Manager - Senior Cyber Analyst [T500-21251]

About Us: MUFG Bank, Ltd. is Japan’s premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Bank’s parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the world’s leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. The Group aims to be the world’s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFG’s shares trade on the Tokyo, Nagoya, and New York stock exchanges. MUFG Global Service Private Limited: Established in 2020, MUFG Global Service Private Limited (MGS) is 100% subsidiary of MUFG having offices in Bengaluru and Mumbai. MGS India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC/ AML, Credit, Operations etc. to MUFG Bank offices globally. MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFG’s global network across Americas, EMEA and Asia Pacific. About the Role Position Title: Senior Cyber Analyst Corporate Title: Manager Reporting to: Director Location: Bengaluru Job Profile: Position details: The Cyber Security Engineer is a versatile, technically capable role within MUFG’s Cyber Security Engineering function. The engineer will play a hands-on role in delivering, maintaining, and troubleshooting key cyber security technologies while supporting the implementation of new controls and improvements. This position requires a well-rounded individual with strong foundational knowledge across Windows and Linux platforms, network infrastructure, and cyber security tooling. The successful candidate will work across a variety of use cases including platform engineering, incident response support, project delivery, and audit preparation. Familiarity with tools such as Varonis, vulnerability scanners (e.g., Qualys), SIEM, DLP, and PAM is highly desirable, as is experience with scripting or automation in PowerShell, Python. The engineer will act as a trusted technical contact across a range of systems and controls, often leading investigations into complex issues, supporting change deployments, and ensuring documentation and support materials are accurate and up to date. The role suits someone who enjoys solving problems, is comfortable with technical ambiguity, and is ready to tackle varied challenges across the cyber estate Roles and Responsibilities: Core Responsibilities: Provide technical support and lifecycle management of cyber security tools including Varonis, Qualys, SIEM, DLP, PAM, and endpoint protection platforms. Investigate, triage, and resolve platform-level incidents affecting security tools and controls. Support incident response teams by providing tooling insights, logs, and root cause analysis. Contribute to the successful implementation of new security solutions, including design input, testing, deployment, and documentation. Liaise with infrastructure, network, and server teams to troubleshoot issues related to control integration and coverage. Assist in running vulnerability scans, analysing results, and tracking remediation efforts. Automate routine tasks using scripting languages (e.g., PowerShell, Python, Bash) where applicable. Write and maintain accurate documentation including implementation procedures, runbooks, and technical standards. Participate in internal and external audit activities by gathering evidence, explaining configurations, and supporting reviews. Identify control gaps or inefficiencies and suggest engineering improvements. Risk Identification and Mitigation: Identify potential security risks posed by threat actors and gaps in existing deployments. Collaborate with internal teams and vendors to develop mitigation plans and track remediation progress through ServiceNow: Support MUSI’s information security risk profile and associated operational risk reporting. Process Optimisation: Continuously refine methodologies and workflows for improved efficiency and effectiveness. Audit and Governance Support: Support internal and external audits by ensuring activities are documented and accessible in central repositories. Align improvements and mitigation activities with organisational risk policies and governance frameworks. Key Deliverables: Fully supported and documented security tooling across multiple domains. Timely and effective resolution of tooling and platform-related incidents. Implementation packages and handover documents for new control deployments. Accurate reporting of vulnerability status and policy compliance gaps. Automation scripts, dashboards, or integrations that reduce manual workload. Audit-ready documentation and evidence packs as required. Job Requirements: Education and Experience: Strong secondary-level education is required, ideally to A-level or equivalent standard, in a technical or analytical discipline. Recruitment Specification Permanent recruitment A university degree is not essential, though a qualification in Cyber Security, Information Technology, Risk Management, or a related field would be considered advantageous. 5+ years of experience in cyber security or information security roles. Knowledge and Skills: Strong technical experience in Windows Server and Linux environments. Strong technical understanding of infrastructure, networking, and operating systems. Hands-on experience with one or more enterprise cyber security tools (e.g., Varonis, Qualys, Symantec DLP, SIEM, EDR). Knowledge of regulatory frameworks (e.g., ISO 27001, CIS, NIST, SAMA). Comfortable supporting log analysis, access control configurations, and data protection tools. Proficiency in troubleshooting integrated systems involving AD, DNS, GPO, and networked assets Scripting or automation exposure (Python, Ansible, or PowerShell) is desirable. Experience collaborating with audit, risk, and compliance stakeholders. Excellent written and verbal communication skills for technical and non-technical audiences. Certifications: Relevant certifications such as CISSP, Security+, CEH, GCIA, or vendor-specific qualifications (e.g., Microsoft,AWS). Desired but not necessary: Scripting skills in PowerShell, Python, or Bash. Experience working with cloud platforms (Azure, AWS) or virtualized environments (e.g., VMware). Familiarity with ServiceNow ITSM. Knowledge of security frameworks such as CIS Benchmarks, ISO 27001, or NIST 800-53. Equal Opportunity Employer The MUFG Group is committed to providing equal employment opportunities to all applicants and employees and does not discriminate on the basis of race, colour, national origin, physical appearance, religion, gender expression, gender identity, sex, age, ancestry, marital status, disability, medical condition, sexual orientation, genetic information, or any other protected status of an individual or that individual's associates or relatives, or any other classification protected by the applicable laws.