Cyber Security Detection Engineering

MUFG

  • Bangalore, Karnataka
  • Permanent
  • Full-time
  • 2 months ago
  • Apply easily
About MUFG Global Service (MGS)MUFG Bank, Ltd. is Japan’s premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Bank’s parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the world’s leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.The Group aims to be the world’s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFG’s shares trade on the Tokyo, Nagoya, and New York stock exchanges.For more informatJob DescriptionRoles & Responsibilities
  • Review the existing technology stack/configurations and suggest improvements and work together with engineering team to strengthen the cyber security posture for the Bank.
  • Responsible to suggest and lead the implementation of initiatives to reduce mean-time to response through automation of detections.
  • Responsible for performance tuning of cybersecurity stack to get the optimum usage of the tools.
  • Assist in threat hunting for the APAC region with the existing tools and techniques.
  • Provide technical consultation and support with engineering team and HO for developing threat detection and response capabilities.
  • Assist in defining the regional security administration model across Asia to determine the cooperative roles and responsibilities for administration of security systems.
  • Assist as a subject matter expert for all cyber security matters.
  • Lead and influence multi-disciplinary teams in managing cyber security controls
  • Perform security policy management to continuously monitor and enhance technical rules, policies and configuration in security systems to enhance security protection and coverage of operational end-to-end processes.
  • Possess high level understanding of IT infrastructure, perimeter devices, network, applications, software, servers and database, together with working knowledge of IT operational processes and procedures.
  • Monitor abnormal security system configurations from unknown sources to detect unauthorized access to systems.
  • Assist the team in daily security event monitoring for various cyber threats such as advanced malware threats, vulnerability exploits, denial of service and other forms of cyber-attacks.
  • Able to review all network intrusion, vulnerability exploits and denial of service attempts to mitigate the risk of cyber-attacks.
  • Analyse cyber threat intelligence to identify indicators of compromise, threat artefacts and attributes from different sources.
  • Lead and influence multi-disciplinary teams in managing cyber security controls
  • Establish, maintain and develop monitoring use cases, incident handling playbook, and perform threat hunting.
  • Preferred to have experience in coding and scripting with devops experience
  • Initiate appropriate malware triage processes to assess threat types, severity impact, and occurrence likelihood based on current controls and environment.
  • To perform investigation of suspicious emails originating from Internet or 3rd parties to ensure that malicious content of malware, spam, phishing and other threats are adequately blocked.
  • Lead the Incident Response procedures to allow timely response in the event of an incident to facilitate recovery and minimize impact to the Bank.
  • Plan and lead the cyber exercises for table-top exercise, phishing campaigns and other security drills to improve operational readiness and awareness of changing threat scenarios.
  • Review the Cyber Security Operation to optimise and drive improvements for the process optimisation
  • Ensure consistent level of security policy management and system monitoring for regional security systems to provide adequate security protection and coverage.
Job Requirements
  • Degree with IT background
  • Minimum 5 years of relevant experience in Cyber Security Operation/Engineering
  • Possess security certifications such as SANS GCIH / GREM / CISSP / CISM / CCSP or any Cyber security specialty is an added advantage.
  • Up-to-date knowledge on cyber security technologies (TIPS, SIEM, SOAR, EDR and etc)
  • Experience with modern IT approaches such as DevOps, Software Defined Network & Platform, Infrastructure as Code, Commercial cloud services and zero trust network. Analytic platforms such as Splunk.
  • Knowledge in scripting and regex, is an advantage
  • Knowledge on cybersecurity tools, technologies and standards (e.g. OWASP, Cyber Kill chain and MITRE ATT&CK framework)
  • Proven and strong analytical skills
  • Consistently demonstrates clear and concise written and verbal communication
  • Good stakeholder management skills to collaborate with other departments

MUFG