Red Team Operator

Location: LONDON, United Kingdom

Job Family: Cybersecurity Operations

About the Role

JPMC’s Assurance Operations organization is at the forefront of safeguarding one of the world's leading financial institutions against evolving cyber threats. We are seeking an experienced Red Team Operator to join our Cybersecurity Red Team in London, United Kingdom. In this critical role, you will simulate sophisticated cyberattacks to test and strengthen our defenses, ensuring the resilience of JP Morgan Chase's global banking operations. As a key player in our proactive security strategy, you will contribute to maintaining trust with clients and regulators by identifying vulnerabilities before they can be exploited by adversaries. This position offers the opportunity to work on high-impact projects in a dynamic environment that values innovation and collaboration within the financial services industry. Your primary focus will be on designing and executing realistic red team engagements that mimic threats such as advanced persistent threats, insider risks, and supply chain compromises tailored to the banking sector. You will leverage cutting-edge tools and techniques to probe networks, applications, and physical perimeters, while adhering to strict ethical and regulatory standards like those set by the FCA and GDPR. Collaborating closely with blue teams, incident responders, and senior leadership, you will provide actionable insights that drive enhancements in our cybersecurity posture. This role demands a blend of technical expertise and strategic thinking to address the unique challenges of securing sensitive financial data and infrastructure. At JP Morgan Chase, we prioritize professional growth and work-life balance, offering a supportive culture where your contributions directly impact our mission to enable the world's leading companies, governments, and institutions to achieve their most important goals. Joining our London team, you will benefit from exposure to diverse projects across asset management, investment banking, and commercial services. If you are passionate about offensive security and ready to make a difference in financial cybersecurity, we encourage you to apply and help us stay ahead of tomorrow's threats today.

Key Responsibilities

• Plan and execute red team exercises to simulate advanced persistent threats against JP Morgan Chase's infrastructure and applications
• Identify and exploit vulnerabilities in network, application, and physical security controls within the financial services ecosystem
• Collaborate with blue teams and assurance operations to validate defensive measures and recommend improvements
• Document findings in detailed reports, including risk assessments tailored to regulatory compliance in the UK and EU
• Develop custom attack scenarios mimicking real-world threats to banking systems, such as phishing, ransomware, or supply chain attacks
• Conduct post-exercise debriefs and remediation tracking to enhance overall cybersecurity posture
• Stay abreast of emerging threats in the financial sector and integrate them into red team strategies
• Mentor junior team members on offensive security techniques while adhering to ethical guidelines
• Ensure all operations comply with JP Morgan Chase's internal policies and legal standards
• Participate in cross-functional initiatives to integrate red team insights into enterprise risk management

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Minimum of 5 years of experience in penetration testing, red teaming, or offensive security operations
• Proven track record of conducting simulated cyberattacks in a financial services or high-security environment
• Strong understanding of regulatory requirements such as GDPR, PCI-DSS, and FCA guidelines relevant to UK financial institutions
• Experience with vulnerability assessment tools and methodologies in a corporate setting
• Ability to obtain necessary security clearances and certifications for working in a banking environment
• Familiarity with agile methodologies and incident response in fast-paced operational teams

Preferred Qualifications

• Advanced certifications such as OSCP, OSCE, or CREST Registered Penetration Tester
• Experience in red teaming for global financial institutions, including simulations of insider threats
• Knowledge of cloud security in AWS, Azure, or hybrid environments used by JP Morgan Chase
• Prior work in a Big Four consulting firm or similar, focusing on financial sector cybersecurity
• Master's degree in Cybersecurity or equivalent advanced education

Required Skills

• Proficiency in penetration testing tools like Metasploit, Burp Suite, and Nmap
• Expertise in scripting languages such as Python, Bash, or PowerShell for automation
• Deep knowledge of network protocols, web application security, and API vulnerabilities
• Experience with social engineering and physical security assessments
• Strong analytical and problem-solving skills for complex threat simulations
• Excellent communication skills for reporting to non-technical stakeholders
• Understanding of financial regulations and compliance frameworks
• Ability to work collaboratively in a team-oriented environment
• Adaptability to evolving cybersecurity threats in the banking industry
• Attention to detail in documenting exploits and remediation steps
• Familiarity with SIEM tools and log analysis for evasion techniques
• Project management skills for coordinating multi-phase red team operations
• Ethical hacking mindset with a commitment to responsible disclosure
• Knowledge of cloud-native security tools like AWS GuardDuty or Azure Sentinel
• Interpersonal skills for mentoring and knowledge sharing within Assurance Operations

Benefits

• Competitive base salary and performance-based annual bonuses
• Comprehensive health, dental, and vision insurance coverage
• Generous retirement savings plan with company matching contributions
• Paid time off including vacation, sick leave, and parental leave
• Professional development opportunities, including certifications and training reimbursements
• Employee assistance programs for mental health and well-being support
• Hybrid work model with flexibility for London-based roles
• Access to JP Morgan Chase's global wellness programs and fitness reimbursements

JP Morgan Chase is an equal opportunity employer.