Cyber Security Incident Response Lead at MUFG Tempe, AZ 85285
Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2020).
In the Americas, we're 13,000 colleagues, striving to make a difference for every client, organization, and community we serve.
We stand for our values, developing positive relationships built on integrity and respect.
It's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility.
We're a team that accepts responsibility for the future by asking the tough questions and owning the solutions.
Join MUFG and be empowered to make your voice heard and your actions count.
Job
Summary:
As a Threat Detection & Response Manager, you will focus on researching threats posed by cyber criminals to various systems, technologies, operations, and programs and analyzing research to determine a cyber criminal's capabilities, intentions, and attack approaches, including those with multiple phases.
Responsibilities include rapidly responding to incidents to minimize risk exposure and ensure system availability; proactively monitoring internal and external-facing environments; seeking opportunities to automate detection and remediation and reduce response times for incidents; and producing reports and briefings that include perspectives on the behavior of adversaries.
Major
Responsibilities:
Apply critical thinking in understanding the new & emerging threats working along with Cyber Threat Intelligence and Threat Modeling team and then build & execute required action plansManage and execute processes responsible for the advanced analysis of security threats (malicious code, intrusion logging, etc.
) to proactively develop detection for such threatsSupport inquiries from compliance teams such as IT risk management, Internal and External audit, to ensure documentation is complete and in compliance with Information Security policiesEffectively collaborate with other internal Information Security teams.
as well as various lines-of-businesses to advance security awareness and posturePresent security analysis, action plan and risks to diverse audiences (business, technical and management) Execute a data detection strategy based on the MITRE ATT&CK Framework.
Analyze threat information from multiple sources, synthesizing and placing threat intelligence information in context and use that in development of new Security alerts in the SIEM tool to address new and emerging threatsContinually identify, evaluate, and monitor threats that could affect operational and business activitiesManage and support development of Security Operations playbooks to ensure threat detection, monitoring, response & forensics activities align with best practices, minimize gaps in detection & response and provide comprehensive mitigation of threatsConduct post-mortem discussions and provide a summary of lessons learned including filing self-identified issues (SII) and reporting status on remediation and corrective actionsDevelop the security event simulation program and conduct security event tabletop exercises at the global levelMaintain cyber security playbooks and related documents Develop and enhance cross-organization relationships with front line operations teams and risk managers.
Coordinate CSIRT activities in the case of security event, outside security threat, notification of cyber security breach, or cyber security investigationConduct post-mortem discussions and provide a summary of lessons learned including filing self-identified issues (SII) and reporting status on remediation and corrective actionsDevelop the security event simulation program and conduct security event tabletop exercises at the global levelMaintain cyber security playbooks and related documents Develop and enhance cross-organization relationships with front line operations teams and risk managers
Qualifications:
Bachelor's degree in Computer Science or technology-related field (or equivalent work experience)6-8 years of experience with building and leading high performing Information Security teams in complex environments6-8 years of Information Security experience developing advanced threat detection capabilitiesExperience managing/securing a large scale, complex, high performance environmentExperience operating in regulated environment - Top 10 banking (Strongly preferred)Strong understanding of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)Advanced understanding of network protocols and operating systems (Windows, Unix, Linux, Databases)Demonstrated experience with designing and implementing use cases in SIEM tool such Splunk, ArcSight, QRadar, etc.
Certifications such as CISSP, Security+, ISSEP, GIAC are a plusExperience in threat response, Security event monitoring, incident response, network/host intrusion detection, malware analysisSolid experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
The above statements are intended to describe the general nature and level of the work being performed.
They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business.
We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment.
Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions.
Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made.
Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
In the Americas, we're 13,000 colleagues, striving to make a difference for every client, organization, and community we serve.
We stand for our values, developing positive relationships built on integrity and respect.
It's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility.
We're a team that accepts responsibility for the future by asking the tough questions and owning the solutions.
Join MUFG and be empowered to make your voice heard and your actions count.
Job
Summary:
As a Threat Detection & Response Manager, you will focus on researching threats posed by cyber criminals to various systems, technologies, operations, and programs and analyzing research to determine a cyber criminal's capabilities, intentions, and attack approaches, including those with multiple phases.
Responsibilities include rapidly responding to incidents to minimize risk exposure and ensure system availability; proactively monitoring internal and external-facing environments; seeking opportunities to automate detection and remediation and reduce response times for incidents; and producing reports and briefings that include perspectives on the behavior of adversaries.
Major
Responsibilities:
Apply critical thinking in understanding the new & emerging threats working along with Cyber Threat Intelligence and Threat Modeling team and then build & execute required action plansManage and execute processes responsible for the advanced analysis of security threats (malicious code, intrusion logging, etc.
) to proactively develop detection for such threatsSupport inquiries from compliance teams such as IT risk management, Internal and External audit, to ensure documentation is complete and in compliance with Information Security policiesEffectively collaborate with other internal Information Security teams.
as well as various lines-of-businesses to advance security awareness and posturePresent security analysis, action plan and risks to diverse audiences (business, technical and management) Execute a data detection strategy based on the MITRE ATT&CK Framework.
Analyze threat information from multiple sources, synthesizing and placing threat intelligence information in context and use that in development of new Security alerts in the SIEM tool to address new and emerging threatsContinually identify, evaluate, and monitor threats that could affect operational and business activitiesManage and support development of Security Operations playbooks to ensure threat detection, monitoring, response & forensics activities align with best practices, minimize gaps in detection & response and provide comprehensive mitigation of threatsConduct post-mortem discussions and provide a summary of lessons learned including filing self-identified issues (SII) and reporting status on remediation and corrective actionsDevelop the security event simulation program and conduct security event tabletop exercises at the global levelMaintain cyber security playbooks and related documents Develop and enhance cross-organization relationships with front line operations teams and risk managers.
Coordinate CSIRT activities in the case of security event, outside security threat, notification of cyber security breach, or cyber security investigationConduct post-mortem discussions and provide a summary of lessons learned including filing self-identified issues (SII) and reporting status on remediation and corrective actionsDevelop the security event simulation program and conduct security event tabletop exercises at the global levelMaintain cyber security playbooks and related documents Develop and enhance cross-organization relationships with front line operations teams and risk managers
Qualifications:
Bachelor's degree in Computer Science or technology-related field (or equivalent work experience)6-8 years of experience with building and leading high performing Information Security teams in complex environments6-8 years of Information Security experience developing advanced threat detection capabilitiesExperience managing/securing a large scale, complex, high performance environmentExperience operating in regulated environment - Top 10 banking (Strongly preferred)Strong understanding of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)Advanced understanding of network protocols and operating systems (Windows, Unix, Linux, Databases)Demonstrated experience with designing and implementing use cases in SIEM tool such Splunk, ArcSight, QRadar, etc.
Certifications such as CISSP, Security+, ISSEP, GIAC are a plusExperience in threat response, Security event monitoring, incident response, network/host intrusion detection, malware analysisSolid experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc.
The above statements are intended to describe the general nature and level of the work being performed.
They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business.
We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment.
Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions.
Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made.
Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
