MUFG Union Bank Sr. Threat Vulnerability Management, Assistant Vice President in Jersey City, New Jersey

MUFG Group

Join a financial group that is as committed to your future as you are. At MUFG, we share a vision for our future, we share our successes, and we strive to bring out the best in each other in everything we do. Our 14,000 diverse colleagues are connected by a common ambition to create change for the better — from forging more dynamic career paths, to driving progress in our communities, to continuously reshaping the standards of global financial services. Positive impact starts here; see the change you can make as we strive to become the world’s most trusted financial group.

Due to the diverse nature of our business we require a clear unifying vision for all of our people. It is this vision and our corporate values that reflect who we are and guide how we behave. We therefore strive to recruit individuals who share our vision and values, and who have the motivation and commitment to help us move our business forward.


Information security is an integral part of the MUB corporate culture. It is essential to maintain our position as an industry leader in retail banking and it is the responsibility of each and every employee to safeguard information, protect it from unauthorized access, and ensure regulatory compliance. Information security has a significant effect on privacy, consumer confidence, external reputation, and/or the bottom line, and it is a priority on everyone's agenda.

The successful candidate for the Senior Threat Intelligence and Vulnerability (TIV) Analysts position will be an experienced professional who will be responsible for producing authoritative intelligence assessments that define cyber threats. This team is responsible for the collection, analysis and reporting of actionable intelligence for the Cyber Security organization.

Job Summary

The Role of the Senior Threat Intelligence and Vulnerability (TIV) Analysts will be part of a team that is responsible to manage, monitor, and communicate the information security risks associated with inherent and residual vulnerabilities that may result in harm or disruption to the Company. The analysts will be part of a team that will work closely with key stakeholders from IT, Business and Corporate Support Functions to gather requirements understand priorities and communicate impact and context of vulnerabilities in business speaking terms to the lines of business, and to upper management. The analysts will be part of a team that will develop metrics that will measure the effectiveness of practices and controls to mitigate threats and vulnerabilities on a periodic basis; and develop dashboards that illustrate the effectiveness of risk mitigation over time.

Additionally, the analysts is part of a team that will work to resolve information security related incidents and events related security breaches in a manner that ensures the safety of information system assets and confidential customer, consumer, employee and corporate data. The analysts will also identify and manage the implementation of appropriate security controls, aligned with industry best practices to meet security objectives and standards while allowing flexibility for the businesses to manage their responsibilities.

Essential Duties and Responsibilities :

  • Responsible for defining, ratifying and maintaining a formal Threat & Vulnerability Management Program; and framework that defines the vulnerability priorities aligned with business criticality

  • Responsible for providing governance, guidance, and setting priorities for risk-based vulnerability management, mitigation and remediation

  • Develop and present business cases to Management to improve security posture to effectively mitigate advanced threats

  • Work with Information Security team and update Security Standards for all technologies ( Databases, Operating Systems & Network devices)

  • Translate Technical Security Standards into policy compliance profiles in enterprise security tool

  • Work with technology owners to validate the policy compliance profiles

  • Review the policy compliance scan results with stake holders

  • Onboard the assets for target technologies in enterprise security tool

  • Create required authentication records for target technology assets in enterprise security tool

  • Perform policy compliance scans and deliver reports to the technology owners

  • Help build/improve an exception process to manage policy compliance deviation

  • Partner with various stakeholders to define specific roles & responsibilities to support mitigation of threats and vulnerabilities, and incident response

  • Responsible for maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures; and to manage the TVM Team to develop and update as appropriate

  • Be able to engage with, and manage vendor contracts related to external threat intelligence and threat mitigation services


Skills and Abilities

  • Bachelor's Degree in Business, Management, Computer Sciences, or equivalent prior work experience in a related field

  • Five to seven years of experience in Qualys policy compliance and vulnerability management

  • Exposure to Qualys APIs

  • Knowledge of scripting languages like python and Perl

  • Understanding of CIS-Benchmark and NIST framework

  • Working knowledge in RegEx

  • In-depth knowledge of operating systems security configuration (Windows servers and workstations, AIX/Linux/Solaris, and Apple MAC)

  • In-depth knowledge of network appliances (Firewalls, router & switches).

  • In-depth knowledge of databases security configuration (Oracle, DB2, Microsoft SQL, MySQL).

  • Strong analytical skills (i.e., technical and non-technical problem solving skills).

  • Maintain certifications in an information security related field. The following are recommended: CISSP, CISM, GSEC, GIAC, GPEN.

  • Outstanding oral and written communications skills. This includes the ability to make formal stand-up presentations to all levels of management, etc.

Personal requirements:

  • Results driven, with a strong sense of accountability

  • A pro-active, motivated approach.

  • The ability to operate with urgency and prioritize work accordingly

  • A structured and logical approach to work

  • Strong problem solving skills

  • A creative and innovative approach to work

  • Ability to work in a team environment

  • The ability to manage large workloads and tight deadlines

  • Excellent attention to detail and accuracy

/ /

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.

Why Work for MUFG? We are a financially strong and stable bank. We value workplace diversity. We are committed to the training and development of our employees. Innovative vacation benefits. We offer a matching 401k, a Retirement Plan, a variety of Flexible Health Benefits.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.

We are committed to leveraging the diverse backgrounds, perspectives and experiences of our workforce to create opportunities for our people and our business. Equal Opportunity Employer Minority/Female/Disability/Veterans.

Job: *Systems / Technology

Title: Sr. Threat Vulnerability Management, Assistant Vice President

Location: NEW JERSEY-Jersey City

Requisition ID: 10009142-WD