Incident Resonse Specialist [T500-21604]

About Us: MUFG Bank, Ltd. is Japan’s premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Bank’s parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the world’s leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. The Group aims to be the world’s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFG’s shares trade on the Tokyo, Nagoya, and New York stock exchanges.

MUFG Global Service Private Limited: Established in 2020, MUFG Global Service Private Limited (MGS) is 100% subsidiary of MUFG having offices in Bengaluru and Mumbai. MGS India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC/ AML, Credit, Operations etc. to MUFG Bank offices globally. MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFG’s global network across Americas, EMEA and Asia Pacific. Position Title: Incident Response Specialist Job Profile: As an Incident Response specialist, you will occupy a crucial position in our global Incident Response Team. Your responsibilities include rapidly responding to potential incidents and events to minimize risk exposure and ensure confidentiality, integrity, and availability of assets and business processes. Additionally, you will proactively monitor internal and external-facing environments, seek opportunities to strengthen and automate detection and remediation capabilities, reduce response times for incidents, and produce analyses of cybersecurity events that include perspectives on the behavior of adversaries.

Roles and Responsibilities: Conduct analysis of artifacts and compromised systems to determine intrusion methods, remediate to a clean state, and drive security improvements. Investigate potential cybersecurity events across multiple environments using various tools and techniques, including reviewing internal logs and alerts to identify and triage cases, escalating when necessary. Analyze security data in real-time to detect and thwart potential threats, attacks, and other violations, while performing breach indicator assessments to investigate network traffic for malicious activity. Assist with internal or third-party employee investigations and support the production of reports analyzing relevant threats to the enterprise. Research evolving threats, techniques, tools, and vulnerabilities to support information security efforts and stay current with industry trends and security practices. Support compliance inquiries from IT risk management and auditors, ensuring documentation is complete and processes comply with information security policies. Contribute to the development of security operations detections, playbooks, and automations to ensure threat detection, monitoring, response, and forensics activities align with best practices and provide comprehensive threat mitigation. Participate in Table-top exercises and attack simulation exercises organized by internal and external stakeholders.

Job Requirements: (To be filled by business): Strong knowledge and experience in Incident Response including security event triage, investigation, containment, recovery and the overall incident response process. Proficient in operating systems (Linux, Windows), network security, application security and mobile device security. Experience with security data collection, analysis, correlation, and risk analysis using logs and various data sources. Well-developed analytical, qualitative, and quantitative reasoning skills, with demonstrated creative problem-solving abilities. Understanding of offensive security, common attack methods, and the ability to pivot across multiple datasets to correlate artifacts for a single security event. Diverse skill base in product and information security, including system development, maintenance procedures, and security controls. Detailed knowledge of security and regulatory frameworks (ISO 27001, NIST 800 series, etc.) and enterprise detection and response technologies (advanced threat detection tools, intrusion detection/prevention systems, etc.). Experience with tools like CrowdStrike, Microsoft Defender, Tanium, Proofpoint, and open-source incident response and forensic tools. Ability to document and explain technical details concisely and understandably. Strong time management skills to balance multiple activities and lead junior analysts as needed. Fundamental understanding of enterprise cybersecurity frameworks such as MITRE ATT&CK and Cyber Kill Chain.

Qualifications: Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or related discipline 8 + years of experience working in the Cybersecurity Operations or Information Security Relevant technical and industry certifications, such as GCFA, GCFE, GCIH, GCIA, CISSP, ISSMP, CISM, CEH, or GSEC are preferred Experience in Security Operation Center, Incident Response and Computer Forensics preferred

Equal Opportunity Employer: The MUFG Group is committed to providing equal employment opportunities to all applicants and employees and does not discriminate on the basis of race, colour, national origin, physical appearance, religion, gender expression, gender identity, sex, age, ancestry, marital status, disability, medical condition, sexual orientation, genetic information, or any other protected status of an individual or that individual's associates or relatives, or any other classification protected by the applicable laws.