JPMorganChase · 6 days ago
Social Engineering Red Team Operator
Washington, DC
Full-time
Onsite
Senior Level
$152K/yr - $260K/yr
5+ years expJPMorganChase is one of the oldest financial institutions, and they are seeking a Social Engineering Red Team Operator to enhance the firm's cybersecurity posture. The role involves managing offensive security activities, conducting social engineering assessments, and collaborating with cross-functional teams to improve security strategies and risk management.
Asset ManagementBankingFinancial Services
Responsibilities
Perform and manage hands-on offensive security activities leveraging social engineering skillsets as part of Red Team engagements against critical JPMC assets
Continuously update and expand knowledge of emerging social engineering tactics, techniques, and procedures used by threat actors. Leverage expertise to conduct thorough social engineering assessments. Routinely provide subject matter expertise to enhance the firm's educational and training programs
Produce comprehensive reports detailing cybersecurity and social engineering vulnerabilities, threats, and mitigation strategies. Effectively communicate complex technical and social engineering-related information to diverse audiences, including senior leadership, through clear written reports and engaging visual presentations
Design and execute testing and simulations – such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations, and contribute to the development and refinement of assessment methodologies, tools, and frameworks to ensure alignment with the firm’s strategy and compliance with regulatory requirements
Evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation
Collaborate closely with cross-functional teams to develop comprehensive assessment reports – including detailed findings, risk assessments, and remediation recommendations – making data-driven decisions that encourage continuous improvement
Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations. Apply this knowledge to enhance the firm's assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics
Qualification
Required
5+ years of experience in cybersecurity or resiliency, with demonstrated exceptional organizational skills to plan, design, and coordinate the development of offensive security testing, assessments, or simulation exercises
Knowledge of US financial services sector cybersecurity or resiliency organization practices, operations risk management processes, principles, regulations, threats, risks, and incident response methodologies
Ability to identify systemic security or resiliency issues as they relate to threats, vulnerabilities, or risks, with a focus on recommendations for enhancements or remediation, and proficiency in multiple security assessment methodologies (e.g., Open Worldwide Application Security Project (OWASP) Top Ten, National Institute of Standards and Technology (NIST) Cybersecurity Framework), offensive testing tools, or resiliency testing equivalents
Experience planning and executing social engineering assessments, including phishing, vishing, smishing, pretexting, baiting, and other tactics
Understanding of human psychology, with a strong knowledge of psychological principles and techniques used to influence and manipulate human behavior
Excellent communication, collaboration, and report writing skills, with the ability to influence and engage stakeholders across various functions and levels
Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
Broad experience in multiple businesses or verticals, with organizational and cultural understanding of call centers, payments processes, client service/sales organizations, and operational support staff
The ability to articulate and visually present complex technical and fraud subject matter to a wide and senior audience
Ability to analyze and produce reports about cybersecurity and fraud vulnerabilities, threats, designs, and procedures
Candidate should have the ability to perform targeted, covert security tests with vulnerability identification, exploitation, and post-exploitation activities
Preferred
Social engineering background (or intelligence, law enforcement, or similar experience)
Experience in data analysis and visualization, including dashboard development
Intermediate to advanced knowledge and hands-on experience with scripting, with a strong emphasis/proficiency in Python
Experience with AI/ML technologies and tools and operationalizing their use in Red Teaming (e.g., developing video and audio deepfakes, etc.)
Benefits
Comprehensive health care coverage
On-site health and wellness centers
A retirement savings plan
Backup childcare
Tuition reimbursement
Mental health support
Financial coaching
Company
JPMorganChase
With a history tracing its roots to 1799 in New York City, JPMorganChase is one of the world's oldest, largest, and best-known financial institutions—carrying forth the innovative spirit of our heritage firms in global operations across 100 markets.
10001+ employees
H1B Sponsorship
JPMorganChase has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3471)
2024 (3469)
2023 (3395)
2022 (3594)
2021 (2515)
2020 (2495)
Funding
Current Stage
Public CompanyTotal Funding
unknown1998-02-01IPO
Leadership Team
Allison Beer
CEO of Card Services and Connected Commerce
Dan Mendelson
CEO, Morgan Health
Recent News
2026-01-13
2026-01-08
Crunchbase News
2026-01-08
Company data provided by crunchbase