Threat Detection & Response Engineer, Associate Vice President - Remote

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

This is a hybrid position. The recruiter will provide additional details.

Job Summary

MUFG is seeking an Insider Threat Associate Vice President to contribute to our Insider Threat Operations Team. This person will help build risk models, use data driven methods to define use cases, building metrics and reporting around trends and recommendations that need to be shared with senior leadership. This position is located in the Operational Monitoring area of Enterprise Information Security and will report directly to the Insider Threat Program Manager. Experience in machine learning, AI, Exabeam, Splunk Phantom and concepts including system networks are important as you help to drive out advance analytics in risk prioritization. The analyst in this role will have the capability to drive out complex mathematical algorithms and behavioral risk scoring. The member will serve as the point of contact for daily Splunk-Phantom Queue management and will report all incidents, Data Breach Report filings, and escalations to the Insider Threat Program Manager.

Major Responsibilities

• Act as key team player team in complex analytics, reporting and metrics
• Identify predictive events and behaviors based on data
• Present a scientific approach to identifying hostile attacks
• Act as a Insider Threat analyst for intelligence lead detection
• Support the continued development of an insider threat framework
• Responsible for day to day operational support and escalation of Splunk Phantom events
• Evaluate existing SIEM queries, reports and dashboards to make recommendations on changes of events being monitored
• Support the Insider Threat Program Manager with the development and expansion of the insider threat roadmap
• Produce key metrics and reports that help to analyze trends of different insider threat scenarios
• Support the Insider Threat Program Manager in regulatory and audit requirements given relating to DLP and Insider Threat
• Produce documentation that will help to educate and socialize program updates to our key stakeholders
• Exceptional time management is required to balance strategic and operational support needs in your day to day activities

Qualifications

• 5-7 years' of Cybersecurity experience including:
• 3+ years' experience with a combination of technical, investigations, network and system responsibilities
• 3+ years' experience in Data Loss Prevention (DLP) and Insider Threat Program responsibilities is strongly desired
• 3+ years' working in big data solutions such as Hadoop and Splunk
• Familiarity with SIEM tool
• Experience in the financial/government sector is a plus
• An ability to act independently, prioritizing and organizing day to day tasks and needs as appropriate
• Possess excellent communication and presentation skills
• Demonstrated capabilities to do data analytics and draw risk conclusions based on activities seen
• Experience with DLP and big data technology
• Experience with O365 and other cloud technology solutions
• Documentation writing skills that present both a business and technical viewpoint
• Experience in the banking/government or finance industries preferred

The typical base pay range for this role is between $110K - $130K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.

MUFG Benefits Summary

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.

#LI-Hybrid