Assistant Vice President, Threat Detection and Response Specialist

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

As an Incident Response specialist, you will occupy a crucial position in our global Incident Response Team.  Your responsibilities include rapidly responding to potential incidents and events to minimize risk exposure and ensure confidentiality, integrity, and availability of assets and business processes. Additionally, you will proactively monitor internal and external-facing environments, seek opportunities to strengthen and automate detection and remediation capabilities, reduce response times for incidents, and produce analyses of cybersecurity events that include perspectives on the behavior of adversaries. 

Job Responsibilities 

• Conduct analysis of artifacts and compromised systems to determine intrusion methods, remediate to a clean state, and drive security improvements.
• Investigate potential cybersecurity events across multiple environments using various tools and techniques, including reviewing internal logs and alerts to identify and triage cases, escalating when necessary.
• Analyze security data in real-time to detect and thwart potential threats, attacks, and other violations, while performing breach indicator assessments to investigate network traffic for malicious activity.
• Assist with internal or third-party employee investigations and support the production of reports analyzing relevant threats to the enterprise.
• Research evolving threats, techniques, tools, and vulnerabilities to support information security efforts and stay current with industry trends and security practices.
• Support compliance inquiries from IT risk management and auditors, ensuring documentation is complete and processes comply with information security policies.
• Contribute to the development of security operations detections, playbooks, and automations to ensure threat detection, monitoring, response, and forensics activities align with best practices and provide comprehensive threat mitigation.
• Participate in Table-top exercises and attack simulation exercises organized by internal and external stakeholders.

Job Requirements:

• Min 6 years of experience working in the Cybersecurity Operations or Information Security 
• Possessed technical and industry certifications, such as GCFA, GCFE, GCIH, GCIA, CISSP, ISSMP, CISM, CEH, or GSEC are preferred 
• Experience in Security Operation Center, Incident Response and Computer Forensics.
• Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or related discipline  
• Strong knowledge and experience in Incident Response including security event triage, investigation, containment, recovery and the overall incident response process.
• Proficient in operating systems (Linux, Windows), network security, application security and mobile device security.
• Experience with security data collection, analysis, correlation, and risk analysis using logs and various data sources.
• Well-developed analytical, qualitative, and quantitative reasoning skills, with demonstrated creative problem-solving abilities.
• Understanding of offensive security, common attack methods, and the ability to pivot across multiple datasets to correlate artifacts for a single security event.
• Diverse skill base in product and information security, including system development, maintenance procedures, and security controls.
• Detailed knowledge of security and regulatory frameworks (ISO 27001, NIST 800 series, etc.) and enterprise detection and response technologies (advanced threat detection tools, intrusion detection/prevention systems, etc.).
• Experience with tools like CrowdStrike, Microsoft Defender, Tanium, Proofpoint, and open-source incident response and forensic tools.
• Ability to document and explain technical details concisely and understandably.
• Strong time management skills to balance multiple activities and lead junior analysts as needed.
• Fundamental understanding of enterprise cybersecurity frameworks such as MITRE ATT&CK and Cyber Kill Chain.

Mitsubishi UFJ Financial Group (MUFG) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.