Vice President, Senior Security Engineer

Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with approximately 350 years of history, MUFG is a global network with around 2,300 offices in over 50 countries including the Americas, Europe, the Middle East and Africa, Asia and Oceania, and East Asia. The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.

As one of the top financial groups globally with a vision to be the world's most trusted, we want to attract, nurture and retain the most talented individuals in the market. The size and range of MUFG's global business creates opportunities for our employees to stretch themselves and reap the rewards, whilst our common values, to behave with integrity and responsibility, and to build a culture which is fair, transparent, and honest, underpin everything that we do. We aim to be the financial partner of choice for our clients, whatever their requirements, building long term relationships, serving society, and fostering shared and sustainable growth for a better world.

Please visit our website for more information -

Technology is responsible for the operation, development and support of all technology across all areas of the local and international business. We ensure the IT strategy, architecture solutions, and service delivery are firmly aligned to business requirements and long term strategy of the group.

Technology comprises the following functions:

• Architecture and Development team - which is responsible for the provision of shared services including architecture, middleware, new systems development, quality assurance and release management.
  Middle, Risk and Back Office Team - which is responsible for all the applications used by these areas including the main trading system, Murex.
• Front Office Solutions - which provides a business-oriented focus to all technological developments that affect the trading floor.
  Infrastructure team - which supports the operation of all production services, voice and data networks, other voice systems and desktop systems.
• Programme Office and Purchasing - which is responsible for definition, prioritisation and delivery of the annual investment portfolio as well as procurement and software licence management.
• IT Risk and Control - which is responsible for implementing and managing all technology related controls over IT and information risk and business continuity, supports the provision of disaster recovery solutions, performs risk assessments, and manages business recovery plans and the business recovery facility. Information Secuity is also the responsibility of this function.

MAIN PURPOSE OF THE ROLE The Cyber Security Engineer is a versatile, technically capable role within MUFG's Cyber Security Engineering function. The engineer will play a hands on role in delivering, maintaining, and troubleshooting key cyber security technologies while supporting the implementation of new controls and improvements.

This position requires a well rounded individual with strong foundational knowledge across Windows and Linux platforms, network infrastructure, and cyber security tooling. The successful candidate will work across a variety of use cases including platform engineering, incident response support, project delivery, and audit preparation. Familiarity with tools such as Varonis, vulnerability scanners (e.g., Qualys), SIEM, DLP, and PAM is highly desirable, as is experience with scripting or automation in PowerShell, Python, or Bash.

The engineer will act as a trusted technical contact across a range of systems and controls, often leading investigations into complex issues, supporting change deployments, and ensuring documentation and support materials are accurate and up to date. The role suits someone who enjoys solving problems, is comfortable with technical ambiguity, and is ready to tackle varied challenges across the cyber estate.

KEY RESPONSIBILITIES You will act as a key point of contact for internal audit, IT risk, and security governance teams, ensuring alignment with regulatory frameworks (e.g., ISO 27001, SAMA, SWIFT CSCF) and internal security standards.

• Core Responsibilities
  • Provide technical support and lifecycle management of cyber security tools including Varonis, Qualys, SIEM, DLP, PAM, and endpoint protection platforms.
  • Investigate, triage, and resolve platform level incidents affecting security tools and controls.
  • Support incident response teams by providing tooling insights, logs, and root cause analysis.
  • Contribute to the successful implementation of new security solutions, including design input, testing, deployment, and documentation.
  • Liaise with infrastructure, network, and server teams to troubleshoot issues related to control integration and coverage.
  • Assist in running vulnerability scans, analysing results, and tracking remediation efforts.
  • Automate routine tasks using scripting languages (e.g., PowerShell, Python, Bash) where applicable.
  • Write and maintain accurate documentation including implementation procedures, runbooks, and technical standards.
  • Participate in internal and external audit activities by gathering evidence, explaining configurations, and supporting reviews.
  • Identify control gaps or inefficiencies and suggest engineering improvements.
• Risk Identification and Mitigation
  • Identify potential security risks posed by threat actors and gaps in existing deployments.
  • Collaborate with internal teams and vendors to develop mitigation plans and track remediation progress through ServiceNow.
  • Support MUSI's information security risk profile and associated operational risk reporting.
• Process Optimisation
  • Continuously refine methodologies and workflows for improved efficiency and effectiveness.
• Audit and Governance Support
  • Support internal and external audits by ensuring activities are documented and accessible in central repositories.
  • Align improvements and mitigation activities with organisational risk policies and governance frameworks.
• General
  • Be seen as the Information Security centre of excellence for MUSI and ensure MUSI adopt an appropriate and professional response on any information security issues raised by the organisation's business activities
  • Support Information Security incidents where requested.
  • Support Operational Security duties where requested.
  • Responsibility covers EMEA for Bank and EMEA for Securities technology
• Key Deliverables
  • Fully supported and documented security tooling across multiple domains.
  • Timely and effective resolution of tooling and platform related incidents.
  • Implementation packages and handover documents for new control deployments.
  • Accurate reporting of vulnerability status and policy compliance gaps.
  • Automation scripts, dashboards, or integrations that reduce manual workload.
  • Audit ready documentation and evidence packs as required.

SKILLS AND EXPERIENCE

• Education and Experience
  • Strong secondary level education is required, ideally to A level or equivalent standard, in a technical or analytical discipline.
  • A university degree is not essential, though a qualification in Cyber Security, Information Technology, Risk Management, or a related field would be considered advantageous.
  • 5+ years of experience in cyber security or information security roles.
• Knowledge and Skills
  • Strong technical experience in Windows Server and Linux environments.
  • Strong technical understanding of infrastructure, networking, and operating systems.
  • Hands on experience with one or more enterprise cyber security tools (e.g., Varonis, Qualys, Symantec DLP, SIEM, EDR).
  • Knowledge of regulatory frameworks (e.g., ISO 27001, CIS, NIST, SAMA).
  • Comfortable supporting log analysis, access control configurations, and data protection tools.
  • Proficiency in troubleshooting integrated systems involving AD, DNS, GPO, and networked assets
  • Scripting or automation exposure (Python, Ansible, or PowerShell) is desirable.
  • Experience collaborating with audit, risk, and compliance stakeholders.
  • Excellent written and verbal communication skills for technical and non technical audiences.
• Success Measures
  • High availability and performance of cyber tooling platforms.
  • Reduction in platform level incidents through proactive support or automation.
  • Timely delivery of project tasks and handover documentation.
  . click apply for full job details