Analyst, Cyber Threat and Incident Response

Posted:
7/22/2024, 5:00:00 PM

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The IRMD Cyber Threat and Incident Response is to ensure that key activities in the department relating to Incident Response, Detection mechanisms are in place. Strengthen security policies and standards for the Asia region, to ensure that the security operations, processes, and workflow are compliance with regulations and MUFG’s internal policy.

Cyber Threat and Incident Response Functions

  • Lead the Incident Response procedures to allow timely response in the event of an incident to facilitate recovery and minimize impact to the Bank.
  • Initiate appropriate malware triage processes to assess threat types, severity impact, and occurrence likelihood based on current controls and environment.
  • Assist the team in daily security event monitoring for various cyber threats such as advanced malware threats, vulnerability exploits, denial of service and other forms of cyber-attacks.
  • Able to review all network intrusion, vulnerability exploits and denial of service attempts to mitigate the risk of cyber-attacks.
  • Handling Security operation tasks like Security operations mailbox management, Investigating Phishing emails, Alert escalations from SOC.
  • Perform threat hunting for the APAC region to identify presence of persistent threats based on intelligence relevant to the bank. 
  • Analyse cyber threat intelligence to identify indicators of compromise, threat artefacts and attributes from different sources.
  • Perform security policy management to continuously monitor and enhance technical rules, policies, and configuration in security systems to enhance security protection and coverage of operational end-to-end processes.
  • Responsible for gathering the information for KRI metrics, Monthly reporting etc.
  • Ensure consistent level of security policy management and system monitoring for regional security systems to provide adequate security protection and coverage.
  • Lead and influence multi-disciplinary teams in managing cyber security controls.
  • Responsible to suggest and lead the implementation of initiatives to reduce meantime to response through automation of detections.
  • Assist in defining the regional security administration model across Asia to determine the cooperative roles and responsibilities for administration of security systems.
  • Assist as a subject matter expert for all cyber security matters.

People

  • Act as a role model to team members and adhere to all company policies / guidelines.
  • Responsible for assisting team lead to manage (objective setting & performance management) for direct reporting.

Job Requirements:

  • Minimum 2 of relevant experience in Cyber Security Operation/Engineering
  • Experience in cyber security technologies (TIPS, SIEM, SOAR, EDR )
  • Experience with modern IT approaches such as DevOps, Software Defined Network & Platform, Infrastructure as Code, Commercial cloud services and zero trust network. Analytic platforms such as Splunk.
  • Degree with IT background
  • Possess security certifications such as SANS GCTI/GCFE/GCFA/GCIH/GREM / CISSP/ CISM/ CCSP or any Cyber security specialty is an added advantage.
  • Knowledge in malware analysis, digital forensic, scripting and regex, is an advantage.
  • Knowledge on cybersecurity tools, technologies, and standards (e.g., OWASP, Cyber Kill chain and MITRE ATT&CK framework)
  • Proven and strong analytical skills
  • Consistently demonstrates clear and concise written and verbal communication.
  • Good stakeholder management skills to collaborate with other departments.

MUFG Bank Ltd & MUFG Securities Asia Limited (collectively referred to as “MUFG”) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.