Senior Information Security Engineer, AVP

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas, and collaborate toward greater innovation, speed, and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.

Job Overview :

We are seeking a Sr. Information Security Engineer with the ability to perform technical risk assessments, synthesize observations at a macro level, identify indicators of changing risk or process/control deficiencies, and propose process and technology controls in dynamic environments. In-depth knowledge of network switching, TCP/IP, IP Addressing and Routing, WAN Technologies, and managing networked devices is required.

Responsibilities :

1. Co-develop guidelines for the usage, control, maintenance, and audit-readiness of information and computer resources.
2. Analyze and address security gaps within the Bank's infrastructure technologies.
3. Identify distributed systems security issues and coordinate with technology owners for resolution.
4. Execute technical risk assessments for scoped environments.
5. Report findings, manage issues, and support audits and external exams.
6. Perform remote/table-top information security assessments.
7. Identify high-risk findings and lead their resolution.
8. Analyze control deficiencies and root causes.
9. Design and collaborate on security metrics and performance reports.
10. Assist stakeholders in corrective actions for anomalies.
11. Document assessments and perform threat analysis.
12. Communicate vendor security issues and validate evidence before closing remediation plans.

Requirements :

1. Expertise in AD security features such as Group Policy, ACLs, and security groups.
2. Knowledge of Active Directory monitoring, including user activity and security configuration changes.
3. Experience with AD Federation Services (AD FS), Windows Server AD Certificate Services (AD CS), and Azure AD.
4. Minimum of 5 years' experience in cybersecurity assessment, IT audit, penetration testing, or vulnerability management.
5. 5+ years of IT experience in mid or large-scale companies.
6. Experience with control areas such as Vulnerability Management, Configuration Management, and Security Assessments.

Additional Skills and Knowledge :

• Security and networking architecture, routers, wireless security, intrusion prevention/detection, firewalls, SIEM, DLP, encryption.
• Operating systems internals (Linux, Windows), network protocols, web services, databases, scripting, and programming languages (C/C++, Java, Perl, Python, Assembly).
• Knowledge of risk domains and technologies including firewall, secure protocols, change and vulnerability management, system configuration.

Certifications :

• CISSP, GIAC, CISA, CRISC, CISM, or other relevant security certifications.

Education :

• Degree in Computer Science or related field, or equivalent professional experience.

Work Location :

Must work onsite 4 days and 1 day remotely in Tampa, FL (preferred), Tempe, AZ, or Jersey City, NJ.

The base salary range is $110K - $142K, depending on experience and location, with potential bonuses and a comprehensive benefits package.

We consider all qualified applicants and are committed to equal opportunity employment and diversity.