Senior Associate, IT Security Operations

Toronto, Ontario, Canada

Applications have closed

MUFG Investor Services

MUFG Investor Services is an industry leader in fund administration, asset servicing, banking and fund financing.

View company page

Company Description

About MUFG Investor Services:

MUFG Investor Services provides asset servicing solutions to the global investment management industry. Leveraging the financial and intellectual capital of MUFG – one of the largest banks in the world with $2.8 trillion in assets – we provide clients access to a range of leading solutions from fund administration, middle-office outsourcing, custody, foreign exchange, trustee services and depository to securities lending and other banking services.

With a diverse and dynamic network of offices across the globe, MUFG Investor Services provides challenging and rewarding careers. We achieve this by offering continuous learning and development, collaborative team work environment, promotion of work-life integration, and exposure to a wide variety of work.

Imagine your future at MUFG Investor Services where you can grow professionally, in a diverse and inclusive workplace that rewards your contribution. 

#LI-Hybrid

Job Description

IT Security Operations is responsible from securing a production environment that is a dynamic, always growing and evolving global network that provides reliable and secure applications for one of the leading organizations in financial services. You will bring a unique perspective to a team that responds to security incidents and maintains a secure and reliable environment hosted across both cloud and on-premises infrastructure. 
 
You will work with technical leadership to determine overall security technology, standards and strategy across on-prem, AWS and MS Azure cloud environments. More specific into Vulnerability Management, SOC liaison and Access Management. 
We are looking for a Senior Associate to join our IT Security Operations team in our Toronto office.

Reporting to the Director, Head of Security Operations, You Will

  • Lead the Vulnerability Assessments which involve identifying security weaknesses on IT systems, assessing these weaknesses and communicating them to the relevant departments.
  • Search for security vulnerabilities on our application estate, infrastructure and network, reporting issues and describing possible solutions. 
  • Be the liaison SOC Service Provider - MUFG to create, tune, test and manage use cases, reports and metrics. 
  • Deployed and maintain security solutions as access management services and email protection
  • Perform Security Monitoring from multiple monitoring sources including firewalls, SIEM and other supporting security tools, identifying events that meet certain criteria, performing incident response activities or escalating them to, and working with, other support teams.
  • Participate in Security Incident Response to IT security related incidents - and working with the relevant parties to resolve them.
  • Contribute to Risk Management by identifying security risks across the application estate and the infrastructure and support the IT support team members in remediating those risks.
  • Ensure systems are protected by defining access privileges, control structures, and resources.

Qualifications

Essential: 

  • A bachelor's degree in a field such as Computer Science, Computer Programming, or an equivalent combination of education and work experience.
  • Hands-on experience with SIEM technologies as ArcSight, Splunk, LogRhythm, or similar is a must.
  • Hands-on experience in malware detection, analysis and removal. 
  • 3+ years’ work experience in Security Operation Center (SOC).
  • Experience with email gateway solutions as Proofpoint, Mimecast, FortiMail or similar.
  • Experience with vulnerability management and VM tools such as Qualys VMDR, Rapid7, Nessus or similar.

Preferred: 

  • Understanding of OWASP Top 10 and typical defense mechanisms
  • Knowledge of Security Orchestration, Automation and Response (SOAR) solutions. 
  • Experience with cloud security (AWS, Microsoft Azure and M365)
  • Experience with Information security risk assessments, threat modelling, application security, and information systems audit
  • Preferred Certifications: SIEM Solution, Vulnerability Scan Platform, SANS GIAC, OSCP, CISSP.

Additional Information

At MUFG Investor Services, we are exceptionally proud of our approach to Hybrid Working. It enables the flexibility to thrive from wherever our employees work and, stay connected to their team and our culture. When we make Hybrid Working plans, we get to know the individual and pride ourselves in underpinning all our decisions with fairness and consistency.

MUFG Investor Services provides all of its employees with an extremely attractive compensation package. In addition to base salary, there is a group medical insurance scheme, group pension scheme, reimbursement of professional subscriptions, paid holidays and assistance towards gym memberships.

We thank all candidates for applying; however, only those proceeding to the interview stage will be contacted. If you are contacted for a job opportunity, please advise us of any accommodations needed to ensure fair and equitable access throughout the recruitment and selection process. All accommodation information provided will be treated as confidential and used only to provide an accessible candidate experience.

MUFG is an equal opportunity employer.

Tags: Application security ArcSight Automation AWS Azure Banking CISSP Cloud Computer Science Firewalls GIAC Incident response LogRhythm Malware Monitoring Nessus OSCP OWASP Qualys Risk assessment Risk management SANS SIEM SOAR SOC Splunk Strategy Vulnerabilities Vulnerability management

Perks/benefits: Career development Team events

Region: North America
Country: Canada
Job stats:  6  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.