Cyber Security Incident Response

Description

 

Cyber Security Incident Response (CSIRT) Lead, Vice President
 
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world with total assets of over $2.4 trillion (as ranked by SNL Financial, April 2016) and 140,000 colleagues in nearly 50 countries. In the U.S., we’re 13,000 strong, working together to positively impact every customer, organization, and community we serve. We achieve this by delivering on our values, putting people first, fostering long-term relationships built on honesty and mutual understanding, and inspiring the best in each other. This is all part of our inclusive, high-performing culture supported by Total Rewards that include our cash balance pension plan. Join a team that’s working to fulfill its vision to be the world’s most trusted financial group.
 
Job Summary:
 
The Cyber Security Incident Response Team (CSIRT) Lead provides direction and guidance to the CSIRT and oversees security incident response program related process development and improvement activities including programmed security breach simulation exercises.  The CSIRT Lead will oversee daily tasks associated with cyber breach response, investigations, and simulation exercises.

In addition the CSIRT lead will drive the development of new processes and procedures for gathering, handling, searching, and retrieving, digital and/or physical evidence concerning incidents. Ensure forensically sound procedures are documented

The CSIRT Lead maintains relationships with IT, Legal, Human Resources, and other appropriate business units to ensure incident handling processes are reflective of existing bank policy, legal, risk management, and regulatory requirements.  The candidate must be familiar with communication technologies and protocols.

The CSIRT Lead will coordinate process and collaborate with technology incident management, business continuity, crisis management, and corporate security teams to ensure process continuity in planned simulation exercises to demonstrate cyber resilience in the event of a cyber-attack or breach.
 
 
Major Responsibilities:
 
The candidate that fulfills this role will be expected to have process documentation experience and excellent intra-business relationship experience in addition to technical expertise. This role interacts with all levels of the organization, particularly within the IT organization and is viewed as a subject matter expert for security events.
Specifically, the position is responsible for:
  • Coordinating CSIRT activities in the case of security event, outside security threat, notification of cyber security breach, or cyber security investigation
  • Conducting post-mortem discussions and provide a summary of lessons learned including filing self-identified issues(SII) and reporting status on remediation and corrective actions
  • Developing the security event simulation program and conduct security event table top exercises at the global level
  • Maintaining cyber security playbooks and related documents
  • Developing and enhancing cross-organization relationships with front line operations teams and risk managers.

 

Qualifications

 

  • Bachelor’s degree in Computer Science or technology-related field (or equivalent work experience).
  • Security Certification: CISSP, CISM, CISA, SANS GIAC, or similar
  • Experience operating in regulated environment – Top 10 banking (Strongly preferred)
  • Minimum of 8 years in Information Security or 10 years in the other related Information Technology fields
  • Experience creating trending, metrics, and management reports
  • Experience across the following technical concentrations:
    • Network-Based Security Controls (Firewall, IPS, WAF, MDS, Proxy, VPN)
    • Anomaly Detection and Investigation
    • Forensics
    • Operating Systems
  • Web Applications and Traffic
  • Well-developed analytic, qualitative, and quantitative reasoning skills.  Demonstrated creative problem solving abilities.
  • Security event monitoring, investigation, and overall incident response process.
  • Forensic tools.
  • Planning and project management.
  • Development of information security policies, standards, and procedures.
Why Work for MUFG?
We are a financially strong and stable bank.
We value workplace diversity.
We are committed to the training and development of our employees.
Innovative vacation benefits.
We offer a matching 401K, a Retirement Plan, and a variety of Flexible Health Benefits.
 
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.
 
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

 

Job

: Systems / Technology 

Primary Location

: ARIZONA-Tempe 

Other Locations

: NEW JERSEY-Jersey City, CALIFORNIA-Monterey Park 

Job Posting

 

Shift: Day 
Schedule: Full Time