Cybersecurity Controls and Compliance Security Standards Associate, AVP - Remote

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 6th largest financial group in the world. Across the globe, we're 160,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

• Engage with technology managers (VP, Director, and MD level) across Operations and Technology to define security requirements and create security requirement documents for critical infrastructure technologies.
• Work with platform owners and the monitoring team to test/validate automated testing profiles prior to production implementation.
• Perform recertification of Technical Security Standards as outlined within program guidelines
• Coordinate with Threat and Vulnerability Management (TVM) lead to support the Technical Security Standards program
• Work with TVM, Technical Infrastructure engineers (TI) and Application Development managers across the organization to troubleshoot and resolve minimum security requirement compliance issues.
• Manage timely remediation of issues related to Technical Security Standards.
• Conduct research with vendors utilizing industry guidance/best practices for minimum security requirements such as CIS Benchmarks, NIST and others as required.
• Support review and challenge of security control requirements; First, Second and Third lines of defense.

• Solid working experience and knowledge of *nix operating systems (admin skill in Linux/AIX a plus).
• Solid working experience and knowledge of Windows networking, windows domains and active directory, GPOs
• Strong understanding of databases and web technologies configuration controls
• Strong knowledge in industry and government security standards (NIST, CIS, etc.) in creating system hardening baseline controls
• Minimum of 3+ years of IT Security & Risk Management experience
• Ability to complete tasks and deliver professionally written technical documents.
• Experience with compliance scanning tools is a plus (ie. Qualys).
• Familiarity with standard security best practices and processes including compliance reporting.
• Excellent verbal and written communication skills, as well as organization and presentation skills.
• Bachelor's degree in Business, Computer Science, Technology, or Related Fields