Senior Analyst

About Us: MUFG Bank, Ltd. is Japan’s premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Bank’s parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the world’s leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. The Group aims to be the world’s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFG’s shares trade on the Tokyo, Nagoya, and New York stock exchanges. MUFG Global Service Private Limited: Established in 2020, MUFG Global Service Private Limited (MGS) is 100% subsidiary of MUFG having offices in Bengaluru and Mumbai. MGS India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC/ AML, Credit, Operations etc. to MUFG Bank offices globally. MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFG’s global network across Americas, EMEA and Asia Pacific. JOB TITLE: Cyber Security Transition Analyst Corporate Title: SENIOR ANALYST Department: Information Security Status of role: PERMANENT Main Purpose of the Role : To ensure a smooth and structured transition of cyber security projects from delivery (IT Security Programme team) into Business-as-Usual (BAU) operations. This includes validating that project documentation, testing, training, handovers, and vendor onboarding requirements are fully met before BAU ownership is assumed. The role provides essential coordination and assurance, working closely with project teams, vendors, and the Cyber Security Engineering BAU team. Key Responsibilities: You will act as a key point of contact for internal audit, IT risk, and security governance teams, ensuring alignment with regulatory frameworks (e.G., ISO 27001, SAMA, SWIFT CSCF) and internal security standards. Core Responsibilities: Project Handover Coordination - Track project deliverables against transition requirements (documentation, training, support models, contracts). - Maintain and update a Transition Tracker/Dashboard for project-to-BAU progress. - Support project meetings as the Cyber Security Engineering liaison, ensuring BAU needs are captured early. Documentation & Asset Management: - Validate and catalogue all project documentation: designs, operational guides, runbooks, risk assessments, account inventories, CI/asset records in ServiceNow. - Ensure all vendor contracts, licensing details, escalation contacts, and SLAs are documented and handed over Testing & Validation: - Assist in reviewing test plans and results to confirm readiness. - Validate that BAU teams have shadowed initial support and are operationally prepared. - Track and escalate unresolved issues or risks until formally signed off by senior management. Knowledge Transfer & Training - Coordinate training sessions (vendor-led and SME-led) with clear outcomes and recorded materials. - Maintain a central repository of training content and transition documents. - Support BAU teams during shadowing and early operational phases. Risk & Issue Management - Maintain a log of outstanding risks/issues with history, remediation actions, and ownership. - Escalate risks for senior management review and ensure agreed mitigation plans are documented. - Identify potential security risks posed by threat actors and gaps in existing deployments. - Collaborate with internal teams and vendors to develop mitigation plans and track remediation progress through ServiceNow. Stakeholder & Vendor Engagement - Work with vendors to ensure support handovers, contract information, and escalation paths are documented. - Collaborate with internal stakeholders (IT Risk, Audit, Compliance, Infrastructure teams) to confirm project deliverables align with governance standards. Process Optimisation - Continuously refine methodologies and workflows for improved efficiency and effectiveness. - Audit and Governance Support - Support internal and external audits by ensuring activities are documented and accessible in central respositries. - Align improvements and mitigation activities with organisational risk policies and governance frameworks. General - Be seen as the Information Security centre of excellence for MUSI and ensure MUSI adopt an appropriate and professional response on any information security issues raised by the organisation’s business activities - Support Information Security incidents where requested. - Support Operational Security duties where requested. - Responsibility covers EMEA for Bank and EMEA for Securities technology Key Deliverables - Fully supported and documented security tooling across multiple domains. - Timely and effective resolution of tooling and platform-related incidents. - Implementation packages and handover documents for new control deployments. - Accurate reporting of vulnerability status and policy compliance gaps. - Automation scripts, dashboards, or integrations that reduce manual workload. - Audit-ready documentation and evidence packs as required. Skills and Experience: Education and Experience: - Strong secondary-level education is required, ideally to A-level or equivalent standard, in a technical or analytical discipline. - A university degree is not essential, though a qualification in Cyber Security, Information Technology, Risk Management, or a related field would be considered advantageous. - 5+ years of experience in cyber security or information security roles. Knowledge and Skills: - Strong technical experience in Windows Server and Linux environments. - Strong technical understanding of infrastructure, networking, and operating systems. - Hands-on experience with one or more enterprise cyber security tools (e.G., Varonis, Qualys, Symantec DLP, SIEM, EDR). - Knowledge of regulatory frameworks (e.G., ISO 27001, CIS, NIST, SAMA). - Comfortable supporting log analysis, access control configurations, and data protection tools. - Proficiency in troubleshooting integrated systems involving AD, DNS, GPO, and networked assets - Scripting or automation exposure (Python, Ansible, or PowerShell) is desirable. - Experience collaborating with audit, risk, and compliance stakeholders. - Excellent written and verbal communication skills for technical and non-technical audiences. Success Measures: - High availability and performance of cyber tooling platforms. - Reduction in platform-level incidents through proactive support or automation. - Timely delivery of project tasks and handover documentation. - Positive feedback from IT partners, operations, and audit stakeholders. - Contribution to ongoing improvements in detection, compliance, and control effectiveness. Soft Skills: - Excellent communication skills, with the ability to convey technical findings to non-technical stakeholders. - Strong collaboration skills, with a focus on cross-functional teamwork and vendor relationship management. - Process oriented with keen attention to detail. - Ability to proactively anticipate problems and execute solutions at a strategic level. - Ability to think strategically - Active involvement in internal and external audits and experience of managing Audit relationships. Certifications: - Relevant certifications such as CISSP, Security+, CEH, GCIA, or vendor-specific qualifications (e.G., Microsoft, AWS). - Desired but not necessary: - Scripting skills in PowerShell, Python, or Bash. - Experience working with cloud platforms (Azure, AWS) or virtualized environments (e.G., VMware). - Familiarity with ServiceNow ITSM. - Knowledge of security frameworks such as CIS Benchmarks, ISO 27001, or NIST 800-53