Sr Cloud Security Engineer

    • Tempe, AZ

Description

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2018). In the Americas, we're 14,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, developing positive relationships built on integrity and respect. It's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. We're a team that accepts responsibility for the future by asking the tough questions and owning the solutions. Join MUFG and be empowered to make your voice heard and your actions count.

Job Summary:

The Cloud Security Engineer position at MUFG Union Bank reaches across control families and application technologies; working with our most forward-leaning application and infrastructure tech teams to make it easier for them to protect our customers and achieve our vision to become the world's most trusted financial group.

You will have to solve complex problems in a heterogeneous environment with a mix of modern and legacy applications; and design for public cloud integration with on-premise virtual and container environments. We are looking for exceptional engineers that bring a desire to make a difference and ability to turn modern DevSecOps into reality within a highly secure environment. You will be working with a team of skilled engineers with broad spectrum of experiences in a collaborative agile environment, and so you should be able to write and review code, communicate and review designs, and be able to help during incidents.

Our ideal candidate is a technical professional that brings a broad mix of cloud native development skills, delivering solutions within agile teams and engaging with the broader community. Security at all levels of infrastructure and code is a core principle of the team. We are seeking individuals that can design and build highly secured applications as well as deliver security services and bring a deep knowledge of security frameworks and architectures. The mission of our team is to introduce transformational 21st century technologies to the firm - and similarly, to use transformational technology to secure them and execute strategies to increase Cloud Security knowledge throughout the enterprise.

The successful individual in this role will enjoy working on a range of initiatives as we continue to evolve our secure cloud environment. The group's team members collaborate with technology teams across the firm ranging from core infrastructure to application development in an effort to develop modern architectures so an ability to quickly jump between domains is a key component of success.

  • Bachelor's degree in Computer Science, Engineering or related field plus 10 years of relevant work experience OR;
  • Master's degree in a related field plus 8 years of relevant work experience
  • 5 years of demonstrated knowledge and experience across multiple cyber security domains including Identity and Access Management, Infrastructure Security, Network Security and Application Security
  • Experience delivering production ready security services in a Public Cloud environment
  • Experience in securing an application and its infrastructure at all levels within a cloud environment
  • A deep knowledge of cloud architecture in at least one major cloud provider - someone that can explain in detail core cloud topics for storage, computing and networking
  • Recent work with securing containers and the container life cycle
  • Ability to work effectively in a team environment; addresses conflicts appropriately, and builds productive partnerships with business partners, and stakeholders in order to achieve targeted business results
  • Directly manage technical projects in alignment with organizational goals and budgets
  • A strong track record automating infrastructure and associated security services. Dedication to creating efficiencies through repeatable, code driven processes that reduce operational risk
  • Experience leveraging cloud architectures like the AWS Well-Architected Framework for best practices within a cloud ecosystem

Preferred:
  • Experience building modern, scalable cloud native applications in AWS, Azure or Google Cloud
  • Ability to articulate how Cloud infrastructure supports development patterns
  • Experience developing in a containerized, distributed environment with a continuous delivery pipeline
  • Experience developing clean, testable code in at least one major modern language: Java, Python, Go, node.js
  • Hands on developing and securing Rest API calls
  • Adept at using and evangelizing development lifecycle tools such as Jenkins, Artifactory, Git, Open Source libraries and deployment tools
  • Exposure to industry communities such as CNCF or Usenix; the ideal candidate has presented at a conference or contributed to an open-source project
  • Understanding of industry regulatory and compliance requirements (i.e., FedRAMP, PCI-DSS, NIST, HIPAA) and skilled at interpreting the compliance and security requirements into implementable and repeatable controls
  • Experience developing operations infrastructure using tools like Cloud Formation, Terraform and Ansible

The above statements are intended to describe the general nature and level of the work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.

We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.


Back to top