Job Description

About MUFG Global Service (MGS)MUFG Bank, Ltd. is Japanxe2x80x99s premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Bankxe2x80x99s parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the worldxe2x80x99s leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.The Group aims to be the worldxe2x80x99s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFGxe2x80x99s shares trade on the Tokyo, Nagoya, and New York stock exchanges.For more informatAbout Us:
MUFG Bank, Ltd. is Japans premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Banks parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the worlds leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.
The Group aims to be the worlds most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFGs shares trade on the Tokyo, Nagoya, and New York stock exchanges.MUFG Global Service Private Limited:
Established in 2020, MUFG Global Service Private Limited (MGS) is 100% subsidiary of MUFG having offices in Bengaluru and Mumbai. MGS India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC/ AML, Credit, Operations etc. to MUFG Bank offices globally. MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFGs global network across Americas, EMEA and Asia PacificAbout the Role:
Position Title: Security Content Response and Automation (SCRAT) Engineer
Corporate Title: AVP
Reporting to: Vice President
Location: BengaluruJob Profile
Position details:
As a Threat Detection and Response Engineer you will occupy a crucial position in our Security Operations center, with your primary focus centered on conceiving, refining and implementing use cases and strategies that intricately align with the MITRE AT&CK Framework. Your expertise with this framework and the cyber security kill chain will form the foundation where our defensive capabilities are fortified, ensuring the ability to not only identify and respond, but also impede cyber threats in a proactive manner.Roles and Responsibilities:

• Collaboration and Innovation: Work closely with cross-functional teams, including Threat Intelligence,
• Incident Response, Forensics and Security Operations to collaboratively craft custom security use cases founded on the principles of MITRE ATT&CK Framework. Harnessing the collective intelligence to device strategies that yield valuable results.
• Draw upon your comprehensive understanding of the cyber landscape to design and execute advanced detection and response strategies, employing an array of sophisticated security tools and technologies. Your solutions will serve as the first line of defense, minimizing potential risks and vulnerabilities.
• Apply your extensive knowledge of attack patterns, tactics and techniques to conduct in-depth analysis of cyber threats. Unearth the subtle nuances that set apart malicious activities from innocuous ones, thus empowering the firm with a heightened security posture.
• In the ever-changing landscape of cyber threats, stat at the forefront of industry trends and emerging attack vectors. This ensures that the strategies you develop remain resilient and effective in the face of new challenges.
• Participate in red teaming and penetration testing exercises to subject the developed use cases to real-world simulation. By doing so, ensuring their robustness and effectiveness in diverse scenarios.
• Produce and report valuable metrics to leadership and cross functional teams to quantify the value and effectiveness of use cases in an ever-changing threat landscape.

Job Requirements:

• Bachelors degree in Information Technology, Cyber Security, Computer Science, or related discipline
• Equivalent work experience equally preferable
• Knowledge of models/frameworks such as Cyber Kill Chain and MITRE ATT&CK
• Well-developed analytic, qualitative, and quantitative reasoning skills
• Demonstrated creative problem-solving abilities.
• Security event monitoring, investigation, and overall incident response process
• Strong time management skills to balance multiple activities and lead junior analysts as needed.
• Understanding of offensive security to include common attack methods.
• Understanding of how to pivot across multiple datasets to correlate artifacts for a single security event.
• A diverse skill base in both product security and information security including organizational structure and administration practices, system development and maintenance procedures, system software and

hardware security controls, access controls, computer operations, physical and environmental controls, and backup and recovery procedures. * In-depth knowledge in one or more security domains including Security Governance and Oversight,

• Security Risk Management, Network Security, Threat and Vulnerability Management, and Incident Response and Forensics
• 5-8 years in Information Security or other Information Technology fields
• Experience working within the Financial Services Industry preferred.
• Experience creating trending, metrics, and management reports.
• Experience across the following technical concentrations:
• Network-Based Security Controls (Firewall, IPS, WAF, MDS, Proxy, VPN)
• Anomaly Detection and Investigation
• Host and Network Forensics
• Operating Systems
• Web Applications and Traffic
• Experienced with EnCase, FTK, SIFT, Splunk, Redline, Volatility, Wireshark, tcpdump, and open- source forensic tools
• Experience with cloud computing security, network, operating system, database, application, and mobile device security.
• Experience with information security risk management, including conducting information security audits, reviews, and risk assessments.

Preferred Certifications: CISSP, ISSMP, SANS, GSEC, GCFA, GNFA, GIAC and/or GCIH

MUFG