Assessments & Exercises Lead - Penetration Testing

Location: Bengaluru, Karnataka, India

Job Family: Software Engineering

About the Role

At JP Morgan Chase, we are at the forefront of financial services innovation, and our cybersecurity teams play a pivotal role in safeguarding our global operations against sophisticated threats. As the Assessments & Exercises Lead - Penetration Testing in our Bengaluru office, you will spearhead efforts to simulate real-world cyber attacks, uncover vulnerabilities, and drive the evolution of our protective strategies. This role within the Software Engineering category demands a blend of technical expertise and strategic leadership to ensure our banking systems remain resilient in an ever-changing threat landscape. You will contribute to leading-edge initiatives that not only protect client assets but also advance the firm's commitment to regulatory excellence and operational integrity. In this position, you will lead comprehensive penetration testing programs, coordinating red team exercises that mimic advanced persistent threats targeting financial infrastructures. Working closely with cross-functional teams, including risk management and compliance experts, you will analyze assessment results to recommend actionable improvements that enhance system defenses and align with standards like PCI-DSS and SOX. Your work will directly impact JP Morgan Chase's ability to maintain trust with clients and regulators, fostering a culture of proactive security in one of the world's largest financial institutions. Based in Bengaluru, Karnataka, India, you will collaborate with global counterparts to integrate local insights into enterprise-wide security protocols. We seek a dynamic leader passionate about cybersecurity in the financial sector, with the ability to mentor teams and propel continuous improvement. This role offers the opportunity to innovate within a supportive environment at JP Morgan Chase, where your contributions will help secure the future of banking. Join us to advance protective strategies that define industry leadership.

Key Responsibilities

• Lead the design, planning, and execution of penetration testing assessments and red team exercises to identify vulnerabilities in JP Morgan Chase's systems
• Collaborate with cybersecurity teams to develop and implement advanced protective strategies against evolving threats in the financial sector
• Conduct thorough post-exercise debriefs and recommend remediation actions to enhance system resilience and compliance
• Mentor junior penetration testers and foster a culture of continuous improvement in security practices
• Integrate findings from assessments into broader risk management frameworks aligned with regulatory requirements
• Simulate sophisticated cyber attacks to test the effectiveness of defensive measures across banking applications and infrastructure
• Stay abreast of emerging threats and technologies to propel innovative security solutions at JP Morgan Chase
• Prepare detailed reports on assessment outcomes for senior stakeholders, ensuring alignment with corporate governance standards
• Coordinate with global teams in Bengaluru and other locations to ensure consistent application of security protocols

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Minimum of 5 years of experience in penetration testing, ethical hacking, or cybersecurity assessments
• Proven track record in leading red team exercises and vulnerability assessments in a financial services environment
• Strong understanding of regulatory compliance standards such as PCI-DSS, GDPR, and SOX relevant to banking security
• Experience with penetration testing tools and methodologies in a large-scale enterprise setting
• Ability to obtain relevant security certifications and clearances
• Excellent communication skills to collaborate with cross-functional teams in a global financial institution

Preferred Qualifications

• Advanced certifications such as OSCP, CEH, or CISSP
• Experience in the financial services industry, particularly with risk management in banking operations
• Familiarity with JP Morgan Chase's security frameworks and tools
• Master's degree in Cybersecurity or a related discipline
• Prior leadership role in conducting simulated cyber attack exercises for resilience testing

Required Skills

• Proficiency in penetration testing tools such as Metasploit, Burp Suite, and Nmap
• Expertise in vulnerability scanning and exploitation techniques
• Knowledge of network security protocols and secure coding practices
• Strong analytical skills for identifying and prioritizing security risks
• Experience with scripting languages like Python or Bash for automation
• Understanding of cloud security in AWS, Azure, or similar environments
• Familiarity with financial industry regulations and compliance auditing
• Leadership and team management abilities
• Excellent problem-solving and critical thinking skills
• Effective verbal and written communication for technical reporting
• Adaptability to fast-paced, high-stakes environments
• Attention to detail in documenting and analyzing security findings
• Collaboration skills for working with diverse, international teams
• Project management experience using Agile or similar methodologies

Benefits

• Competitive base salary and performance-based bonuses reflective of JP Morgan Chase's commitment to excellence
• Comprehensive health, dental, and vision insurance coverage for employees and dependents
• Retirement savings plan with generous company matching contributions
• Paid time off including vacation, sick leave, and parental leave policies
• Professional development opportunities through internal training programs and certification reimbursements
• Employee wellness programs including gym memberships and mental health support
• Flexible work arrangements and hybrid options for work-life balance
• Access to JP Morgan Chase's global mobility programs for career advancement

JP Morgan Chase is an equal opportunity employer.