Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The department covers Cyber Security, Information Security, IT Audit, IT Risks, IT Controls, Access Management and the portfolio for change for all these areas.
MAIN PURPOSE OF THE ROLE
To ensure latest cyber threat information is monitored and raise awareness across MUFG EMEA by disseminating reports and interacting with the stakeholders to sort out the issues. The role will involve liaising and coordinating with the other information security functions within MUFG EMEA and global stakeholders to ensure a consistent approach to all controls, standards and policies is adopted across the organisation. To ensure all necessary Information Security controls are in place and that an appropriate strategy to protect the firm from all Cyber, external and internal threats is defined and being implemented. To support the relationship and associated reporting requirements between Technology and internal and external bodies e.g. Tokyo head office, global Threat Intelligence Teams.
KEY RESPONSIBILITIES
In this role, you will be responsible for information/ cyber security across MUFG’s banking and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you.
Threat Monitoring and Threat Analysis.
Monitoring the latest threat landscape via multiple information sources
Analysing Cyber Attack.
Analysing the TTP(Tactics, Techniques and Procedures) used for the attack and identify the controls required to mitigate the threat at the organization. Create Cyber Awareness Report:
Create Threat Landscape report and Threat Analysis report to be disseminate widely across EMEA to raise awareness.
Process Cyber Threat Alert
Triage Alerts sent from HO and identify the action owner in EMEA Tech.
Track the progress and make sure feedback is sent back to Headquarter in Japan in timely manner.
Phishing Campaign Exercise Coordination:
Design and Coordinate with the vendor Phishing Campaign exercise.
Lead creator of statistic report to be disseminate to the relevant members in EMEA.
Support KRI tracking and improvement.
Tool Function Enhancement:
Support enhancing the tool function e.g. Feedly, Anomali TIP, MS Teams, by coordinating with the Application vendors.
Development and Maintenance of the Team’s Sharepoint /Kizuna Page. Development and Maintenance of the Team’s governance documentation and framework. Support urgent vulnerability handling and data leakage incident. Support Operational Security duties where requested. Availability for out-of-hours support
Culture and Management
Take an active role in the integration of Bank and Securities Cyber Security teams. Promote the MUFG values-led culture which is inclusive and diverse. Promote a dynamic, delivery driven culture that works alongside business units to provide responsive resolutions and value driven solutions. Collective leadership by example on staff cyber education and awareness to embed a proactive cyber culture. Find ways to strengthen working relationships with stakeholders, including business teams. Lead by example in building relationships across the bank, establishing a stronger peer network and helping to strengthen collaboration. Build strong relationships with internal and external stakeholders to understand industry best practice, influence change and promote technical credibility.
WORK EXPERIENCE
Essential:
Experienced in liasing and coordinating amongst multipe peers in IT team At least three years of experienced in Cyber Security Operations. Experienced in threat monitoring and awareness process. Must have a sound understanding and awareness of cybersecurity trendsin the industry Analytical skills and excellent attention to detail
SKILLS AND EXPERIENCE
Functional / Technical Competencies:
Essential
Experienced in coordinating with IT teams on Cyber security Understanding of Cyber Security and Threat monitoring:Threat information gatheringType of cyber attacksDefence in Depth model.Detective monitoring such as SplunkVulnerability Management – patching techniques
Suggested
Experience in SOAR system (Phantom) Experience in Anomali Threat Intelligence Platform Analysis based on MITRE ATT&CK Framework
Education / Qualifications:
Essential
Degree educated and / or equivalent experience.
PERSONAL REQUIREMENTS
Good communication skills A pro-active, motivated approach. The ability to operate with urgency and prioritise work accordingly A structured and logical approach to work Be able to independently think and act Excellent attention to detail and accuracy A calm approach, with the ability to perform well under pressure
We are open to considering flexible working requests in line with organisational requirements.
MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.
We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.
