Threat Detection & Response, Associate / Assistant Vice President
MUFGDo you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.Job Summary:
The Assistant Vice President (AVP) role will require you to perform digital forensic collection, analysis and e-Discovery in support of Enterprise Information Security, Legal, Compliance and HR/ER investigations. This role is responsible for examining artifacts in support of active security incidents, post-incident investigations or internal investigations. This person will work closely with the Incident Response Team.
The candidate will have experience working independently in digital forensic investigations and e-Discovery. They will also possess strong technical skills, strong problem-solving skills and are inspired by teamwork and diversity among colleagues.
Major Responsibilities:
Extensive theoretical and practical knowledge with Mac, Linux and Windows operating systems.
Conduct analysis of artifacts to determine methods of intrusion and best course of resolution while driving security improvement.
Create technical summary of findings in accordance with industry reporting procedures.
Knowledge of models/frameworks such as Kill Chain and MITRE ATT&CK.
Well-developed analytic, qualitative, and quantitative reasoning skills.
Demonstrated creative problem-solving abilities.
Understanding of offensive security to include common attack methods.
Understanding of how to pivot across multiple datasets to correlate artifacts for a single security event.
Knowledge and experience in security and regulatory frameworks (ISO 27001, NIST 800 series, FFIEC, SOC2, FedRAMP, STAR, etc.).
In-depth knowledge in Incident Response and Forensics.
Examine computers, related hardware, network traffic, related applications, and operating systems to identify potential threats, anomalous or malicious activities to network resources.
Apply forensic methods and techniques to test and validate hardware/software equipment.
Conduct memory collection and analysis.
Reconstruct damaged computer systems and recover damaged or destroyed data; review forensic images; determine solutions for recovery of potentially relevant information.
Assist in the maintenance of forensic and investigative plans and procedures.
Understanding of eDiscovery process.
Collect and examine endpoint and network-based evidence and artifacts.
Produce and communicate executive and detailed level reports of work efforts.
Have an understanding to investigate instances of malicious code to determine attack vector and payload.
Identify Indicators of Compromise (IOCs) and recommend use cases into sensors and/or SIEMs.
Stays current with digital forensics techniques, industry frameworks, changes in the company and best practices.
Serve as a first responder for forensics analysis and investigation capabilities.
Qualifications:
Bachelor’s degree in information technology or related discipline. Equivalent work experience is equally preferable.
Minimum of 3 years’ experience in digital forensics.
Minimum of 3 years working directly in Cybersecurity Operations
Experience working within the Financial Services Industry preferred.
History of working in endpoint and Network Forensics.
Experienced with Magnet Axiom, TX1, Atola, FTK Imager, Verakey, Splunk, Crowd Strike, Volatility, and digital forensics open-source forensic tools.
Experience responding to cyber events in public cloud environments such as AWS, Azure, Google Cloud, etc.
Preferred Certifications: GCFE, GCFA, MCFE or equivalent.
Other:
As per MUFG’s Return to Office policy, a candidate must work onsite for 4 days and 1 day remotely out of Jersey City, NJ.
The typical base pay range for this role is between $104K - $131K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below. MUFG Benefits Summary