Senior Security Engineer

Overview:

The Senior IT Security Engineer will be based on a hybrid basis from our stunning office in central Leeds, so you’ll need to be within a commutable distance to allow you to travel to the office.

As team members and colleagues are also based in our APAC region, it is likely that you will be required to participate in out of normal working hours calls on a weekly basis, so you will need to be flexible in your approach to the working day.

You will help drive the Security Architecture and Engineering team and the business in current information security challenges across security technology control assessment, design, configuration, integration, documentation and support.

You’ll get the chance to follow your chosen career path anywhere in MUFG Pension & Market Services, joining a network of experienced, innovative and dedicated individuals across multiple teams and countries. There are numerous opportunities to learn new skills and develop in your career with the support you need to succeed.

Benefits:

26 days annual leave, plus a wellbeing day, a volunteer day, bank holidays and the opportunity to buy up to 5 days’ extra each year

Health, wellbeing and lifestyle rewards that can be tailored to support you and your family. Everything from: Employee Assistance Programme; Discounts on retail and socialising; Travel and technology; cycle2work scheme; A host of gym and fitness subscriptions; Car Salary Sacrifice scheme

Appreciate programme: Employee recognition programme

Company Pension Scheme

Medical insurance

Life Assurance

Paid Maternity, Paternity, Adoption Leave, Shared Parental Leave

What you need:

As with any role, we want to find the right person and we want to make sure you know it’s the right role for you too. You will need:

• A strong understanding of Application Security concepts and best practices, including agile methodologies and coding languages

• Demonstrable experience in DevSecOps transformation, with experience in Security Operations, and as a Security Engineer or similar technical role

• Excellent knowledge of integration concepts, patterns and technologies

• Experience with both successful and unsuccessful project implementations

• Extensive experience across infrastructure domains (network, compute and storage)

• Demonstrable experience across Cloud and infrastructure components (service, storage, network, data and applications), to deliver end to end Cloud Infrastructure architectures and designs

• Strong experience performing threat modelling and value assessment techniques to assess controls and provide architectural decisions

• An ability to identify critical and high priority issues and resolve and / or escalate where required

• Experience working with Cloud Security, Cyber security (Malware, penetration testing, forensics, incident response), endpoint Security, Security Incident and Event management, Data Protection, network Security, Identity & Access Management

• Excellent verbal and written communication skills, with the ability to negotiate and consult with a variety of colleagues and team members

• The drive, desire and ability to assist project teams with technical decisions and implementations and experience of hands-on implementation as part of major projects

• Proven experience in architecting, designing and building Security Architecture Frameworks

• Experience implementing medium to large-scale distributed applications

• Strong skills in Zscaler, CASB, OKTA, Office 365 and Active Directory, Azure AD, Citrix Azure (Cloud) and other Microsoft technologies

• Working knowledge of Agile and Product Centric principles, product management, scheduling and a strong customer focus

• Advanced security computing knowledge and understanding (including cloud security), across the wider organisation

It would be nice to have:

• Azure experience would be preferable

• CISM, SSCP, CCSP, CRISC is not essential but highly desirable

Day to Day, you will:

• Create and maintain global standards, ensuring a consistent security approach

• Design and implement solutions to ensure that they deliver business objectives securely

• Uplift, drive and deliver security capabilities within the group

• Act as the technical point of escalation relating to security controls and concepts

• Deliver security solution designs and implementation direction in a fast-paced environment

• Evaluate, architect, implement and support security tools and services for MUFG Pension & Market Services’ rapidly emerging Cloud-based hosting model and helping execute the global Information Security strategy and Centre of Excellence

• Lead technical change for cybersecurity best practice adoption within projects

• Develop security solutions architecture aligned to organisational strategy and industry best practice

• Provide guidance to key stakeholders on architecture best practice

• Maintain awareness of security trends and the global threat landscape

• Continually develop your subject matter expertise in designated areas of specialisation, including performing research and keeping abreast of trend and best practice techniques and controls

• Provide leadership and mentorship to junior team members, including knowledge transfer and demonstrating ‘by example’, professional and ethical behaviour by ensuring compliance with external legislation, internal operating policies and procedures relevant to the position

• Ensure policies and configuration reviews, approvals and implementation of changes to DLP, WAF, DAM, endpoint and other security products

The above list of key accountabilities is not an exhaustive list and may change from time-to-time based on business needs