Apply on Employer Site

MUFG · 3 days ago

Incident Response Planning and Operations, Assistant Vice President

Jersey City, NJ

Full-time

Hybrid

Mid, Senior Level

$104K/yr - $131K/yr

5+ years exp

MUFG is one of the world’s leading financial groups, dedicated to making a difference for every client and community. The AVP for Incident Response Planning and Operations will lead the cyber security wargaming and incident readiness program, focusing on preparing the Global Incident Response team and relevant stakeholders for cyber readiness.

Responsibilities

Develop and manage a comprehensive cyber wargaming and incident readiness program

Align tabletop exercises with enterprise risk management and incident response strategies

Coordinate with internal and external stakeholders to ensure exercises reflect realistic threat scenarios

Design and facilitate cyber incident tabletop exercises, red/blue team simulations, and strategic wargames

Develop injects, scripts, and after-action review processes

Incorporate threat intelligence and emerging risks into exercise scenarios

Evaluate organizational response capabilities and identify gaps in incident response plans

Produce detailed reports and recommendations for improvement

Track remediation efforts and maturity over time

Work closely within Enterprise Information Security teams to identify areas of improvement

Collaborate with IT, security operations, legal, communications, and executive leadership

Present findings and strategic recommendations to senior leadership

Monitor trends in cyber threats and incident response best practices

Integrate lessons learned from real incidents and exercises into future planning

Qualification

CybersecurityIncident ResponseThreat ManagementTabletop ExercisesNIST FrameworkMITRE ATT&CKRisk ManagementTechnical CertificationsAnalytical SkillsCommunication SkillsFacilitation SkillsWriting SkillsCross-functional Collaboration

Required

Bachelor's degree in Cybersecurity, Information Technology, or related field

5+ years or more in cybersecurity, with experience in incident response or threat management

Excellent communication, facilitation, writing and analytical skills

Experience designing and facilitating tabletop exercises or cyber simulations

Ability to document and explain technical details in a concise, understandable manner

Relevant technical and industry certifications in cybersecurity

Experience with information security risk management, including information security audits, reviews, and risk assessments

Strong understanding of NIST, MITRE ATT&CK, and other cybersecurity frameworks

Ability to work cross-functionally and influence without direct authority

Preferred

Prior work experience in a global company preferred

Knowledge in one or more security domains including Incident Response and Forensics, Security Governance and Oversight, Security Risk Management, Network Security, or Threat and Vulnerability Management

Knowledge of cloud security, AI security, networks, databases, and applications

Knowledge of the various types of cyber-attacks and their implementations

Experience in operational processes such as security monitoring, data correlation, troubleshooting, security operations, etc