Build Your Career in Cybersecurity -
YOUR WAY

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details. MUFG is seeking a highly motivated Certified Sr. Cloud Security Engineer Subject Matter Expert (SME) to improve the security framework and direct the delivery of services, oversee day to day operations and control any issues for teams in a multi-Cloud environment. The ideal candidate is a Certified Cloud Security Engwith CCSP (Certified Cloud Security Professional).

• Identifying threats and developing appropriate defense measures. Evaluating system changes for security implications.
• Ensure cloud systems and solutions are secure by design.
• Conducting continuous vulnerability and compliance validation to ensure ongoing adherence to security policies and regulations.
• Monitoring cloud environments for security incidents and ensuring rapid response through automated mechanisms.
• Collaborates with cross-functional teams, including developers, cloud engineers, architects, and operations, to embed security as code practices into the DevOps pipeline.
• Serves as a subject matter expert on cloud technologies and security solutions, providing guidance and mentorship to team members. Foster a culture of continuous improvement, innovation, and knowledge sharing across the organization.
• Staying updated on the latest cloud security threats and advancements

Required Skills:

• At least 5 years of experience in design, implementation and securing cloud solutions.
• SME in Cloud Security Build-out Security controls, Implementation of Guard Rails, and Implementations of Cloud Security environments.
• Expertise in cloud service providers, especially AWS, Azure, and OCI
• Hands on experience with cloud security services specialized in Threat Detection, Encryption, Data Protection, Compliance, privilege access management etc.
• Deep understanding of cloud security frameworks, compliance requirements, and best practices
• Familiar with infrastructure as code (IaC) and security as code tools such as Terraform, CloudFormation, and Azure Resource Manager (ARM) templates.
• Strong analytical skills to identify potential security risks and automate compliance checks.
• Excellent problem-solving abilities and the capacity to work effectively under pressure.
• The Cloud Security Engineer must be proactive, with a strategic approach to security management, ensuring that the cloud platform and solutions are always not only secure but also compliant through automated policies and validation.
• Certifications like AWS Cloud Solution Architect, AWS Security Specialty, Azure Security Engineer, ISC2 Certified Cloud Security Professional or equivalent a plus

Education:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or relevant industry certifications. Equivalent work experience equally preferable.

Preferred Certifications:

• Certified Cloud Security Professional (CCSP)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Manager (CISM)
• Certified Information System Auditor (CISA)
• Certified Ethical Hacker (CEH)

• As per MUFG’s work policy, must work onsite 4 days and 1 day remotely out of either our Jersey City, NJ, Tampa, FL or Tempe, AZ office
• The typical base pay range for this role is between $145K - $176K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.MUFG Benefits Summary
• We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA).
• The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse, and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any.
• The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
• We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.

Summary Information about the Role

In this role, you will be responsible for supporting a highly complex, unstructured and broad capability that must be accomplished with ownership and influence. This requires methodical and consistent problem solving, proactiveness and innovation transform the IAM function for the entire bank. This includes supporting a subset of the following sub-functions: a) strategic planning and implementation b) organizational design and role development c) organizational change management d) human capital management and forecasting e) cross-Truist stakeholder engagement f) process re-engineering g) service management maturity h) data-driven risk remediation i) capability maturity j) continuous improvement k) operations and l) analysis.

Company Overview

NA

• Design, Develop, implement, and maintain identity and access management solutions and systems.
• Troubleshoot, identify, and resolve technical identity and access management related issues.
• Improve identity and access management solutions and systems for protection against evolving threats and efficiency.
• Coach other members of the organization on the best practices that should be followed in identity and access management.
• Stay up to date on the IGA solution framework, technology, and industry best practices.
• Remove ‘IAM Blinders’: take a Truist-wide approach to owning and resolving challenges.
• Continuous Improvement: consistently seeking ways to get better.
• Proactively engage with stakeholders to make them aware and willing to adopt our solutions, which includes managing up, out, and down to avoid surprises and position our solutions to be successful.
• Lead collaboration efforts with internal and external IT service providers and business units in evaluating and gathering technical requirements for business clients’ information security initiatives.
• Lead cross-functional teams and shape client expectations by driving initiatives and matching outcomes to expectations.
• Provide leadership and direction to ensure program elements including risk assessments, application development, project management, and ongoing operations reflect CIS requirements.
• Act as a thought leader and trusted partner enabling business units to more aggressively leverage its capabilities to drive business value and strengthen its role in upholding Truist's competitive advantage.
• Drive initiatives that improve communication and documentation of potential solutions, impact analysis, benefits/risks, implementation requirements, and recommended approach.
• Advise and consult on options, improvements, cost savings opportunities and cross-project impact to other business processes and systems priorities.
• Remain aware of the corporate technology, infrastructure, standards, processes, and strategic direction and use these tools to help guide the client in accomplishing their business goals.

Required Qualifications:

• Bachelor's degree in business administration, technology related field or equivalent education and related training
• More than seven years of demonstrated progressive experience in Cybersecurity, with emphasis on data lost prevention, vulnerability management, access management, firewalls, security awareness training, etc.
• Excellent ability to express complex multi-disciplinary technical and business concepts in terms that are understandable to all levels of Lines of Business and corporate management both verbally and in writing
• Strong working knowledge of cybersecurity terms, concepts, disciplines, frameworks, best practices and industry/regulatory requirements

Preferred Qualifications:

• Bachelor’s degree in IT, information security, computer science, or a related field.
• 5+ years’ experience and intermediate-level technical knowledge of product knowledge and processes for specific IAM areas (e.g.Oracle OIM, Sailpoint)
• 5+ years’ technical experience working in the transformation function.
• Extensive knowledge and experience with identity and access management technology, such as single sign-on (SSO), two-factor authentication, privileged access management.
• Experience with one or more programming languages such as C++, Java, Python, Node.JS, JavaScript, or C#
• Experience with Windows, Linux / Unix, scripting (Bash, PowerShell, or Perl), LDAP, Oracle, MS SQL, and web services.
• Excellent ability to express complex multi-disciplinary technical and business concepts in terms that are understandable to all levels of Lines of Business and corporate management both verbally and in writing
• Bachelor’s degree or equivalent
• Previous experience in the banking industry
• Previous experience working with an Identity and Access Management platform such as Oracle.
• Cybersecurity certifications such a CISM, CISSP

All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Truist supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Truist is a Drug Free Workplace. EEO is the Law [Pay Transparency Nondiscrimination Provision](https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_ English_formattedESQA508c.pdf) E-Verify

Bowhead seeks experienced Cybersecurity Protect Analysts to join our team onsite in Dayton, OH.

The Cybersecurity Protect Analysts will ensure delivery of critical infrastructure services. These highly skilled individuals will work in various capacities alongside Computer Network Defense (CND) Analysts and Cybersecurity Engineers in support of a 24x7x365 cybersecurity service provider. The Cybersecurity Protect Analysts will perform vulnerability assessments and implement a variety of host-based security controls to prevent and/or limit the impact of an intrusion. The Cybersecurity Protect Analysts work in a larger team to deploy, implement, and sustain cybersecurity related functions.

• Identify vulnerabilities and assessing whether DREN assets conform to recommended security policies and configuration

• Conduct vulnerability scans monthly per subscriber using DoD-approved and recommended tools such as ACAS

• Provide the CDRUSSTRATCOM visibility and insight into the unclassified/classified to assess risk to the DODIN through reports, findings, and analyses resulting from vulnerability assessments

• Perform hardware/software inventory updates monthly using DoD-approved and recommended tools such as ACAS

• Provide the capability to receive open source, official, and classified threat, vulnerability, and attack notifications

• Provide subscriber sites details to take directed corrective actions to mitigate potential vulnerabilities or threats to their assets and capabilities

• Deploy the DoD's Host Based Security System (HBSS) in accordance with applicable DoD policies and guidance

• Operate and maintain the HBSS server IAW with STIG requirements and ensuring HBSS agents are properly deployed in accordance with DoD guidance

• Ensure all required HBSS modules are properly deployed, up-to-date, and active on subscribers' hosts in accordance with DoD guidance

• Configure HBSS to perform periodic scans IAW current DOD guidance

• Ensure signature based and heuristic based malware protection capabilities are kept up to date with latest malware signatures and/or properly configured and tuned to protect against malware

• Create, maintain, and update functional documentation, standard operating procedures and other documentation as required

Required Qualifications

• Bachelors' Degree in an IT related discipline AND at least three to five (3 to 5) years of experience as described above

• Must have and maintain CND-SP Baseline Certification (CEH or equivalent)

• Must have and maintain IAT II Baseline Certification (Security (+) or equivalent)

• Must have HBSS 301 required training for HBSS administration

• Must have ACAS certification

• Intermediate to advanced level skills in Microsoft Office software suite - Word, Excel, Outlook, PowerPoint

• Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience

• Presentation and strong public speaking skills are required

• Strong interpersonal skills and good judgment with the ability to work alone or as part of a team

Preferred Qualifications

NA

Other Requirements

• SECURITY CLEARANCE REQUIRED: Must currently hold and be able to maintain an active Secret clearance. US Citizenship is a requirement at this location.

Physical Demands:

• Must be able to lift up to 25 pounds

• Must be able to stand and walk for prolonged amounts of time

• Must be able to twist, bend and squat periodically

#LI-DNI

MN1