Security Operation Center - VP

Benefits

Additional Information

Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world. With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. EDUCATION - Degree or equivalent work experience equally preferable. - Bachelor's degree in Information Technology, Cyber Security, Computer Science or related discipline CERTIFICATIONS - Minimum of at least one certification in a related security domain such as CISSP, GCIA, GSEC, CISM, EnCE, CEH, GCFA, GCFE, ISSMP, SANS GSEC, or GCIH required WORK EXPERIENCE - Experience working in global, complex, matrix-managed organization - Experience in either : - Incident Response and Forensic Investigations work - Threat and vulnerability management - Cybersecurity Operations or Information Security - Experience working within the Financial Services Industry preferred - Information security experience in the following areas: IT security, incident handling and response, exploit analysis, intelligence gathering, digital forensics methods and procedures - Experience across the following technical concentrations: - -Network-Based Security Controls (Firewall, IPS, WAF, MDS, Proxy, VPN) - -Anomaly Detection and Investigation - -Host and Network Forensics - -Operating Systems - -Web Applications and Traffic - Experienced with EnCase, FTK, SIFT, Splunk, Redline, Volatility, Wireshark, tcpdump, and open-source forensic tools - Experience responding to cyber events in public cloud environments such as AWS, Azure, Google Cloud, etc. - Experience with information security risk management, including conducting information security audits, reviews, and risk assessments. - Experience with patch management solutions - Experience with project management and leading complex projects. - Security experience in all phases of product and service development lifecycle including architecture, design, development, testing, release, and operational maintenance. - Experience with cloud computing security, network, operating system, database, application, and mobile device security - THREAT INTELLIGENCE ROLE SPECIFIC - Experience directly related to development and support of cyber threat intelligence services, providing threat monitoring, assessment and communication of potential and current information security risk and threats (preferable in the financial services industry) - Previous government/military experience with threat intelligence preferred - Experience with threat intelligence and SOC/CIRT interaction - Experience with SIEM big data technology - Splunk experience is highly preferred - Experience with threat intelligence vendors - Experience with EDR technologies - Experience using the third-party cyber threat intelligence platforms FUNCTIONAL SKILLS - Familiar with forensic security tools - Knowledge of Information Assurance concepts and technologies - Ability to document and explain technical details in a concise, understandable manner - Extensive knowledge of vulnerability management and remediation. - A diverse skill base in both product security and information security including organizational structure and administration practices, system development and maintenance procedures, system software and hardware security controls, access controls, computer operations, physical and environmental controls, and backup and recovery procedures. - Detailed knowledge and experience in security and regulatory frameworks (ISO 27001, NIST 800 series, FFIEC, SOC2, FedRAMP, STAR, etc.) - Expertise in numerous security domains including Security Governance and Oversight, Security Risk Management, Network Security, Threat and Vulnerability Management, and Incident Response and Forensics. - THREAT INTELLIGENCE ROLE SPECIFIC - Writing skills that present both a business and technical viewpoint - Knowledge of threat hunting techniques, the intelligence cycle, and analysis methodologies - Understanding of cyber threat actors, advanced cyber threats, and the "kill chain" methodology - Understanding of back-channels typically used by actors for malicious activity - Understanding of how to successfully access networks anonymously, obfuscation techniques and best practices for ensuring device non-attribution - Understanding of vulnerability scanning and reporting - Understanding of security event and incident handling - Understanding of eth