Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

Main purpose of the role:

As first line of defence, ensure effective management of cyber and information risks for MUFG Securities Asia. To liaise with the information security functions across the MUFG group globally, to ensure a consistent approach is adopted across the organisation. Develop, implement and manage systems, policies, standards and procedures to protect the organisation’s physical and electronic information assets across the user base.

Key responsibilities:

Ensure MUFG Securities Asia’s information risk controls align with ISO27002 Information Security Standards, covering but not limited to:

Cyber Security Operations:

• Monitor and response cyber-security events in SIEM are handled in accordance with the established protocol of the International Cyber Security Team;

• Escalate security incidents and participate in investigation and risk containment/mitigation where necessary. Assist the incident response process as requested by SOC Team;

• Manage security tools (vulnerability scanner, web security, malware protection, etc.)

• Perform periodic vulnerability scanning and monitor the security patch and compliance status.

IT Risk & Control:

• Assist in ensuring MUFG Securities Asia operates under comprehensive and relevant policies and standards with appropriate staff awareness, compliance monitoring and reporting.

• Assist in managing the regional information security risk profile and associated operational risk reporting of information security and technology incidents;

• Assist in preparing monthly regional information security management reports and metrics for risk committees;

• Assist in conducting periodic risks and controls reviews

• Support incident reporting

Audit & Regulatory Liaison

• Coordinate internal and external audit activities for information security across MUFG Securities Asia and ensure consistent and timely answers to information requests.

• Assist in ensuring any issues and remedial actions resulting from information security incidents and audits are agreed with appropriate timescales for resolution.

• Information Security Assessment and Consultation

• Assist in conducting information security reviews for existing and new, in-house and 3rd party systems to ensure these are consistent with policy requirements and MUFG Securities’ risk appetite;

• Assist in ensuring adequate technical safeguards are in place to provide appropriate protection to MUFG Securities’ information assets across MUFG Securities’ IT environments.

• Coordinate the Business Continuity Management activities such as BIA and BCP reviews. Assist the BCM function to coordinate with various IT teams on drill tests.

Skills and Experience:

• University degree majoring in information security, information systems, computer science or engineering;

• Professional qualifications: CISA, CISM, CISSP, CEH, CISP, GWAPT, OSCP, OSCE, GPEN, GXPN, or other security related qualifications (including certifications issued by CREST);

• At least 3 years’ experience as security lead in IT security, technology risk, risk management, compliance or IT audit function, from investment bank or financial service institutes

• Familiar with security and control for technologies: Unix, Windows, database, Firewall, Router, mobile technologies, etc.

• Practical experience and working knowledge in design, implementation and operation of security solutions such as IAM, DLP, PAM and SIEM/SOC, infrastructure penetration testing, and application security testing;

• Hands-on security operations, threat intelligence, incident response, malware reverse engineering and other related experience would be beneficial;

• Excellent written and verbal communication with the ability to provide clear and succinct reports

We regret to inform that only shortlisted applicants will be notified.

MUFG Bank Ltd & MUFG Securities Asia Limited (collectively referred to as “MUFG”) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.

At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!

Our Culture Principles

• Client Centric

• People Focused

• Listen Up. Speak Up.

• Innovate & Simplify

• Own & Execute