Apply on Employer Site

MUFG · 1 day ago

CyberSecurity Threat Detection & Response (Splunk, SIEM), Associate Vice President

Jersey City, NJ

Full-time

Hybrid

Mid, Senior Level

$110K/yr - $135K/yr

5+ years exp

Mitsubishi UFJ Financial Group (MUFG) is one of the world’s leading financial groups, striving to make a difference for every client and community. The Threat Detection and Response Engineer will play a crucial role in the Security Operations center, focusing on developing and implementing strategies to identify and respond to cyber threats effectively.

Financial Services

Responsibilities

Collaboration and Innovation: Work closely with cross-functional teams, including Threat Intelligence, Incident Response, Forensics and Security Operations to collaboratively craft custom security use cases founded on the principles of global security frameworks. Harnessing the collective intelligence to device strategies that yield valuable results

Draw upon your comprehensive understanding of the cyber landscape to design and execute advanced detection and response strategies, employing an array of sophisticated security tools and technologies. Your solutions will serve as the first line of defense, minimizing potential risks and vulnerabilities

Apply your extensive knowledge of attack patterns, tactics and techniques to conduct in-depth analysis of cyber threats. Unearth the subtle nuances that set apart malicious activities from innocuous ones, thus empowering the firm with a heightened security posture

In the ever-changing landscape of cyber threats, stat at the forefront of industry trends and emerging attack vectors. This ensures that the strategies you develop remain resilient and effective in the face of new challenges

Participate in red teaming and penetration testing exercises to subject the developed use cases to real-world simulation. By doing so, ensuring their robustness and effectiveness in diverse scenarios

Produce and report valuable metrics to leadership and cross functional teams to quantify the value and effectiveness of use cases in an ever-changing threat landscape

Qualification

Cyber SecuritySIEMThreat DetectionIncident ResponseCISSPCyber Kill ChainNetwork SecurityForensicsCloud SecurityAnalytic SkillsProblem-SolvingTime ManagementCommunication Skills

Required

Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related discipline or equivalent work experience

5-8 years in Information Security or other Information Technology fields

Experience with use case and automation related to UEBA, SIEM, SOAR, DLP, EDR and other open-source security tools

Knowledge of models/frameworks such as Cyber Kill Chain, MITRE and CRI (Cyber Risk Institute)

Well-developed analytic, qualitative, and quantitative reasoning skills

Demonstrated creative problem-solving abilities

Security event monitoring, investigation, and overall incident response process

Strong time management skills to balance multiple activities and lead junior analysts as needed

Understanding of offensive security to include common attack methods

Understanding of how to pivot across multiple datasets to correlate artifacts for a single security event

A diverse skill base in both product security and information security including organizational structure and administration practices, system development and maintenance procedures, system software and hardware security controls, access controls, computer operations, physical and environmental controls, and backup and recovery procedures

In-depth knowledge in one or more security domains including Security Governance and Oversight, Security Risk Management, Network Security, Threat and Vulnerability Management, and Incident Response and Forensics

Experience creating trending, metrics, and management reports

Experience across the following technical concentrations: Network-Based Security Controls (Firewall, IPS, WAF, MDS, Proxy, VPN), Anomaly Detection and Investigation, Host and Network Forensics, Operating Systems, Web Applications and Traffic

Experience with cloud computing security, network, operating system, database, application, and mobile device security

Experience with information security risk management, including conducting information security audits, reviews, and risk assessments