity and Technology Controls line of business, you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology. Design and deploy risk-driven tests and simulations and inform analysis to clearly outline root-causes. In this role, you will evaluate preventative controls, incident response processes, and detection capabilities, and advise cross-functional teams on security strategy and risk management.
JPMC’s Assurance Operations organization is looking to expand its Cybersecurity Red Team with a Red Team Operator position. The primary focus of this role will be to perform hands-on offensive activities as part of Red Team engagements against critical JPMC assets. The successful candidate will have a proven track record in conducting network exploitation operations, to include Red Team operations. Additionally, the candidate will be able to demonstrate in-depth knowledge and experience around computer networking fundamentals, modern threats and vulnerabilities, attack methodologies, and penetration testing tools. This position is anticipated to require the use of one or more High Risk Role (HRR) systems, which mandates successful completion of enhanced screening, including criminal and credit background checks, before starting employment and annually thereafter.
Job Responsibilities
- Design and execute testing and simulations – such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations, and contribute to the development and refinement of assessment methodologies, tools, and frameworks to ensure alignment with the firm’s strategy and compliance with regulatory requirements.
- Evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation.
- Collaborate closely with cross-functional teams to develop comprehensive assessment reports – including detailed findings, risk assessments, and remediation recommendations – making data-driven decisions that encourage continuous improvement.
- Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm's assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics.
Required Qualifications, Capabilities, and Skills
- 5+ years of experience in cybersecurity or resiliency, with demonstrated exceptional organizational skills to plan, design, and coordinate the development of offensive security testing, assessments, or simulation exercises.
- Knowledge of US financial services sector cybersecurity or resiliency organization practices, operations risk management processes, principles, regulations, threats, risks, and incident response methodologies.
- Ability to identify systemic security or resiliency issues as they relate to threats, vulnerabilities, or risks, with a focus on recommendations for enhancements or remediation, and proficiency in multiple security assessment methodologies (e.g., Open Worldwide Application Security Project (OWASP) Top Ten, National Institute of Standards and Technology (NIST) Cybersecurity Framework), offensive testing tools, or resiliency testing equivalents.
- Excellent communication, collaboration, and report writing skills, with the ability to influence and engage stakeholders across various functions and levels.
- Strong understanding of the following: Windows/Linux/Unix/Mac operating systems; OS and software vulnerability and exploitation techniques; commercial or open-source offensive security tools for reconnaissance, scanning, exploitation, and post exploitation (e.g., Cobalt Strike, Metasploit, Burp Suite); networking fundamentals (all OSI layers, protocols); Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) providers in both private and public (AWS, Azure) environments; DevOps; and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services.
- Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals.
Preferred Qualifications, Capabilities, and Skills
- Preferred qualifications include: Intelligence Community background, relevant certifications such as those offered by Offensive Security (OSCP, OSEP, OSED, OSEE, OSCE), CREST (Certified Simulated Attack Specialist, Registered Penetration Tester, Certified Infrastructure Tester), SANS (GPEN, GXPN, GWAPT), knowledge of malware packing, obfuscation, persistence, exfiltration techniques, and understanding of financial sector or other large security and IT infrastructures.
- Technical knowledge or experience developing proof of concept exploits and in-house scripting, using interpreted languages such as Python, Ruby, or Perl, compiled languages such as C, C++, C#, or Java, and security tools or technology such as Firewalls, IDS/IPS, Web Proxies, DLP and the ability to articulate and visually present complex penetration testing and Red Team results is highly desirable.
- Experience with Agile and can work with at least one of the common frameworks is highly desired.
-
Washington, United States JPMorgan Chase Full time $152,000 - $260,000Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement. As an Assessments & Exercises Vice President in the Cybersecurity and Tech Controls line of business, you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using industry-standard...
-
Washington, United States JPMorgan Chase Full time $152,000 - $260,000Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement. As an Assessments & Exercises Vice President in the Cybersecurity and Tech Controls line of business, you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using industry-standard...
-
Senior Red Team Operator
1 month ago
Washington, United States Parallel Consulting Full timePosition SummaryVP level, Senior Red Team Operator Full-time, direct hireMostly remote working, ideally the candidate would be based near Washington DC.Up to $190k base salaryGlobal Banking institutionOur client is growing their relatively new Red Team function in the US. This is a fantastic opportunity to help shape the Red Team function and the wider...
-
Assessments & Exercises Director - Strategy Lead
3 weeks ago
Washington, United States JPMorgan Chase Full time $204,250 - $325,000Spearhead cutting-edge security strategies and resilience initiatives, shaping the future of cybersecurity. As an Assessments & Exercises Director in the Cyber and Tech Controls line of business, you will lead key efforts to enhance the firm's cybersecurity or resiliency posture. Plan and implement testing engagement to proactively identify risks and...
-
Assessments & Exercises Director - Strategy Lead
3 weeks ago
Washington, United States JPMorgan Chase Full time $204,250 - $325,000Spearhead cutting-edge security strategies and resilience initiatives, shaping the future of cybersecurity. As an Assessments & Exercises Director in the Cyber and Tech Controls line of business, you will lead key efforts to enhance the firm's cybersecurity or resiliency posture. Plan and implement testing engagement to proactively identify risks and...
-
Assessments & Exercises Director - Strategy Lead
3 weeks ago
Washington, DC, United States JPMorgan Chase & Co. Full timeSpearhead cutting-edge security strategies and resilience initiatives, shaping the future of cybersecurity. As an Assessments & Exercises Director in the Cyber and Tech Controls line of business, you will lead key efforts to enhance the firm's cybersecurity or resiliency posture. Plan and implement testing engagement to proactively identify risks and...
-
Cybersecurity Expert
4 weeks ago
Washington, United States Maveris Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Expert to join our dynamic team in support of a large Federal Government customer. As a Senior Red Team Analyst, you will be responsible for conducting offensive security assessments, including penetration testing and red teaming.Key ResponsibilitiesConduct adversarial emulation through research and...
-
Senior Security Engineer
4 weeks ago
Washington, United States Glocomms Full timeWe are are partnered with a leading real estate data analytics company to bring on a Senior Security Engineer to join their offensive security team. This role requires a technical leader who can drive advanced red team engagements and coordinate purple team activities to enhance their security posture. This engineer will conduct thorough adversary emulation...
-
Senior Security Engineer
4 weeks ago
Washington, United States Glocomms Full timeWe are are partnered with a leading real estate data analytics company to bring on a Senior Security Engineer to join their offensive security team. This role requires a technical leader who can drive advanced red team engagements and coordinate purple team activities to enhance their security posture. This engineer will conduct thorough adversary emulation...
-
Red Team Engineer
4 weeks ago
Washington, United States Parallel Consulting Full timeJob DetailsWe are seeking a highly skilled Red Team Engineer to join our team as a Senior Red Team Operator.This is a full-time, direct hire position with mostly remote working opportunities. The ideal candidate would be based near Washington DC.The estimated salary for this role is up to $190k base salary.About the TeamOur team is responsible for providing...
-
Senior Security Engineer
2 months ago
Washington, United States GLO Comms Full timeWe are are partnered with a leading real estate data analytics company to bring on a Senior Security Engineer to join their offensive security team. This role requires a technical leader who can drive advanced red team engagements and coordinate purple team activities to enhance their security posture. This engineer will conduct thorough adversary emulation...
-
Senior Security Engineer
3 weeks ago
Washington, DC, United States GLO Comms Full timeWe are are partnered with a leading real estate data analytics company to bring on a Senior Security Engineer to join their offensive security team. This role requires a technical leader who can drive advanced red team engagements and coordinate purple team activities to enhance their security posture. This engineer will conduct thorough adversary emulation...
-
Red Team/Intelligence Analyst-Sino-Russian
3 weeks ago
Washington, DC, United States ManTech Full timeManTech is seeking a motivated, career and customer-oriented Red Team/Intelligence Analyst-Sino-Russian to join our team in Arlington, VA. Responsibilities include, but are not limited to: Leveraging multi-domain intelligence and information, examine the strategy, beliefs, abilities and methodologies, organizational construct, and tactics, techniques, and...
-
Senior IT Architect
1 week ago
Washington, United States Red River Full timeAbout the PositionWe are seeking an experienced Senior ForgeRock/Java Engineer to join our team at Red River. This is a full-time position offering a competitive salary of $110,000 - $140,000 per year.
-
Senior Contract Specialist
4 weeks ago
Washington, United States Red Carrot Full timeAbout the RoleWe are seeking a highly skilled Senior Contract Specialist to join our team at Red Carrot. As a key member of our Contracts Administration department, you will play a vital role in supporting all phases of contract management.
-
Senior Proposal Developer
3 weeks ago
Washington, United States Red Carrot Full timeJob Title: Senior Proposal DeveloperAbout Red Carrot:We are an award-winning, woman-owned small business that is growing rapidly in the federal government space. Our team is fueled by passion, backed by intelligence, and built on expertise.Our Mission:To craft highly efficient solutions for clients' complex needs, leveraging industrial engineering principles...
-
Compensation Analyst
4 weeks ago
Washington, United States AMP Services Full timeAbout the RoleWe are seeking a skilled Payroll Specialist to join our team at AMP Services in Seattle, Washington. As a key member of our financial operations team, you will be responsible for accurate and timely payroll processing, ensuring compliance with federal and state regulations.
-
Senior Director, Equipment Strategy Specialist
4 weeks ago
Washington, DC , USA, United States American Red Cross Full timeAbout the RoleWe are seeking a Senior Director, Equipment Strategy Specialist to join our Biomedical Process Excellence Team. This is a virtual position and can be located anywhere in the continental United States.Key ResponsibilitiesDevelop and implement equipment strategy across all biomedical operations, ensuring alignment with key performance indicators...
-
Senior Sales Executive
2 days ago
Washington, Washington, D.C., United States AMP Payment Systems Full timeJob OverviewWe are AMP Payment Systems, a dynamic company seeking an experienced sales professional to drive growth and success in the merchant services industry. As a 1099 Sales Representative, you will play a critical role in promoting and selling our products and services to new and existing clients.The ideal candidate is a seasoned sales veteran with...
-
Senior Operations Specialist
4 weeks ago
Washington, Washington, D.C., United States Red Gate Group Full timeJob Overview">The Red Gate Group is seeking an experienced Business Analyst to support the Defense Intelligence Agency (DIA) in Washington, DC. As a key member of our team, you will play a vital role in capturing, documenting, and executing customer requirements for the Program Office.
