Assistant Vice President, IT Security Analyst
Our IT Security team is currently looking for an experience candidate with the ability to perform a number of security activities such as threat / vulnerability assessment (Qualys), incident response activities, and the ability to communicate and promote security requirements (our headoffice in Tokyo and local EMEA) to a range of stakeholders.
~Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the world’s leading financial groups. Headquartered in Tokyo and with approximately 350 years of history, MUFG has a global network with over 2,300 offices in more than 50 countries. The Group has over 150,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.
Overview of the Department / Section:
IT Security department within ESO covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting HO ISSP requirements and local security requirements. The department supports and monitors security solutions such as virus protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk.
Main Purpose of the Role:
This role requires an experienced IT security person with the ability to perform a number of security activities such as threat/vulnerability assessment (Qualys), incident response activities, and the ability to communicate and promote security requirements (HO and local) to a range of stakeholders. This role is to help develop IT security process/procedures to achieve improved efficiency/effectiveness. The role also requires active involvement in new system project security reviews to ensure security requirements are designed in and delivered as part of Project Systems Development Life Cycle.
The role requires a strong Subject Matter Expert in terms of security operations covering a range of activities from vulnerability management to security monitoring and security alert/incident response activities. Able to work with a heavy diverse workload, and able to communicate effectively with technical teams, Project Managers and stakeholders. Hands on activity on regular operational tasks is also required to support on-going security activities.
About 10% of the role requires involvement on an on-going basis on new system project security reviews. This requires review of design to ensure security requirements are specified (HO and local) and ensuring as the project progresses security is delivered and evidenced. Regular contact is required with projects, evidence of security requirements and delivery must be clearly evidenced. At implementation the system must be security compliant or any exceptions/risks formalised.
The role requires that security processes and procedures be followed covering a range of activities covered by this role: threat/vulnerability assessment, vulnerability management, security monitoring, security alert handing, incident response, etc. The processes/procedures in place must be developed, documented and implemented/operational with evidence of controls produced as KPI and KRI to evidence operational performance.
Skills and Experience:
Functional / Technical Competencies:
Experience and strong knowledge of performing security reviews, Qualys Vulnerability scanning, Qualys Policy Compliance scanning, and ideally Splunk usage for detection/investigation of misuse or incidents.
Strong experience of security operations activities such as vulnerability management, security monitoring, alert/incident response, and security reviews of projects design/deliverables to ensure security requirements are met .
Education / Qualifications:
Ideally CISSP (or equivalent) qualified.
Excellent verbal and written communication skills
Results driven, with a strong sense of accountability
A pro-active, motivated approach.
The ability to operate with urgency and prioritise work accordingly
Strong decision making skills, the ability to demonstrate sound judgement
A structured and logical approach to work
Strong problem solving skills
A creative and innovative approach to work
Excellent interpersonal skills
The ability to manage large workloads and tight deadlines
Excellent attention to detail and accuracy
Flexible and responsive to change
MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.
We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.