MUFG Cybersecurity Controls and Compliance Security Standards Associate, AVP – Remote in Raleigh, North Carolina
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 6th largest financial group in the world. Across the globe, we’re 160,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
This is a remote position. The selected colleague will generally be expected to work at an MUFG office periodically. A member of our recruitment team will discuss location preferences with you in more detail.
The Cybersecurity Controls & Compliance security standards AVP will manage and oversee the development and maintenance of the Technical Security Standards for MUFG critical infrastructure technologies e.g. operating systems, database systems and network appliances in addition to Cloud technologies and services (IaaS, Paas.) A key security function for the firm the candidate will need to partner with product managers and SMEs across the organization to collaborate and efficiently secure key technologies.
Engage with technology managers (VP, Director, and MD level) across Operations and Technology to define security requirements and create security requirement documents for critical infrastructure technologies.
Work with platform owners and the monitoring team to test/validate automated testing profiles prior to production implementation.
Perform recertification of Technical Security Standards as outlined within program guidelines
Coordinate with Threat and Vulnerability Management (TVM) lead to support the Technical Security Standards program
Work with TVM, Technical Infrastructure engineers (TI) and Application Development managers across the organization to troubleshoot and resolve minimum security requirement compliance issues.
Manage timely remediation of issues related to Technical Security Standards.
Conduct research with vendors utilizing industry guidance/best practices for minimum security requirements such as CIS Benchmarks, NIST and others as required.
Support review and challenge of security control requirements; First, Second and Third lines of defense.
Solid working experience and knowledge of *nix operating systems (admin skill in Linux/AIX a plus).
Solid working experience and knowledge of Windows networking, windows domains and active directory, GPOs
Strong understanding of databases and web technologies configuration controls
Strong knowledge in industry and government security standards (NIST, CIS, etc.) in creating system hardening baseline controls
Minimum of 3+ years of IT Security & Risk Management experience
Ability to complete tasks and deliver professionally written technical documents.
Experience with compliance scanning tools is a plus (ie. Qualys).
Familiarity with standard security best practices and processes including compliance reporting.
Excellent verbal and written communication skills, as well as organization and presentation skills.
Bachelor's degree in Business, Computer Science, Technology, or Related Fields
The typical base pay range for this role is between $97k - $121k depending on job-related knowledge, skills, experience and location. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
Our Culture Principles
Listen Up. Speak Up.
Innovate & Simplify
Own & Execute