Sr. Security Engineer, Tanium/AWS/Qualys - AVP

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve.

We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility.

This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.

RESPONSIBILITIES

• Develop guidelines for the usage, control, maintenance and audit-readiness of information and computer resources that are used in the distributed processing environment.
• Analyze and addressing security gaps for technologies within the Bank’s infrastructure
• Identify distributed systems security issues as they arise and coordinate with the technology owners to ensure that issues are addressed and resolved in a timely basis.
• Execute technical risk assessment activities for scoped environments
• Perform reporting of findings, issue resolution and management of findings
• Support FLOD / SLOD assessments, audits and external exams
• Provide effective, accurate and timely reporting
• Perform Information Security remote / table-top assessments
• Identify high risks finding and lead risk findings to resolution
• Identifying control deficiencies by analyzing and identifying underlying root causes
• Designing, implementing, and collaborating on a range of information security metrics and performance reports
• Assisting stakeholders in identifying, initiating, and tracking corrective actions to address anomalies
• Analyze control results in an objective and quantifiable manner
• Produce detailed documentation of assessments and perform threat analysis of gaps identified
• Communicate vendor information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks
• Validate evidence from vendors, before remediation plans are closed

FUNCTIONAL SKILLS

Understanding of one or more compliance frameworks : CIS, NIST, FFIEC, GLBA, SOX, PCI, etc

Extensive experience with core vulnerability management tools (e.g. Tanium, Tenable, Rapid7, Qualys, etc.).

Familiarity with one or more of the following technology areas is highly desirable :

Cloud services, (AWS, Azure, etc.)

Containers

Network infrastructure (technologies, architectures, operations)

Various network and host-based security products and services

Active Directory, servers, services, desktops and mobile devices

Unix, Linux, AIX

SQL, Oracle, DB2 Databases

• Ability to perform technical risk assessments and synthesize observations at a macro level, identifying indicators of changing risk and / or symptoms of process or control deficiencies
• Ability to identify and propose process and technology controls in dynamic environments
• Working knowledge and experience applying Information Assurance techniques to the implementation of complex networked systems environments and enterprise-wide systems
• In-depth knowledge of applying network switching, TCP / IP, IP Addressing and Routing, WAN Technologies, Operating and Configuring networked Devices, and Managing Network Environments, extending Switched Networks with VLANS, Determining IP Routes, Managing IP traffic with Access Lists, Establishing Point-to-Point connections, and Establishing Frame
• Demonstrate in-depth knowledge of concepts, best practices and controls in a breadth of information security areas / domains;

these information security areas include risk management, access control, cryptography, physical security, security architecture and design, network security, application and operations security and compliance / incident management.

Proficient working knowledge within the following risk domains / technologies :

Database and application security

Firewall technologies

Network Architecture

Database / Application / Network Layer Secure Protocols

Change Management

Vulnerability Management

System Configuration Management

Cloud Configuration Management

WORK EXPERIENCE

• 5 years’ experience in cybersecurity assessment activities or IT audit, penetration testing, and / or vulnerability management
• 5 years Prior information technology (IT) experience in mid or large-scale companies
• Experience with one or more of the following control areas :

Secure Coding

Vulnerability Management

Configuration Management

Policy Compliance

Experience in performing information security assessments; provide information security guidance to business stakeholders;

interpreting and applying information security policy and standards

• Technical knowledge and hands on experience with security and networking architecture, network security design, routers, wireless security, intrusion prevention / detection, firewall architecture, SIEM, DLP, and encryption
• Knowledge and prior experience with operating systems internals (Linux, Windows), network protocols and technologies, web services, databases, scripting, and programming languages (C / C++, Java, Perl, Python, Assembly)

EDUCATION

Degree in Computer Science or related fields

CERTIFICATIONS

Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or other security certifications desired

The typical base pay range for this role is between $100K - $125K depending on job-related knowledge, skills, experience and location.

This role may also be eligible for certain discretionary performance-based bonus and / or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays.

For more information on our Total Rewards package, please click the link below.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business.

We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.