Job Description

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

EDUCATION
Degree or equivalent work experience equally preferable
Degree in computer science, information security, or related discipline
Knowledge in cybersecurity
CERTIFICATIONS
• Certified Ethical Hacker (CEH)
• Certified in Governance, Risk and Compliance (CGRC; formerly Certified Authorization Professional [CAP])
• Certified Information System Auditor (CISA)
• Certified Information Systems Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified Project Management Professional (CPMP)
• GIAC Certified Incident Handler (GCIH)
• GIAC Security Essentials Certification (GSEC)
• Global Information Assurance Certification (GIAC)
• Imperva Database Security Specialist (IDSS)
• Microsoft Certified Software Engineer (MCSE)
• Offensive Security Certified Professional (OSCP)
• Security+
• Six Sigma
• SysAdmin, Audit, Network and Security (SANS)
WORK EXPERIENCE
Technical experience in cybersecurity, insider threat, incident response, security operations, or related information security field
Experience working in encryption engineering, network security, PKI engineering, systems and software security (SSS), threat and vulnerability management (TVM), or related field
FUNCTIONAL SKILLS
Access control conformance, Act independently, Adaptation, Advanced Interactive eXecutive (AIX), Analytical (i.e. technical and non-technical problem-solving), Analytics for decision-making and measurement progress/performance, Analyze various methods controlling information security problems, Apache Cassandra, Apache Hadoop, Apache Spark, Apple MAC, Application security, Infrastructure security, Application software which effect the integrity, functionality, and reliability the Bank's network and systems, Application transaction, Apply information security theories and concepts to specific circumstances, Aptitude to lead complex efforts, Architecture diagrams, Articulate security risks and appropriate controls, Automation through scripting and/or programming, Amazon Web Services (AWS), Azure, Building and operating a data protection and compliance program, Business processes in the financial/government sector, Capdo data analytics and draw risk conclusions based on activities seen, CCPA/CPRA, Certificate management tool Venafi, Continuous Integration/Continuous Delivery (CI/CD), CIS-Benchmark, Cloud encryption solutions, Cloud PKI, Cloud technology solutions, COBIT, Common cybersecurity frameworks, Common OS operation, Communicate clearly and concisely with peers and all levels leadership., Communication and presentation, Complex project management, Conceptual processes and system characteristics in the security space, Convey complex concepts to a broad audience (technical and non-technical), Convey technical findings in simple language, Create a level security awareness throughout the Bank for accountability and responsibility, Create native productivity aids and command scripts, Creative problem solving, Cryptographic implementations at media, CVSS, Cybersecurity, DAM, Data analytics and draw risk conclusions based on activities seen, Data classification solutions, Data protection strategies, Databases security configuration, DB2, Demonstrate vulnerabilities, Determine the strengths and weaknesses each method and implement the best cost-justified solution, Development of insider Threat policies and standards, DevSecOps methodologies, Distributed Denial Service (DDoS) Protection, Documentation writing that present both a business and technical viewpoint, Domain Name System (DNS), Drive vulnerability management reporting, Email Security, Encryption Engineer, Encryption security products, Encryption solutions, Entrepreneurial mindset by applying frameworks for resource alignment on goals and objectives, Evaluate application software which impact the integrity, functionality, and reliability of the bank's network and systems, Evaluate business process which impact the integrity, functionality, and reliability of the bank's network and systems, Evaluate the impact to existing security systems, Exabeam, Excel (VLOOKUP/pivot tables/charts), Explain risk, Extranet networks, Facilitate remediation coaching, Federal Financial Institutions Examination Council's (FFIEC), File Transfer Protocol (FTP) functionality, Firewalls, Formal stand-up presentations to all levels management, GLBA, Gramm-Leach-Bliley Act (GLBA), Hyper Text Transfer Protocol/Secure (HTTP/HTTPs), Identify weak links in information security products, Implement the best cost-justified solution, Implementation of insider Threat policies and standards, Industry trends and current security practices, Influence and communicate cross-functionally all levels management., Information security theories and concepts to specific circumstances, Insider risk management governance, Internet, Internet Relay Chat (IRC), Interpersonal communication, Intrusion Detection System (IDS), ISO 27001, Lead pro-active reviews and self-assessments the policies, Liaise business, Linux, Listener, Log management solutions, Mac, Maintenance of insider Threat policies and standards, Major database platforms, Manage and lead teams multiple individuals, Manage application and infrastructure security assessments, Manage complex projects, Manage information security control assessments, Managing initiatives such as assessments, Mechanics of OS exploits of preventive and detective controls, Methods of controlling information security problems, Microsoft SQL, Mitigate the control deficiencies, Mitigations changes and risks, MITRE ATT&CK framework, Modern security principles and its practical applications., MongoDB, MSSQL, Multifactor Authentication (MFA), MySQL, National Institute of Standards (NIST), Network, Network appliances, Network security, Network traffic analysis, Network/system forensic tools, Networking fundamentals (e.g. TCP/IP) and troubleshooting ., NIST CSF, NIST framework, Nnative productivity aids and command scripts., NoSQL, O365, Operating in hybrid-cloud environment, Operating system (OS) internals, Operating system changes evaluate the impact to existing security systems, Operating systems and their versions and security systems in use at the Bank, Operating systems security configuration, Operational auditing in the financial/government sector, Oracle, Oracle TDE, Oral communications, Organize and establish processes in need of improvement, Outstanding oral and written communications, Oversee workloads and support direct reports to success while meeting objectives senior management, OWASP, Passionate, PCI, Perimeter Network Security, Perl, Positive and driven attitude, PowerShell, Prepare detailed task plans outlining all requirements to complete the given assignment, Presentation, Prioritizing and organizing day to day tasks and needs as appropriate, Proactive mindset and actions, Procedures and systems, Program management, Programming language to automate tasks, Protection and monitoring, Provide leadership and guidance to IT teams in patching and solutions to mitigate security threats, Provide technical direction to other peer staff members, Proxy, Public Key Infrastructure (PKI), Python, Qualys, Rapid7, RegEx, Regulatory and risk partners to satisfy legal and regulatory requirements and avoid risk, Regulatory compliance, Regulatory requirements affecting data integrity, Reliable team management, Report creation, Risk assessments, Router & switches, Ruby, Safenet, Scripting languages, Security analytics toolsets, Security and IT metrics, Security event management tools, Security Information and Event Management (SIEM), Security risks and controls, Security tool sets, Servant leadership showing strength, Set direction, SIEM, SIEM/SOAR management solutions, Software development lifecycle, Software Security (SSS) Specific, Solaris, SOX, Splunk, Splunk Search Language, SQLSERVER, Strategic and operational initiatives, Strategic program development and improvement following current industry security trends and patterns and in alignment business vision and needs, Strengths and weaknesses of each method and implement the best cost-justified solution., Support audit, Support databases, Support MS certificate authority services, Symantec/DLP, Syslog-NG, System security, System vulnerabilities, Technical and non-technical problem-solving, Technical direction to other peer staff members, Technical Security Standards Compliance Specific, Techniques and procedures (TTPs) used by threat actors against endpoints, Technology and leadership partners, Thales, The mechanics OS exploits preventive and detective controls, Threat and vulnerability management (TVM) & Systems, Threat detection, Tooling integrations to support Agile, Tools used to execute a world class offensive Security program, Tools used to execute a world class Perimeter Network Security program, Train new staff on the security team, Transmission Control Protocol/Internet Protocol (TCP/IP), UEBA and related tools, Understand security risks and controls, Unix, Various methods of controlling information security problems, Verbal communication, Visionary, Voltage, Vormetric, Vulnerability scanning tools, Web Application Firewall (WAF), Windows servers and workstations, Wireless Local Area Network (WLAN) Security, Working centralized logging tools, Workload prioritization and organization, Written communication
FOUNDATIONAL SKILLS
Able to work well both independently and as part of a team
Excellent communication skills and ability to adapt to the audience
RESPONSIBILITIES
• Support the design and build an end-to-end network security program which includes issue tracking, issue remediation, key risk and performance indicators, intrusion prevention, anomaly detection, and lead response efforts
• Assist in the integration of network security processes with other functions in EIS to develop hybrid controls to solve complicated challenges
• Support evergreen processes for network security onboarding and recurring testing
• Support baseline security testing framework into part of regression testing
• Address network security control deficiencies in a timely & pragmatic way
• Support the grow and mature the network perimeter security program by leading a team of network security professionals within Enterprise Information Security
• Maintain familiarity with industry trends and security best practices
• Build close relationships with peers within Enterprise Information Security
• Closely collaborate with security architects in developing network security architectural principles, policies, reference stacks, features, and requirements.
• Understand the risk appetite of the firm and appropriately manage and address network security control deficiencies within these parameters
• Provide application security support to development teams, including reviewing and explaining application security tools and processes, providing vulnerability explanations and remediation guidance, and performing basic configuration of scans
• Support the review of SAST false-positive and mitigated by design requests
• Assist in manual SAST scans as required
• Support basic administration of our various security platforms, including approving access requests for application security tools and basic setup and configuration of new and existing applications
• Partner with development teams and release management to review current SAST applications configurations for correctness and completeness
• Ensure processes and procedures are documented and maintained
• Stay up to date on attack intelligence by collaborating internally via our Threat Vulnerability Management (TVM) and Cyber Security Operations Center (CSOC) teams and externally via conferences, virtual training, monitoring attacker forums, reading relevant publications or blogs
• Filter intelligence and share insight relevant to MUFG for both technical and business audiences

Mitsubishi UFJ Financial Group (MUFG) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.