Cyber Security Operations (SOC) Technology Manager (Splunk) - Remote

Your potential. Your opportunity.

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 6th largest financial group in the world. Across the globe, we're 160,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

This is a remote position. A member of our recruitment team will discuss location preferences with you in more detail.

This role can be remote in any of these States: Arizona, Texas, North Carolina, Washington, Oregon, California, Illinois, Kentucky, Georgia, New York, Connecticut, Massachusetts, New Jersey, District of Columbia, Utah, Nebraska, Minnesota, Missouri, Arkansas, Indiana, Ohio, Tennessee, Alabama, Florida, South Carolina, Virginia.

Job Summary

In this role you will focus on researching threats posed by cyber criminals to various systems, technologies, operations, and programs and analyzing research to determine a cyber criminal's capabilities, intentions, and attack approaches, including those with multiple phases. Responsibilities include rapidly responding to incidents to minimize risk exposure and ensure system availability; proactively monitoring internal and external-facing environments; seeking opportunities to automate detection and remediation and reduce response times for incidents; and producing reports and briefings that include perspectives on the behavior of adversaries.

Major Responsibilities

• Apply critical thinking in understanding the new and emerging threats working along with cyber threat intelligence and threat modeling teams; build and execute required action plans
• Manage and execute processes responsible for the advanced analysis of security threats (malicious code, intrusion logging, etc.) to proactively develop detection for such threats
• Support inquiries from compliance teams such as IT risk management and internal and external audit, to ensure documentation is complete and in compliance with information security policies
• Collaborate effectively with other internal information security teams. as well as various lines-of-businesses to advance security awareness and posture
• Present security analysis, action plan, and risks to diverse audiences (business, technical, and management)
• Execute threat detection and management strategy based on the MITRE ATT&CK Framework and/or Cyber Kill Chain
• Analyze, synthesize, and place threat intelligence information from multiple sources in context; use that in development of new security alerts in the SIEM tool to address new and emerging threats
• Continually identify, evaluate, and monitor threats that could affect operational and business activities
• Manage and support development of security operations playbooks to ensure threat detection, monitoring, response, and forensics activities align with best practices, minimize gaps in detection and response, and provide comprehensive mitigation of threats

Qualifications

• B.S. is Computer Science or other related field is preferred
• 6-8 years of experience with building and leading high performing information security teams in complex environments
• 6-8 years of information security experience developing advanced threat detection capabilities
• 6-8 years of experience in Security Operations, Security Content development, SIEM, Security Monitoring and Risk based alerting
• Experience managing/securing a large scale, complex, high performance environment
• Strong understanding of enterprise detection technologies and processes (advanced threat detection tools, intrusion detection system/intrusion prevention system (IDS/IPS), network packet analysis, endpoint protection)
• Advanced understanding of network protocols and operating systems (Windows, Unix, Linux, databases)
• Demonstrated experience with designing and implementing use cases in security information and event management (SIEM) tool such Splunk, ArcSight, QRadar, etc.
• Certifications such as Certified Information Systems Security Professional (CISSP), Security+, Information Systems Security Engineering Professional (ISSEP), Global Information Assurance Certification (GIAC) are a plus
• Experience in threat response, security event monitoring, incident response, network/host intrusion detection, and malware analysis
• Solid experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations, etc.

The typical base pay range for this role is between $120K - $150K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays.

#LI-Remote

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.

#LI-Remote