Insider Threat Security Engineer, Assistant Vice President – Remote – MUFG

0% 1-Year Employee Growth Rate | 3% 2-Year Employee Growth Rate | LinkedIn | $0 Venture Funding

What Is Employee Growth Rate & Why Is It Important?

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

This is a remote position. A member of our recruitment team will discuss location preferences with you in more detail.

Insider Threat Security Engineer, Assistant Vice President – Remote

This role can be remote in any of these States: Arizona Texas, North Carolina, Washington, Oregon, California, Illinois, Kentucky, Georgia, New York, Connecticut, Massachusetts, New Jersey, District of Columbia, Utah, Nebraska, Minnesota, Missouri. Arkansas, Indiana, Ohio, Tennessee, Alabama, Florida, South Carolina, Virginia

Job Summary:

We are currently seeking an AVP Insider Threat Engineer to join our Enterprise Information Security (EIS) team. The Insider Threat Engineer will utilize scientific methodologies using predictive analytics to help identify and convey insider risk and risk management activities to our business operations. Works closely with Data Loss Prevention and Global Security Operations teams and serves as the subject matter expert for the data analytics discipline. Provides recommendations and contributes to the overall strategic direction of the Insider Threat program. Will support the Insider Threat Operations Team and be responsible for maintaining systems to facilitate the analysis of insider threat alerts and events, integrating available data sources from a variety of internal and external sources into the Insider Threat Management workflow, cleaning data as necessary, and developing associated analytical models.

Major Responsibilities

• Collaborate closely with online banking and authentication teams to develop and test indicators to detect compromised customers and clients. Build tools to assist in analyzing and extracting configuration data from banking (or other) malware targeting MUFG customers and clients
• Produce concise, detailed written products highlighting key components of research and analysis
• Engage effectively with multiple teams within the bank to achieve objectives and proactively mitigate losses from financial malware. Contributes to the large-scale development of the Insider Threat Operations data analytics program, to understand their mission needs, and identify forward thinking data science approaches for operationalization
• Develops custom data models and algorithms within company databases to apply to data sets; uses predictive modeling to increase and optimize measures and methods associated with internal monitoring. Conducts advanced analysis of security data to detect insider risk related activities and develop predictive indicators
• Develops processes, procedures, and notifications to examine and measure insider risk and implement appropriate risk mitigation methodologies
• Manages various analytical tools and information systems to identify and follow trends in order to provide actionable intelligence
• Experience with server administration in both on-prem and cloud environments. Knowledge of contemporary SIEM/UEBA platforms and their application to cyber threat analysis
• Experience with writing small bash, splunk scripts, sql queries and java programs
• Knowledge of networking protocols, encryption, firewalls, host and network intrusion detection systems, data loss prevention systems, Windows and Linux
• Understanding of latest security trends, especially those associated with insider threat detection, response, and mitigation

Qualifications

• 5-6 years of overall technical experience in either reverse engineering/malware analysis, threat intelligence, incident response, security operations, or related information security field
• 5-6 years of experience in application design/engineering, including but not limited to programming/scripting, Windows/Linux system administration, relational database management system (RDBMS)/NoSQL database administration, etc.
• Experience in the banking or finance industries preferred
• 2+ years’ experience in penetration testing or ethical hacking

  2+ years’ experience with reverse engineering tools like IDA Pro, Ghidra, OllyDbg, WinDbg, and Wireshark

• Experience in application design/engineering, including but not limited to programming/scripting, Windows/Linux system administration, relational database management system (RDBMS)/NoSQL database administration, SQL, Java, and SAS etc
• Experience in the banking or finance industries preferred
• Experience with reverse engineering tools like IDA Pro, Ghidra, OllyDbg, WinDbg, Wireshark, Splunk, Exabeam and Symantec platforms; proficiency across multiple devices and platforms to include database user interfaces and query software (Splunk)
• A strong understanding of the cyber threat landscape, with expertise in the cyber and insider threat analysis process
• A balance of technical understanding of threat detection technology and service delivery skills
• Able to work well both independently and as part of a team
• Experience in building data analytic processes and procedures
• Excellent communication skills and ability to adapt to technical and non-technical audiences
• Security and IT metrics experience a plus; report creation abilities strongly desired.
• Direct experience of analyzing malware, must have a solid understanding of dynamic/static analysis of malware
• Experience in encryption/obfuscation and how to reverse it is desired, but not required

Nice to Have Requirements:

• Experience of Python scripting to automate analysis and reverse engineering tasks (and Bash or PowerShell or PerlC/C++)
• Background in network traffic analysis; knowledge of networking protocols: Transmission Control Protocol/Internet Protocol (TCP/IP), Hyper Text Transfer Protocol/Secure (HTTP/HTTPs), File Transfer Protocol (FTP), Internet Relay Chat (IRC), etc.
• CAP, CISSP, CISA, CISM or related SANS certifications
• 2+ years’ experience in penetration testing or ethical hacking
• Security and IT metrics experience a plus; report creation abilities strongly desired.
• Experience in encryption/obfuscation and how to reverse it is desired, but not required

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.

#LI-Remote

Tagged as: 501+ Employees, Hide US-Only Jobs, Venture Funded