MUFG
10072441-WD Threat Detection & Response Tier 2, Associate Vice President
MUFG, Tempe, Arizona, us, 85285
Senior Direct Recruiter at Robert Walters on behalf of MUFG
Job Description
The working hours for this role will be 3pm – 1am EST 4 days per week (Sunday-Wednesday).
Job Summary In this role you will focus on researching potential cybersecurity threats to various systems, technologies, operations, and programs throughout multiple environments. You will perform analysis based on this research to determine the risk to the organization and take appropriate actions based on that analysis. Responsibilities include rapidly responding to potential incidents and events to minimize risk exposure and ensure the confidentiality, integrity, and availability of assets and business processes. Additionally, you will proactively monitor internal and external-facing environments, seek opportunities to strengthen and automate detection and remediation capabilities, reduce response times for incidents, and produce analyses of cybersecurity events that include perspectives on the behavior of adversaries.
Major Responsibilities
Perform cybersecurity threat detection, assessment, and mitigation efforts as part of a 24/7 global team
Investigate potential cybersecurity events across multiple environments using various tools and techniques
Conduct analysis of artifacts to determine methods of intrusion and best course of resolution while driving security improvement
Support the development of information security policies, standards, and procedures
Support inquiries from compliance teams such as IT risk management and internal and external auditors to ensure documentation is complete and processes are in compliance with information security policies
Create reports analyzing activities or trends both within and outside of the organization
Support the development of security operations detections, playbooks, and automations to ensure threat detection, monitoring, response, and forensics activities align with best practices, minimize gaps in detection and response, and provide comprehensive mitigation of threats
Review internal logs and alerts to identify potential cybersecurity events. Triage cases based on output from automated alerts, and determine when to elevate to other teams
Monitor external service provider activity to detect potential cybersecurity events
Analyze security data from all systems in real time to spot and thwart potential threats, attacks, and other violations
Lead projects to increase the firm’s security posture
Analyze compromised systems and remediate to a clean state
Perform breach indicator assessments to investigate network traffic for malicious activity
Perform threat hunting across the environment to attempt to detect any adversary activity
Support incident response activities across MUFG’s global network
Assist in the production of various reports which identify and analyze relevant upcoming and ongoing threats to the enterprise
Research evolving threats, techniques, tools, and vulnerabilities in support of information security efforts
Stay current with information security program developments, industry frameworks, changes in the company, industry trends, and current security practices
Support inquiries from compliance teams such as IT risk management and internal and external auditors to ensure documentation is complete and processes are in compliance with information security policies
Qualifications
Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or related discipline or equivalent work experience
5+ years of experience working in Cybersecurity Operations or Information Security
Relevant technical and industry certifications, such as CISSP, ISSMP, GCIA, CISM, CEH, GCFA, GCFE, GCIH, or GSEC are preferred
Experience in one or more security domains including Security Governance and Oversight, Security Risk Management, Network Security, Threat and Vulnerability Management, or Incident Response and Forensics preferred
Experience with information security risk management, including information security audits, reviews, and risk assessments
Desired Skills
Experience with security data collection, analysis and correlation
Well-developed analytic, qualitative, and quantitative reasoning skills
Demonstrated creative problem-solving abilities
Security event monitoring, investigation, and overall incident response process
Strong time management skills to balance multiple activities and lead junior analysts as needed
Understanding of offensive security to include common attack methods
Understanding of how to pivot across multiple datasets to correlate artifacts for a single security event
A diverse skill base in both product security and information security including organizational structure and administration practices, system development and maintenance procedures, system software and hardware security controls, access controls, computer operations, physical and environmental controls, and backup and recovery procedures.
Detailed knowledge and experience in security and regulatory frameworks (ISO 27001, NIST 800 series, FFIEC, SOC2, FedRAMP, STAR, etc.)
Ability to guide and mentor junior analysts in investigations
Understanding of enterprise detection and response technologies and processes (advanced threat detection tools, intrusion detection/prevention systems, network packet analysis, endpoint detection and response, firewalls, anti malware/anti-virus, Security Information and Event Management tools, etc.)
Experienced with Endpoint Detection & Response, email security, web application firewall, and cloud security tooling
Ability to perform risk analysis utilizing logs and other information compiled from various sources
Understanding of network protocols, operating systems (Windows, Unix, Linux, MacOS, databases), and mobile device security
Knowledge of the various types of cyber-attacks and their implementations
A fundamental understanding of enterprise cybersecurity frameworks such as MITRE ATT&CK and Cyber Kill Chain
Ability to document and explain technical details in a concise, understandable manner
Experience in operational processes such as security monitoring, data correlation, troubleshooting, security operations, etc.
The typical base pay range for this role is between $104K - $131K depending on job‑related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance‑based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays.
MUFG Benefits Summary Health insurance, vision insurance, 401(k), pension plan, paid maternity leave.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Investment Banking
#J-18808-Ljbffr
The working hours for this role will be 3pm – 1am EST 4 days per week (Sunday-Wednesday).
Job Summary In this role you will focus on researching potential cybersecurity threats to various systems, technologies, operations, and programs throughout multiple environments. You will perform analysis based on this research to determine the risk to the organization and take appropriate actions based on that analysis. Responsibilities include rapidly responding to potential incidents and events to minimize risk exposure and ensure the confidentiality, integrity, and availability of assets and business processes. Additionally, you will proactively monitor internal and external-facing environments, seek opportunities to strengthen and automate detection and remediation capabilities, reduce response times for incidents, and produce analyses of cybersecurity events that include perspectives on the behavior of adversaries.
Major Responsibilities
Perform cybersecurity threat detection, assessment, and mitigation efforts as part of a 24/7 global team
Investigate potential cybersecurity events across multiple environments using various tools and techniques
Conduct analysis of artifacts to determine methods of intrusion and best course of resolution while driving security improvement
Support the development of information security policies, standards, and procedures
Support inquiries from compliance teams such as IT risk management and internal and external auditors to ensure documentation is complete and processes are in compliance with information security policies
Create reports analyzing activities or trends both within and outside of the organization
Support the development of security operations detections, playbooks, and automations to ensure threat detection, monitoring, response, and forensics activities align with best practices, minimize gaps in detection and response, and provide comprehensive mitigation of threats
Review internal logs and alerts to identify potential cybersecurity events. Triage cases based on output from automated alerts, and determine when to elevate to other teams
Monitor external service provider activity to detect potential cybersecurity events
Analyze security data from all systems in real time to spot and thwart potential threats, attacks, and other violations
Lead projects to increase the firm’s security posture
Analyze compromised systems and remediate to a clean state
Perform breach indicator assessments to investigate network traffic for malicious activity
Perform threat hunting across the environment to attempt to detect any adversary activity
Support incident response activities across MUFG’s global network
Assist in the production of various reports which identify and analyze relevant upcoming and ongoing threats to the enterprise
Research evolving threats, techniques, tools, and vulnerabilities in support of information security efforts
Stay current with information security program developments, industry frameworks, changes in the company, industry trends, and current security practices
Support inquiries from compliance teams such as IT risk management and internal and external auditors to ensure documentation is complete and processes are in compliance with information security policies
Qualifications
Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or related discipline or equivalent work experience
5+ years of experience working in Cybersecurity Operations or Information Security
Relevant technical and industry certifications, such as CISSP, ISSMP, GCIA, CISM, CEH, GCFA, GCFE, GCIH, or GSEC are preferred
Experience in one or more security domains including Security Governance and Oversight, Security Risk Management, Network Security, Threat and Vulnerability Management, or Incident Response and Forensics preferred
Experience with information security risk management, including information security audits, reviews, and risk assessments
Desired Skills
Experience with security data collection, analysis and correlation
Well-developed analytic, qualitative, and quantitative reasoning skills
Demonstrated creative problem-solving abilities
Security event monitoring, investigation, and overall incident response process
Strong time management skills to balance multiple activities and lead junior analysts as needed
Understanding of offensive security to include common attack methods
Understanding of how to pivot across multiple datasets to correlate artifacts for a single security event
A diverse skill base in both product security and information security including organizational structure and administration practices, system development and maintenance procedures, system software and hardware security controls, access controls, computer operations, physical and environmental controls, and backup and recovery procedures.
Detailed knowledge and experience in security and regulatory frameworks (ISO 27001, NIST 800 series, FFIEC, SOC2, FedRAMP, STAR, etc.)
Ability to guide and mentor junior analysts in investigations
Understanding of enterprise detection and response technologies and processes (advanced threat detection tools, intrusion detection/prevention systems, network packet analysis, endpoint detection and response, firewalls, anti malware/anti-virus, Security Information and Event Management tools, etc.)
Experienced with Endpoint Detection & Response, email security, web application firewall, and cloud security tooling
Ability to perform risk analysis utilizing logs and other information compiled from various sources
Understanding of network protocols, operating systems (Windows, Unix, Linux, MacOS, databases), and mobile device security
Knowledge of the various types of cyber-attacks and their implementations
A fundamental understanding of enterprise cybersecurity frameworks such as MITRE ATT&CK and Cyber Kill Chain
Ability to document and explain technical details in a concise, understandable manner
Experience in operational processes such as security monitoring, data correlation, troubleshooting, security operations, etc.
The typical base pay range for this role is between $104K - $131K depending on job‑related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance‑based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays.
MUFG Benefits Summary Health insurance, vision insurance, 401(k), pension plan, paid maternity leave.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Investment Banking
#J-18808-Ljbffr