The IRMD Cyber Threat and Incident Response is to ensure that key activities in the department relating to Incident Response, Detection mechanisms are in place. Strengthen security policies and standards for the Asia region, to ensure that the security operations, processes, and workflow are compliance with regulations and MUFG’s internal policy.
Cyber Threat and Incident Response Functions
- Lead the Incident Response procedures to allow timely response in the event of an incident to facilitate recovery and minimize impact to the Bank.
- Initiate appropriate malware triage processes to assess threat types, severity impact, and occurrence likelihood based on current controls and environment.
- Assist the team in daily security event monitoring for various cyber threats such as advanced malware threats, vulnerability exploits, denial of service and other forms of cyber-attacks.
- Able to review all network intrusion, vulnerability exploits and denial of service attempts to mitigate the risk of cyber-attacks.
- Handling Security operation tasks like Security operations mailbox management, Investigating Phishing emails, Alert escalations from SOC.
- Perform threat hunting for the APAC region to identify presence of persistent threats based on intelligence relevant to the bank.
- Analyse cyber threat intelligence to identify indicators of compromise, threat artefacts and attributes from different sources.
- Perform security policy management to continuously monitor and enhance technical rules, policies, and configuration in security systems to enhance security protection and coverage of operational end-to-end processes.
- Responsible for gathering the information for KRI metrics, Monthly reporting etc.
- Ensure consistent level of security policy management and system monitoring for regional security systems to provide adequate security protection and coverage.
- Lead and influence multi-disciplinary teams in managing cyber security controls.
- Responsible to suggest and lead the implementation of initiatives to reduce meantime to response through automation of detections.
- Assist in defining the regional security administration model across Asia to determine the cooperative roles and responsibilities for administration of security systems.
- Assist as a subject matter expert for all cyber security matters.
People
- Act as a role model to team members and adhere to all company policies / guidelines.
- Responsible for assisting team lead to manage (objective setting & performance management) for direct reporting.
Job Requirements:
- Minimum 2 of relevant experience in Cyber Security Operation/Engineering
- Experience in cyber security technologies (TIPS, SIEM, SOAR, EDR )
- Experience with modern IT approaches such as DevOps, Software Defined Network & Platform, Infrastructure as Code, Commercial cloud services and zero trust network. Analytic platforms such as Splunk.
- Degree with IT background
- Possess security certifications such as SANS GCTI/GCFE/GCFA/GCIH/GREM / CISSP/ CISM/ CCSP or any Cyber security specialty is an added advantage.
- Knowledge in malware analysis, digital forensic, scripting and regex, is an advantage.
- Knowledge on cybersecurity tools, technologies, and standards (e.g., OWASP, Cyber Kill chain and MITRE ATT&CK framework)
- Proven and strong analytical skills
- Consistently demonstrates clear and concise written and verbal communication.
- Good stakeholder management skills to collaborate with other departments.
We regret to inform that only shortlisted applicants will be notified.
Job ID: 10065910
