MUFG Union Bank Director of the Global Security Operation Center (GSOC) in Tempe, Arizona
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2020).In the Americas, we’re 13,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, developing positive relationships built on integrity and respect. It’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. We’re a team that accepts responsibility for the future by asking the tough questions and owning the solutions. Join MUFG and be empowered to make your voice heard and your actions count.
Supporting MUFG’s corporate vision to “Be the World’s Most Trusted Financial Group” and reporting directly to the Global Head of Cyber Security Operations, the successful candidate will lead a team of cyber security professionals to direct all processes to perform intrusion monitoring, detection, triage, investigation, and notification and escalation activities.
This role will primarily focus on the MUFG Union Bank Security Operations Center in the United States, but is expected to work closely with the Security Operations Center in the home office in Japan to establish a global strategy, obtain consensus and continuously expand global coverage of existing and new operations and monitoring capabilities.
Provide leadership and oversight of a 24 X 7 X 365 security operations team in the US which is responsible for security monitoring, incident detection, event triage, and incident escalation.
Provide day to day management and oversight of Tier I and Tier II SOC Teams as well as the SCRAT - Security Content and Response Automation Team.
Provide leadership to help globalize SOC operations and work to streamline processes to provide standardization and consistency across all security monitoring functions globally.
Conduct personnel management activities include developing and maintaining SOC scheduling, developing training plans, conducting personnel reviews, personnel development, and other required human resources-related activities. Provide mentoring, procedural guidance, and operational oversight.
Evaluate existing SIEM rules, filters, events, incidents, and use cases and implement appropriate processes and technology tools to meet business requirements.
Identify opportunities to improve security monitoring and tasks.
Act as a Splunk enterprise subject matter expert.
Maintain strategic Splunk architectural development roadmap.
Responsible for determining, onboarding, and maintaining a wide variety of data sources and Splunk feeds from various OS, appliance, and application logs.
Utilize a thorough understanding of Spunk, Q Radar, and other SIEM and security operations tools and existing designs.
Execute against an overall global strategy aligned with local, regional and global MUFG cybersecurity objectives developed in conjunction with The Global Head of Cyber Security Operations and other global stakeholders.
Maintain a clear operations roadmap that ensures progress against strategy and tactical priorities.
Ensure that the appropriate controls are in place for security operations and that those controls are documented and tested regularly to evidence they are working as designed.
Supply information about the health and status of the teams’ performance and security posture of the company by reporting through channels such as regular operational reports, monthly business reports (MBR’s) quarterly business reviews, executive presentations, and executive level flash reports.
Network and maintain relationships with known industry experts and leaders.
Stay abreast of technology trends and cutting-edge ideas to ensure an eye to the future.
Leverage and maintain vendor relationships primarily in the US to compliment the delivery of security monitoring operations.
Manage Service Level Agreements (SLA) and relationships with all MUFG global entities leveraging the services supplied by your teams.
Develop inclusive teams in which people are empowered to succeed and partnership is encouraged.
Support a high-performance culture, ensure appropriate training for engineering staff, provide regular communications to your team and external partners, represent the firm to outside agencies and partner companies as required.
Requires a Bachelor’s degree in Computer Science, Engineering, Cybersecurity or related field – Master’s degree a plus
Skills & Abilities:
10 plus years of relevant leadership, technology and industry experience.
Expert knowledge of SIEM technologies, like Splunk ES, Q Radar, ArcSight, etc.
Demonstrable experience designing and building global security operations centers.
Proven experience working within a global and highly matrixed environment within a diverse business culture.
Proven knowledge in modern technologies and how security monitoring, security orchestration and automation (SOAR), and robotic process automation (RPA) apply to these technologies.
Experience developing security monitoring capability within a cloud environment.
Ability to identify opportunities and continuously drive throughput for the team through automation and analysis of team/individual performance.
Works effectively in a team environment; addresses conflicts appropriately, and builds productive partnerships with customers, business partners, and stakeholders in order to achieve targeted business results.
Client satisfaction-focused; builds relationships with business partners and ensures prompt, transparent proactive, and effective communications with these partners.
Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience.
Ability to effectively manage competing priorities with a keen eye for details, strong organizational skills and communication skills.
Clear understanding of regulatory, audit and risk expectations as they pertain to cyber security operations.
Ability to gain the respect and trust of highly technical staff to be able to motivate and groom them as well as the confidence of senior leadership in the team’s capabilities.
The above statements are intended to describe the general nature and level of the work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified .
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it’s the bank’s policy to only inquire into a candidate’s criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.
Primary Location: ARIZONA-Tempe
Schedule Full Time
Req ID: 10038270-WD