AMVETS Jobs

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.

Responsibilities:

• As a Cybersecurity specialist, you will be responsible to assess and enhance the MUFG working environment by establishing a system of governance, evaluating existing and future risk, and validating compliance to Information Security standards and policies

• Develop and perform processes for the Insider Threat program, including triage anomalous events, evaluate reports, respond/analyze threats, and leverage response playbooks with key stakeholders

• Crosswalks security governance leveraging multiple security compliance frameworks and regulations to ensure holistic governance strategy

• Provides Incident Response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary

• Build, implement, and maintain processes, workflows, and technologies to detect and respond to high-risk insider activities

• Evaluate existing behavioral constructs of detecting potential insider threats for applicability and effectiveness

• Develop security and security-related governance (e.g., policies, standards, and processes) as required

• Periodically reviews and updates MUFG Information security governance documents and training materials to ensure they remain current and relevant

• Conducts comprehensive risk assessments, security-related control assessments, and compliance audits to identify technology and security program risks

• Work closely with key stakeholders and security awareness teams to help identify top risks and identify new threat tactics, techniques and procedures used by cyber threat actors related to employees that may lead to compromise and exfiltration of sensitive information

• Write clear, concise, and timely intelligence products that identify, analyze, and collate disparate pieces of information to develop baseline of normal user and network device behavior

Experience

• 5-6 years of overall technical experience in either reverse engineering/malware analysis, insider threat, threat intelligence, incident response, security operations, or related information security field

• 5-6 years experience in information security operation, working knowledge of regulatory or legal requirements, and security standards that may impact information security

• Previous experience with Insider Risk and/or Risk Management data analysis

• 2+ years of experience in application design/engineering, including but not limited to programming/scripting, Windows/Linux system administration, relational database management system (RDBMS)/NoSQL database administration, etc.

• Understanding core concepts, including asset inventory, privileged accounts, identity and system access, separation of duties, and least privilege whenever possible

• Experience in the banking or finance industries preferred

• Must effectively deal with rapid technological and business changes while maintaining enthusiasm, displaying sound judgement, and being a complex problem solver

• Direct experience of analyzing malware, must have a solid understanding of dynamic/static analysis of malware

• Experience in encryption/obfuscation and how to reverse it is desired, but not required

• Experience in building data analytic processes and procedure

Skills & Competencies

• Experience designing, implementing, and executing IT Risk Management projects, Information Security, governance, tools, and technologies across complex, large-scale environments

• Experience writing IT risk assessments and controls, and developing Information Security policies, procedures including Exception Management Processes

• Assist the Insider Threat team to develop data classification policies, standards, and guidelines

• Ability to build and maintain strong relationships across departments/teams and effectively communicate solution designs to stakeholders and leadership

• Strong knowledge of cyber risk and cybersecurity principles, including familiarity with relevant laws, regulations, and standards such as FISMA, CIS and NIST

• Experience consulting with business and technology partners on general security requirements, network controls and best practices

• Experience with Governance, Risk & Compliance (GRC) tools

• Experience with MS Office 365 (Word, Excel, PowerPoint, Outlook), Teams, SharePoint, Visio, QuickBase, Confluence and IBM Watson

• Strong technical writing, research, analysis, and analytical/problem solving skills

• Strong organizational skills, including the ability to drive adherence to cybersecurity processes and tools and to keep focus on multiple tracks of work and open issues in parallel

• A balance of technical understanding of threat detection technology and service delivery skills

• Security and IT metrics experience a plus; report creation abilities strongly desired

• Excellent communication skills and ability to adapt to technical and non-technical audiences

Education & Certifications

Bachelor's degree in Information Security or a closely related discipline, or equivalent related experience

Nice to have: Carnegie Mellon University Certified Insider Threat Program Manager (ITPM), CISSP, CISA, CISM, CRISC or related SANS certification

The typical base pay range for this role is between $121K - $142K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.

MUFG Benefits Summary (https://careers.mufgamericas.com/sites/default/files/document/2023-01/mb-live-well-work-well.pdf)

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.

At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!

Our Culture Principles

• Client Centric

• People Focused

• Listen Up. Speak Up.

• Innovate & Simplify

• Own & Execute