Security Engineering - AVP

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

Position details

The Senior Cyber Security Engineer is a hands‑on role within MUFG’s Cyber Security Engineering function, responsible for the day‑to‑day operation, support, and continuous improvement of cybersecurity controls. The role also contributes to the implementation, enhancement, and optimisation of security solutions across the organisation, ensuring that cyber security capabilities remain effective, resilient, and aligned with business needs.

The role requires strong technical expertise across infrastructure, networking, and security tooling, with a focus on maintaining operational stability and supporting ongoing cyber security initiatives. Responsibilities include responding to security incidents, leading investigations into complex technical issues, supporting remediation activities, and executing security‑related change deployments in line with established change and governance processes.

The Senior Cyber Security Engineer acts as a trusted technical point of contact across a wide range of systems and security controls, providing guidance and support across the cyber estate. The role includes ensuring all technical documentation, procedures, and support materials are accurate, current, and maintained to a high standard. This position is well suited to an individual who enjoys problem‑solving, is comfortable working in technically complex and ambiguous environments, and is motivated to tackle varied challenges with minimal supervision.

Roles and Responsibilities

You will act as a key point of contact for internal audit, IT risk, and security governance teams, ensuring alignment with regulatory frameworks (e.g., ISO 27001, SAMA, SWIFT CSCF) and internal security standards.

Domain Experience (Network Security)

• Strong experience in network security architecture and operations, including TCP/IP, routing, switching, and traffic flow analysis.
• Hands-on experience with perimeter security controls, including next-generation firewalls, intrusion prevention systems (IPS), and secure network design.
• Experience working with cloud-based edge security platforms, including WAF, DDoS protection, and Zero Trust (ZTNA) implementations.
• Expertise in web security and proxy solutions (Secure Web Gateway), including URL filtering, SSL inspection, and user-based access controls using tools.
• Experience with network visibility and microsegmentation, including application dependency mapping and east-west traffic analysis.
• Hands-on experience in network security policy management and governance, including firewall rule lifecycle management, policy optimization, and compliance .
• Exposure to multi-vendor network security environments, with the ability to integrate and manage policies across diverse firewall and security platforms.
• Experience in cloud network security, including securing VPCs/VNets, security groups, and integrating cloud-native controls with enterprise security architecture.
• Familiarity with network access control (NAC) solutions for device authentication and posture validation
• Strong understanding of security best practices, including Zero Trust architecture, least privilege access, and segmentation strategies.

• Risk Identification and Mitigation
  • Identify potential security risks posed by threat actors and gaps in existing deployments.
  • Collaborate with internal teams and vendors to develop mitigation plans and track remediation progress through ServiceNow.
  • Support organistaions security risk profile and associated operational risk reporting.
• Process Optimisation
  • Support continuous improvement of operational processes and workflows.
  • Identify opportunities for operational efficiencies, automation, or standardisation.
• Audit and Governance Support
  • Support internal and external audits by ensuring activities are documented and accessible in central respositries.
  • Align improvements and mitigation activities with organisational risk policies and governance frameworks.
• General
  • Support Information Security incidents where requested.
  • Support Operational Security duties where requested.
  • Responsibility covers EMEA for Bank and EMEA for Securities technology
• Key Deliverables
  • Fully supported and documented security tooling across multiple domains.
  • Timely and effective resolution of tooling and platform-related incidents.
  • Implementation packages and handover documents for new control deployments.
  • Accurate reporting of vulnerability status and policy compliance gaps.
  • Automation scripts, dashboards, or integrations that reduce manual workload.
  • Audit-ready documentation and evidence packs as required.

Job Requirements:

• Education and Experience:
  • Strong secondary-level education is required, ideally to A-level or equivalent standard, in a technical or analytical discipline.
  • A university degree is not essential, though a qualification in Cyber Security, Information Technology, Risk Management, or a related field would be considered advantageous.
  • 8+ years of experience in cyber security or information security roles.
• Knowledge and Skills:
  • Strong technical experience in Windows Server and Linux environments.
  • Strong technical understanding of infrastructure, networking, and operating systems.
  • Hands-on experience with one or more enterprise cyber security tools
  • Knowledge of regulatory frameworks (e.g., ISO 27001, CIS, NIST).
  • Comfortable supporting log analysis, access control configurations, and data protection tools.
  • Proficiency in troubleshooting integrated systems involving AD, DNS, GPO, and networked assets
  • Scripting or automation exposure (Python, Ansible, or PowerShell) is desirable.
  • Experience collaborating with audit, risk, and compliance stakeholders.
  • Excellent written and verbal communication skills for technical and non-technical audiences.

• Success Measures
  • High availability and performance of cyber tooling platforms.
  •  Reduction in platform-level incidents through proactive support or automation.
  •  Timely delivery of project tasks and handover documentation.
  •  Positive feedback from IT partners, operations, and audit stakeholders.
  •  Contribution to ongoing improvements in detection, compliance, and control effectiveness.

• Soft Skills:
  • Excellent communication skills, with the ability to convey technical findings to non-technical stakeholders.
  • Strong collaboration skills, with a focus on cross-functional teamwork and vendor relationship management.
  • Process oriented with keen attention to detail.
  • Ability to proactively anticipate problems and execute solutions at a strategic level.
  • Ability to think strategically
  • Active involvement in internal and external audits and experience of managing Audit relationships.
• Certifications (Nice to have)
  • Relevant certifications such as CISSP, Security+, CEH, GCIA, or vendor-specific qualifications (e.g., Microsoft, AWS).

Desired but not necessary:

• Experience working with cloud platforms (Azure, AWS) or virtualized environments (e.g., VMware).
• Familiarity with ServiceNow ITSM.
• Knowledge of security frameworks such as CIS Benchmarks, ISO 27001, or NIST 800-53.

Mitsubishi UFJ Financial Group (MUFG) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.