Technology Security Standards Associate, AVP

Your potential. Your opportunity.

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we're 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

This is a remote position. A member of our recruitment team will discuss location preferences with you in more detail.

Job Summary:

The Cybersecurity Controls & Compliance security standards AVP will manage and oversee the development and maintenance of the Technical Security Standards for MUFG critical infrastructure technologies e.g. operating systems, database systems and network appliances in addition to Cloud technologies and services (IaaS, Paas.) A key security function for the firm the candidate will need to partner with product managers and SMEs across the organization to collaborate and efficiently secure key technologies.

Major Responsibilities:

• Engage with technology managers (VP, Director, and MD level) across Operations and Technology to define security requirements and create security requirement documents for critical infrastructure technologies.
• Work with platform owners and the monitoring team to test/validate automated testing profiles prior to production implementation.
• Perform recertification of Technical Security Standards as outlined within program guidelines
• Coordinate with Threat and Vulnerability Management (TVM) lead to support the Technical Security Standards program
• Work with TVM, Technical Infrastructure engineers (TI) and Application Development managers across the organization to troubleshoot and resolve minimum security requirement compliance issues.
• Manage timely remediation of issues related to Technical Security Standards.
• Conduct research with vendors utilizing industry guidance/best practices for minimum security requirements such as CIS Benchmarks, NIST and others as required.
• Support review and challenge of security control requirements; First, Second and Third lines of defense.

Qualifications:

• Bachelor's degree in Business, Computer Science, Technology, or Related Fields
• Minimum of 5+ years of IT Security & Risk Management experience
• Experience in performing policy compliance scans and result analysis
• Strong understanding of common operating system, database, and web technologies configuration controls
• Minimum of 3 years work experience in Infrastructure and application security control assessment
• Information security policy and technical controls
• Strong understanding of information security policy, security best practices for Windows, UNIX, Linux, and overall system hardening techniques.
• Ability to complete tasks and deliver professionally written technical documents.
• Experience with vulnerability scanning tools (e.g., Qualys, Nessus Symantec CCS, DB-Protect).
• Experience Customizing Security polices in Compliance Tool (e.g Qualys)
• Strong knowledge in industry and government security standards (NIST, CIS, etc.).
• Familiarity with standard security best practices and processes including compliance reporting.
• Excellent verbal and written communication skills, as well as organization and presentation skills.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.

#LI-Remote