AVP, Cyber Security Specialist

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we’re 160,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

Key Responsibilities

• Conduct the cyber risk evaluation to assess the security maturity and posture, and develop risk remediation plan to comply with MUFG requirements.
• Conduct cyber security tabletop exercises to increase MUFG’ readiness to respond to cyber security incidents. Facilitate other cyber exercises to test the technical response readiness such as Red Team exercise and Cyber Range.
• Promote & perform security awareness and education to inculcate good security practices among employees, such as phishing simulation campaigns.
• Provide accurate reporting of security metrics and KRI to management on the state of security posture.
• Work in partnership with colleagues in the global Cyber Security teams to share knowledge, support regional/global initiatives and best practices on cyber security.
• Be part of the team to implement the vulnerability management activities, which may include vulnerability scanning, coordination and tracking of security patching, security testing and compliance checks.
• Work in collaboration with Infrastructure and Application teams to assess security patches in response to security advisories. Monitor the patch level of Infrastructure and Applications, assess the risks and report overdue patches for management attention.
• Perform security baseline compliance scanning on existing IT infrastructure assets using automated tools to validate security configurations settings.
• Review proposed changes to Firewall Rules and coordinate the regular review of firewall rules to remove obsolete, redundant and risky rules.
• Work with regional team to coordinate periodic email phishing simulation exercise for the Branch and promote awareness on cyber security.
• Provide support in monitoring the deployment and status of security tools deployed in the Branch.
• Assist the Regional team in investigating and handling cyber threats, suspicious events and cyber incidents that may affect the Branch, such as advanced malware threats, phishing emails. vulnerability exploits, denial of service and other forms of cyber-attacks.
• Work with Regional team to establish, maintain and develop security monitoring use cases and incident handling playbook.
• Work with Regional team to perform malware triage to assess threat types, severity impact, and occurrence likelihood based on current controls and environment in the Branch.
• Coordinate within the Branch and participate in cyber exercises such as table-top exercise, red team exercise, and other security drills to improve operational readiness and awareness of changing threat scenarios.
• Work in partnership with colleagues in the Asia Pacific region to support regional cyber security improvement plans to ensure a consistent level of maturity in technology and processes.
• Enable cyber security compliance in by managing audits, regulations and Head Office requirements related to cyber security.
• Draft responses to requirements from the local authorities, second or third line of defenses.

Requirements

• Minimum 5 years of cyber security experience, out of which a minimum of 2 years of experience in cyber security governance, processes and compliance.
• Experience within the banking or finance industry, with knowledge of corporate banking products and service
• Good knowledge of cyber security controls, regulations, processes and standards, such as NIST cybersecurity and IT controls framework.
• Strong written and verbal communication skills with ability to influence & collaborate with management, regional offices, technical managers and other key stakeholders.
• Good working knowledge of industry trends, products and technology in the Cyber Security domains (e.g., data, network, system, virtualization, internet of things and cloud).
• Able to conduct operation and maintenance of firewall and various endpoint security
• Having fundamental computer forensic skills
• Self-driven and independent, with good attention to detail and quality.
• Willing to take on new tasks and initiatives to contribute towards continuous improvement.

MUFG Bank Ltd & MUFG Securities Asia Limited (collectively referred to as “MUFG”) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.