cover image
MUFG

MUFG

www.mufg.jp

4 Jobs

22,278 Employees

About the Company

MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with over 360 years of history, MUFG has a global network with over 2,100 locations in more than 40 markets including the Americas, Europe, the Middle East and Africa, Asia and Oceania. The Group has over 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. Through close partnerships among our group companies, the Group aims to be the world's most trusted financial group, flexibly responding to all of the financial needs of its customers, serving society, and fostering shared and sustainable growth for a better world. MUFG's shares trade on the Tokyo, Nagoya, and New York stock exchanges. Watch our profile video: https://youtu.be/htyOjA1H6bQ Details of MUFG's Group companies can be found at the following websites: http://www.bk.mufg.jp/global http://www.tr.mufg.jp/english https://mufgamericas.com https://www.mufgemea.com http://www.hd.sc.mufg.jp/english
©2024Mitsubishi UFJ Financial Group, Inc. All rights reserved. The MUFG logo and name is a service mark of Mitsubishi UFJ Financial Group, Inc.

Listed Jobs

Company background Company brand
Company Name
MUFG
Job Title
Vice President, Threat and Vulnerability Management Team Lead
Job Description
**Job Title** Vice President, Threat and Vulnerability Management Team Lead **Role Summary** Lead and shape the Threat & Vulnerability Management (TVM) function for a global financial services organization, directing a team of engineers to assess, remediate, and automate security vulnerabilities across IT infrastructure and applications. Drive strategic planning, operational execution, and continuous improvement while ensuring compliance with internal controls, regulatory standards, and stakeholder expectations. **Expectations** - Demonstrate senior‑level leadership and influence across multiple business units. - Translate business risk appetite into measurable TVM strategy and road‑map. - Deliver measurable cost‑optimisation and risk‑reduction outcomes. - Maintain visibility and accountability through KPI reporting and senior‑management briefings. - Foster a high‑performance, collaboration‑centric team culture. **Key Responsibilities** - Design, develop, and manage the TVM strategy, road‑maps, and governance framework. - Lead a team of ~5 engineers in daily TVM operations, patch management, and vulnerability triage. - Automate patch deployment and post‑deployment validation across infrastructure. - Use ServiceNow AVR/VR modules (and dashboards) to manage vulnerability lifecycle and reporting. - Prioritise and drive remediation of weaknesses via risk‑based methodology, integrating results from SAST, SCA, and penetration testing. - Partner with application, Cyber Security, and IT‑Risk teams to ensure secure coding, policy enforcement, and compliance. - Produce and present KPI, MI, and risk‑management data to senior executives. - Identify cost‑saving and optimisation opportunities within the EMEA and wider group. **Required Skills** - Strategic leadership and program management in a large, global financial services context. - Deep technical knowledge of vulnerability assessment, patch management, and secure dev‑ops. - Proficiency with ServiceNow (AVR/VR), vulnerability scanners, SAST/SCA tools. - Strong analytical and risk‑rating capabilities; ability to translate findings into actionable road‑maps. - Excellent stakeholder engagement, communication, and influence skills. - Experience leading and developing high‑performance security engineering teams. **Required Education & Certifications** - Bachelor’s or Master’s degree in Computer Science, Information Systems, Cybersecurity, or related field. - Minimum 8–10 years of progressively responsible experience in threat/vulnerability management. - Relevant certifications: CISSP, CISM, GIAC (e.g., GWAPT, GCIA), PMP (preferred). ---
London, United kingdom
On site
Senior
30-10-2025
Company background Company brand
Company Name
MUFG
Job Title
Vice President, EMEA Red Team Lead
Job Description
Job title: Vice President, EMEA Red Team Lead Role Summary: Lead and shape MUFG’s global adversary simulation program for the EMEA region, driving sophisticated red team operations and enhancing enterprise threat detection and response. Manage a team of senior operators, mentor junior talent, and collaborate with threat intelligence, detection engineering, and business continuity functions to strengthen the bank’s overall security posture. Expectations: - Deliver rigorous, realistic adversary simulations that validate and improve MUFG’s security architecture and incident response. - Provide strategic guidance to enhance threat detection capabilities and incident handling processes. - Develop, coach, and retain high‑performance red team talent across EMEA. - Maintain visibility and evidence of security controls, IT risk management, and compliance across the EMEA bank. Key Responsibilities: 1. Design, execute, and debrief complex red team engagements across cloud, on‑premises, and application layers. 2. Identify gaps in security controls, risk mitigations, and response workflows; recommend actionable improvements. 3. Collaborate with threat intelligence, detection engineering, and SOC teams to integrate offensive insights into defensive playbooks. 4. Report findings and remediation plans to executive leadership, aligning security initiatives with business objectives. 5. Ensure consistent application of information security, IT risk, and business continuity controls across all EMEA operations. 6. Drive continuous improvement of red team methodology, tooling, and training programs. 7. Partner with global security functions to harmonize security standards and incident response across MUFG. Required Skills: - Deep expertise in offensive security tools (e.g., Metasploit, Cobalt Strike, Burp Suite). - Strong knowledge of threat intelligence, detection engineering, and incident response frameworks. - Proven leadership and mentorship experience in security teams. - Excellent communication and influence skills with senior stakeholders. - Ability to assess complex IT risk and control environments in a financial services context. - Familiarity with compliance frameworks (e.g., PCI‑DSS, ISO 27001, NIST). Required Education & Certifications: - Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. - Minimum of 10‑15 years in security roles; 5 + years in a senior red‑team or offensive security leadership position. - Certifications: CISSP, CISM, CRTO, OSCP, CEH, or equivalent. - Additional advanced credentials such as GCIA, GCIH, or specialized red‑team certifications are highly desirable.
London, United kingdom
On site
Senior
10-12-2025
Company background Company brand
Company Name
MUFG
Job Title
Vice President, Incident Respond Lead
Job Description
**Job Title** Vice President, Incident Response Lead **Role Summary** Lead and oversee the organization’s incident response capability, ensuring robust prevention, detection, analysis, containment, and recovery processes for all cyber, IT, and information risk incidents. Align incident response strategy with global security governance, regulatory requirements, and business objectives while collaborating with internal and external stakeholders, including auditors, management committees, and external regulators. **Expectations** - Deliver an integrated, auditable incident response framework that protects the organization’s assets and reputation. - Maintain a proactive threat intelligence posture and continually refine incident response playbooks. - Demonstrate decisive leadership during incidents, coordinating cross‑functional teams and ensuring minimal business impact. - Serve as the primary liaison for incident reporting, escalation, and post‑incident reviews with senior leadership and external auditors. **Key Responsibilities** - Develop, implement, and continually improve the organization’s Incident Response Plan, policies, and procedures in accordance with ISO 27001, NIST 800‑61, and relevant regulatory mandates. - Lead, mentor, and manage the Incident Response Team, ensuring high levels of readiness, skill development, and clear command‑and‑control during incidents. - Coordinate incident investigations, manage documentation, evidence collection, root‑cause analysis, and remediation actions. - Oversee the integration of threat intelligence feeds, security monitoring tools, and automation to support early detection and rapid response. - Ensure consistent application of security controls across business units and technology infrastructure. - Prepare and present incident reports, metrics, and lessons‑learned to executive management, technology governance committees, and external auditors. - Manage incident‑related communication with stakeholders, including public relations, legal, compliance, and regulatory bodies when applicable. - Continuously benchmark and adopt best practices, emerging technologies, and industry standards to elevate the organization’s security posture. **Required Skills** - Executive‑level leadership with a proven track record in cyber incident response and information security management. - Deep understanding of threat landscape, cyber attack techniques, and risk assessment methodologies. - Experience with security frameworks (ISO 27001, NIST, SOC 2, PCI‑DSS) and regulatory compliance (GDPR, FFIEC, SOC 2). - Strong analytical and investigative skills; ability to synthesize technical evidence into actionable conclusions. - Excellent communication, stakeholder‑management, and cross‑functional collaboration. - Ability to manage complex, high‑pressure incidents while maintaining clear decision‑making and documentation. - Familiarity with security operations tools (SIEM, SOAR, EDR) and incident‑management platforms. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (Master’s preferred). - Industry certifications: CISSP, CISM, CRISC, CEH, GIAC, or equivalent. - Additional certifications (e.g., CISA, ISO 27001 Lead Implementer) are highly desirable. ---
London, United kingdom
On site
Senior
10-12-2025
Company background Company brand
Company Name
MUFG
Job Title
Assistant Vice President, IAM Junior Engineer
Job Description
**Job Title:** Assistant Vice President, IAM Junior Engineer **Role Summary:** Provide engineering support and enforce identity and access management (IAM) policies for MUFG’s banking and securities divisions. Operate under a dual‑hat model to ensure consistent governance, conduct access reviews, manage privileged access, resolve incidents, and maintain documentation and knowledge bases. **Expectations:** - Apply IAM policies and procedures uniformly across both entities. - Demonstrate strong communication, teamwork, and decision‑making in a high‑pressure environment. - Proactively identify process improvements and support broader risk & security teams. - Maintain high accuracy and accountability in all deliverables. **Key Responsibilities:** - Engineer support for RSA IGL (or equivalent) IAM platform. - Create, mature, and execute access review cycles. - Implement and maintain privileged access controls. - Investigate and close IAM‑related incidents; manage password/access queries. - Update knowledge management database and standard operating procedures. - Conduct knowledge‑transfer sessions for newly onboarded applications. - Maintain trackers, systems, and documentation for IAM processes. - Perform AD account and group management; enforce least‑privilege principles. **Required Skills:** - Practical experience with RSA IGL or similar IAM tools. - SQL/PL‑SQL and Oracle database proficiency. - Web services (REST/SOAP) and Java/JSP development experience. - Basic web development (HTML, CSS, JavaScript). - Windows/Linux server administration. - PowerShell scripting knowledge. - Incident management and resolution processes. - Strong attention to detail, written and verbal English proficiency. - Excellent interpersonal and communication skills. - Proficiency with Microsoft Office (including Visio). - Ability to work independently, make sound judgments, and handle pressure. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or related field (or equivalent professional experience). - Relevant IAM or security certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) are desirable but not mandatory.
London, United kingdom
On site
Senior
20-01-2026