Senior Cloud Security Engineer at MUFG (Charlotte, NC)

Senior Cloud Security Engineer at MUFG (Charlotte, NC)

Add To Bookmarks
Location: Charlotte, NC
Type: Full Time
Created: 2021-12-31 05:00:51

Apply Here

Senior Cloud Security Engineer

  • Requisition # 10045874-WD
  • Job Type Full time
  • Location Charlotte, North Carolina
  • Date posted 11/01/2021

Your potential. Your opportunity.

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

Note: Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to medical and/or religious exemptions, if applicable. Should you be selected for an interview, your recruiter will provide additional information. Senior Cloud Security Engineer Job Summary In this role you will focus on the tools, processes, and methods needed to design, implement, and test complete systems and to adapt existing systems as the environment evolves within AWS and Azure cloud service providers. Your responsibilities will include engineering security first and cloud first principles, preventing and protecting against unauthorized access; maintaining the integrity and confidentiality of critical data against internal and external threats; ensuring enterprise-level system designs; and simplifying the toolset by implementing superior products that cover many vectors without impeding system performance or diminishing user experience. Responsibilities - Collaborate closely with online banking and authentication teams to develop and test indicators to detect compromised customers and clients - Build tools to assist in analyzing and extracting configuration data from banking (or other) malware targeting MUFG customers and clients - Produce concise, detailed written products highlighting key components of research and analysis - Engage effectively with multiple teams within the bank to achieve objectives and proactively mitigate losses from financial malware - Proactive, great attention to detail, results-oriented problem solver. - 5 + years of IT experience as an engineer with coding/DevOps/web or network engineer background - Strong experience with web technologies is a must (HTTPS, REST, CDN, Load Balancing, etc) - Strong experience with security architectures, network design - Strong practical knowledge of AWS services including EC2, VPC, Route53 - Knowledge of vulnerability defense (OWASP Top 10 etc) - Experience with AWS security services (GuardDuty, WAF, Backup, Inspector, Security Monkey) - Experience with multi-account AWS organizations a plus - Experience with cross-account VPCs a plus - Experience with web server configuration a plus - Experience with web application firewall configuration a plus (ModSecurity, AWS WAF) - Hands-on programming skills in some of the following: Java/Python/Bash/Javascript/SQL - Strong experience with multiple CSPs (AWS,Azure) - 2+ years' experience of Python scripting to automate analysis and reverse engineering tasks (and Bash or PowerShell or PerlC/C++) - 2+ years' experience of x86, ARM, and x64 architectures. - Background in network traffic analysis; knowledge of networking protocols: Transmission Control Protocol/Internet Protocol (TCP/IP), Hyper Text Transfer Protocol/Secure (HTTP/HTTPs), File Transfer Protocol (FTP), Internet Relay Chat (IRC), etc. - GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA) or Certified Information Systems Security Professional (CISSP) certification is desired, but not requiredThe above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.