Digital Forensics Vice President - IR Investigator

Shape the future of cybersecurity through advanced digital forensics, contributing to firm-wide innovation and security.

As a Digital Forensics Vice President in the Cybersecurity Technology and Controls line of business, you will enhance the firm's cybersecurity posture through the collection, preservation, and examination of digital evidence. Your expertise in digital forensics principles and practices supports incident response efforts, litigation, and regulatory proceedings. Your expertise will enable you to make strategic decisions to reduce firm-wide risks. Fostering collaboration and leveraging advanced technical knowledge, you contribute to innovative solutions and continuous improvement in the digital landscape.

You will be joining a team where cutting-edge digital forensics meets high-stakes incident response. You’ll dive into real-world cyber threats, work alongside passionate experts, and make a tangible impact every single day. If you’re ready to chase down attackers, uncover digital evidence, and be part of a crew that thrives on solving complex problems under pressure—this is where you belong.

Job responsibilities:

• Develop and implement innovative forensic research and development projects to stay ahead of emerging technologies and enhance cybersecurity posture
• Define and execute procedures for identifying, managing, collecting, preserving, analyzing, and documenting findings
• Develop and implement digital-forensics and data-protection security solutions and standards, adhering to industry best practices
• Design and customize audit procedures for JPMorgan Chase’s digital forensics environment, evaluate incident response and evidence handling procedures, and provide improvement recommendations
• Collaborate with Legal, Technology, and HR to support incident response, litigation, and regulatory proceedings
• Use host-based and network forensic capabilities to develop information regarding IOCs and TTPs for threat actors and malware, which can be shared amongst other internal teams
• Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents
• Prepare in-depth investigation reports into forensic investigations, breach reports, privacy incidents and data exposure type cases
• Assist with the development of in-house training programs to ensure world class high-tech investigation standards

Required qualifications, capabilities, and skills:

• 5 years of experience in digital forensics, incident response, e-discovery, and malware analysis
• A proven track record in live digital forensics, log-file analysis, and network forensics. 
• Expertise in multiple scripting languages (e.g., Python, Bash, JavaScript, PowerShell, etc.) and ability to create, debug, and modify scripts to automate tasks and manipulate data
• Advanced knowledge of digital forensics tools and techniques, including memory forensics, network traffic analysis, and reverse engineering of malware
• Proven ability to develop digital forensics solutions and standards
• Capable of performing forensic examinations independently or collaboratively within a team.
• Demonstrates strong attention to detail in forensic analysis, with the ability to meticulously document findings to support investigations.
• Possesses excellent written and verbal communication skills, with the ability to clearly explain forensic findings in non-technical terms.
• Able to work effectively under pressure in time-sensitive situations.

Preferred qualifications, capabilities, and skills:

• Proficient in conducting forensic investigations in cloud-based environments, including AWS, Azure, and GCP.
• Experienced with industry-standard forensic tools such as X-Ways, FTK, Volexity Surge, EnCase, Volatility, and Wireshark.
• Skilled in coordinating with and earning the trust of business stakeholders to achieve desired outcomes.
• Holds industry-standard certifications such as CCE, CFCE, GCFA, GCFE, GIME, GNFA, GCIH, and GREM.
• Exhibits a strong investigative mindset, essential for uncovering and analyzing complex forensic evidence.