About the Role: 
The Supplier Incident Response (SIR) team plays a critical role in protecting JPMorgan Chase by responding to cyber threats within our supplier ecosystem. SIR is part of Response Operations within Cybersecurity Operations under JPMC’s CISO. As a Supplier Incident Response Investigator, you will engage directly with third-party suppliers during cybersecurity events, assess potential breaches, and coordinate with internal stakeholders to evaluate risk and exposure to the firm, our customers, and clients. You will be expected to stay current on the overall supplier risk landscape and interpret emerging threat intelligence from internal, third-party, and public sources. 

Job Responsibilities: 

Serve as the primary point of contact with suppliers involved in cyber incidents. Initiate and lead incident response actions with affected suppliers, ensuring timely and accurate information exchange. 

Interpret cyber threat intelligence and translate it into targeted, actionable information. Prepare and deliver clear, actionable recommendations based on investigation findings, to include recommending and coordinating containment actions as needed. 

Assess the potential impact of supplier incidents on the firm’s data, operations, and clients. Collect, analyze, and validate incident details, including root cause, scope, and affected data or systems. 

Triage incidents based on risk, criticality, and regulatory requirements. Produce clear incident reports and escalate findings to relevant stakeholders. 

Coordinate with internal teams (e.g., Intelligence, Technology, Legal, Privacy, Compliance) to investigate and assess risk. Maintain thorough documentation of incident response activities, decisions, and communications for audit and compliance purposes. 

Prepare closure reports and document control enhancements. Inform LOB owners and stakeholders, and participate in after-action reviews to drive continuous improvement. 

Address security gaps, internal controls and supplier contracts based on lessons learned from incidents. Stay informed about emerging security threats, adversary activities, and cyber event trends relevant to JPMC and the broader financial sector. 

Foster strong partnerships with the Firmwide Cybersecurity Threat Intelligence team to interpret and manage risk and evolve processes. Identify opportunities to leverage new data sources, business rules, and analytics to continuously improve the SIR function. 

Required Qualifications, Capabilities, and Skills:

Formal training or certification on Cyber intelligence with 5+ years of experience . Excellent communication skills, with the ability to articulate complex cyber threat information to both technical and non-technical audiences. 

Demonstrated ability to create and maintain collaborative relationships in a large, multinational organization.  Advanced critical thinking, analytical, and problem-solving skills. 

Understanding of threat actor Tactics, Techniques, and Procedures (TTPs). 

Experience synthesizing intelligence from multiple sources to provide operational recommendations. 

Experience with Open Source Intelligence (OSINT), Social Media Intelligence (SOCMINT), or Human Intelligence (HUMINT) gathering and analysis. 

Intelligence community or comparable private sector experience. Industry certifications or direct experience in Penetration Testing, Cyber Forensics, Networking, or Cyber Security Operations. 

Experience aligning Business Continuity and Disaster Recovery with cybersecurity controls and operations. Collaborative mindset and ability to work in a fast-paced, cross-functional environment. 

Preferred Qualifications, Capabilities, and Skills:

Experience in cybersecurity incident response, preferably with third-party or supplier environments

Strong understanding of computer networking fundamentals, the OSI model, network protocols (e.g., TCP/IP), and network traffic analysis. 

#CTC