Apply for this job now

Insider Threat Operations Engineer - Governance Risk and Compliance, Assistant Vice President - Remo

Location
Austin, Texas
Job Type
Permanent
Posted
8 Sep 2022
Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we're 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

This is a remote position. A member of our recruitment team will discuss location preferences with you in more detail.

Insider Threat Operations - Governance Risk and Compliance, Assistant Vice President - Remote

This role can be remote in any of these States: Arizona Texas, North Carolina, Washington, Oregon, California, Illinois, Kentucky, Georgia, New York, Connecticut, Massachusetts, New Jersey, District of Columbia, Utah, Nebraska, Minnesota, Missouri. Arkansas, Indiana, Ohio, Tennessee, Alabama, Florida, South Carolina, Virginia

Job Summary:

We are currently seeking an AVP Insider Threat Engineer to join our Enterprise Information Security (EIS) team. In this role, you will be responsible for maturing and enhancing our existing insider threat governance framework by collaborating on efforts to design and implement improved standard operating procedures, policies, guidelines, regulatory reporting and technologies within MUFG's unique security landscape. You will work closely with key cross-functional stakeholders to assist with the development of a program tailored to utilizing proactive and mitigating measures to detect and respond to potential threats to MUFG's infrastructure, employees, and intellectual property.

Major Responsibilities

Perform detailed risk assessments in network, system, and application areas and leverage content inspection, rule based tool rules, and advanced and traditional security analytics to identify advanced insider threats and emerging risks
Assist with the development and implementation of global insider threat use cases surrounding data exfiltration, internal fraud, privilege escalations, as well as IT sabotage for desktops, laptops, servers, mobile, virtual and multi-cloud environments
Collaborate on efforts to support the growth and maturity of ITO's enhanced monitoring capabilities of critical data and high valued assets
Establish enterprise-level KPIs and KRI's to ensure effectiveness, efficiency, and overall customer satisfaction. This includes defining key metrics and trends in the day-to-day operations and implementing changes to support the reduction of time to detect, respond, and remediate key technical ITO security risks
Perform bank-wide risk assessments including the Risk Control Self Assessment (RCSA), Risk Governance Assessment (RGA), and Operational Risk Partner Review and Challenges
Assist the ITO manager with the internal control and quality assurance programs
Provide review and challenge to processes to ensure controls are operational and executable as designed. Assist the ITO manager on compliance policy and procedure administration, management reporting, CFPB and OCC deliverables and operating plan updates
Participate in framework processes such as annual audit review/certifications and annual review of model validations
Recommend enhancements through the identification of self-identified issues and align enhancement feedback with the group's strategic initiatives
Contribute to regulatory and audit exams, committee reporting, issue remediation and other key projects
Key lead on various ad-hoc projects as needed. Develop Insider Threat standards metrics to gauge how MUFG is following cyber standards, policies, and technical requirements

Qualifications

Bachelor's degree in Information Security or a closely related discipline, or related equivalent experience
5-6 years developing advanced threat detection capabilities
Previous experience in security operations, insider threat analysis and/or mitigation programs.
Experience working with common cybersecurity, governance, or compliance related frameworks through developing, implementing and training cybersecurity and/or governance standards
Experience in the banking or finance industries preferred

Understanding of enterprise detection technologies and processes (advanced threat detection tools, intrusion detection system/intrusion prevention system (IDS/IPS), network packet analysis, endpoint protection)

Excellent writing and presentation skills with demonstrated ability to communicate clearly and concisely with peers and all levels of leadership. Have strong creative problem solving and analytical thinking Cybersecurity//Insider risk management governance, including development, maintenance, and implementation of Insider Threat policies and standards.

Experience writing and presenting high and low level security reports and briefings for insider threat investigations.

Have a working knowledge of common cybersecurity frameworks (e.g., NIST CSF, ISO 27001, COBIT, CCPA/CPRA) especially as it relates to building and operating a data protection and compliance program and/or managing internal security controls, risk assessments, business processes or operational auditing

Demonstrated experience working independently and in collaboration with cross-functional teams

Experience in threat response, security event monitoring, incident response, network/host intrusion detection, and malware analysis

Solid experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations, et

Nice to Have:

Knowledge of SOC or similar environment methodology, including threat monitoring, intrusion detection, analysis, threat determination, incident handling and remediation tracking.
Experience defending against insider threats leveraging tools like UEBA and DLP.
Experience interpreting data from network security tools and infrastructure technologies such as SIEM, firewall, proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.
Knowledge of the cyber threat landscape, including types of adversaries, campaigns, and the motivations that drive them.
Experience integrating subject profiling and criminal examination best practices into investigative procedures to supplement technical evidence.
Certifications like: CERT's ITPM, Splunk Certifications, Network+, Security+, CISSP, CFE, and/or Six Sigma Greenbelt a huge plus.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.

Apply for this job now

Details

  • Job Reference: 706703482-2
  • Date Posted: 8 September 2022
  • Recruiter: MUFG
  • Location: Austin, Texas
  • Salary: On Application
  • Sector: Executive Positions
  • Job Type: Permanent