Global Head Of Red Team

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we’re 160,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

This is a remote position. The selected colleague will generally be expected to work at an MUFG office periodically. A member of our recruitment team will discuss location preferences with you in more detail.

Job Summary

As the leader of the Global Red team Program, you will be responsible for establishing, maintaining and executing MUFG’s Global red team testing standards, processes, procedures, and operations. You will also develop and implement strategies for identifying critical vulnerabilities and potential angles of attack along with exploitation testing for realtime crisis situations. This role requires a deep understanding of the technical aspects of red teaming and the ability to communicate effectively with both technical and non-technical stakeholders.

With your deep expertise as well as analytical thinking and iterative problem solving, you are an experienced trusted advisor who can set strategy and execute strategic focused red team exercises. You can comfortably manage a portfolio of complex technical projects and processes; contribute to leadership discussions on strategy, budget, and talent; and make sound decisions that drive successful outcomes for the company. In the process, you will have exciting opportunities to grow as a thought leader and see your contributions have a tremendous impact on the business. But most importantly, the ideal candidate bring a highly technical and collaborative approach to building and directing a global red team capability.

Major Responsibilities

• Create comprehensive and accurate reports and presentations for both technical and executive audiences
• Serve as a trusted Partner with Business Line to improve cybersecurity risk postureWork closely with the Global Security Operations Center (GSOC) to leverage intelligence sources, identify new threats in the wild and verify the organization’s security posture against them
• Produce clear and relevant reporting and remediation plans to resolve newly identified issues
• Develop strategic program roadmap to build and operate a highly technical and agile red team
• Regularly research and learn new TTPs in public and closed forums, and work with teammates to assess risk and implement and validate controls as necessary
• Effectively communicate findings and strategy to stakeholders including technical staff and executive leadership
• Plan and execute threat driven Red Team Exercises that span across digital, social, and physical security domains
• Prioritize and overview findings and perform risk assessment processes to help our technology teams, control partners, and business stakeholders understand the state of our technology and data control suite, while working together to prioritize and remediate identified gaps
• When necessary, assist in incident response tabletop exercises as well as postmortem drills with a focus on measurable improvements and benchmarking to show progress
• Conduct Purple Team testing in conjunction with Security team to test detection and response capabilities
• Track cyber actions from initial detection through final resolution
• Develop scripts, tools, or methodologies to enhance Red Team processes
• Provide meaningful input to established security processes with emerging threats
• Collaborate with IT management, the legal and compliance department, and system developers to manage security vulnerabilities
• Generate security trend analyses and vulnerability reports
• Develop and maintain internal offensive security tool sets and methodologies
• Perform cyber incident triage support to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations which enable expeditious remediation

Qualifications

• Demonstrated professional accountability to maintain and promote internal policy, standards and industry best practices
• Extensive operational experience leading a Red Team or Penetration Tester
• Some experience in the financial services industry is good but not required
• Experience with implementing red team assessment methods, tools, and techniques
• Experience identifying and exploiting common web-application vulnerabilities, such as: SQL Injection, DOM Manipulation, Authorization System Bypass, Design Logic issues, bounds checking, role & access validation, and filter evasion.
• Expert knowledge in developing, extending, or modifying exploits and offensive security tools (shellcode, implants, reflective loaders, etc.), as well as operational experience exploitation, lateral movement, and persistence on Windows and Linux systems, bypassing preventative and detective endpoint and network security controls, C2 frameworks (Cobalt Strike and Metasploit), using common offensive security tools (nmap, CrackMapExec, Impacket, Responder, etc.)
• Experience handcrafting/dissecting HTTP conversations
• 10+ years of progressive experience in computing and information security, including experience with Internet technology, security issues and offensive tactics, monitoring and Incident Response
• Experience in performing information security assessments and Red Teams; provide information security guidance to business stakeholders; interpreting and applying information security policy and standards
• Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), CEPT, CEH, GPEN, ECSA, LPT, CISA, CRISC, OSCP, OSCE, GWAPT or other security certifications desired but not required
• Bachelor's Degree in Computer Science or related fields; applicable specialized training; or equivalent work experience - equally preferable
• Demonstrated understanding of governance, risk management and compliance
• Operational experience in planning and executing advanced attacks that evade network and endpoint security controls to demonstrate the potential adverse impact caused by a threat actor

The typical base pay range for this role is between $170K - $205K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.

• MUFG Benefits Summary

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.