Cyber Security -Senior Analyst (Network Engineer & Bluecoat)

About the RolePosition Title: Senior Analyst - Cyber SecurityLocation: Bengaluru Job ProfilePosition details:To ensure effective management and control of Cyber Security, IT and information risk for MUFG EMEA entities by ensuring all appropriate Security, IT and common sense controls are in place, that these controls are being followed and that this is evidenced across the whole business and IT department.The role will involve liaising with the other Cyber Security functions within the MUFG EMEA business entities and MUFG group to ensure a consistent approach to all controls, standards and policies is adopted across the organisation.To ensure all necessary Cyber Security controls are in place and that an appropriate strategy to protect the firm from all Cyber, external and internal threats is defined and being implemented.To develop, implement and manage compliance with appropriate IS and Cyber Security policies, standards, procedures.To support the relationship and associated reporting requirements between Technology and internal and external bodies e.g. auditors, management committees, Tokyo head office, regulators (via Compliance), Operational Risk.Roles and Responsibilities:In this role, you will be responsible for Cyber Security across MUFGs banking arm and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you.Ensure ISO27002 aligned risk controls are covered, including but not limited to Cyber Security Policies & StandardsEnsure MUFG EMEA operates under comprehensive and relevant Cyber Security policies and standards with appropriate staff awareness, compliance monitoring and reporting.Monitor and proactively manage all Cyber Security toolsets that includes: (Should be proficient in few technologies)Web Access & Monitoring Systems (Bluecoat, Forcepoint, Menlo Security, Zscaler, etc.)Network Security Monitoring Systems (FireEye, Darktrace, Tufin, Cloudflare, RSA SecurID, etc.)Endpoint Security Monitoring Systems (Sophos, Crowdstrike, Defender, etc.)(Good to Have)Privileged Access Management (CyberArk) (Good to Have)Ensure adequate technical safeguards are in place and are being actively managed by the support teams to provide appropriate protection to MUFGs information assets across various environments such as:Windows & Unix operating systemsDatabases (Oracle, SQL, Sybase, etc.)Networks & its componentsMiddleware systemsCloud & its various services (IaaS, PaaS, SaaS)Conduct Cyber Security reviews for existing and new, in-house and 3rd party systems to ensure these are consistent with policy requirements and MUFGs risk appetite.Be seen as the Cyber Security centre of excellence for MUFG EMEA and ensure MUFG adopts an appropriate and professional response on any Cyber Security issues raised by the organisations business activitiesLiaise with IT teams to ensure Cyber Security alerts, threats and vulnerabilities across the IT estate are highlighted, managed and mitigated within appropriate timescalesLiaise with Technology and Business teams as necessary to ensure all MUFG systems meet security standards and/or agree appropriate measures to mitigate the risk where they dont.Maintain an up to date, working knowledge of current laws, regulations and best practices relating to Cyber Security.Support Cyber Security incidents and annual penetration testing activities.Support Operational Risk management & Operational Security duties where requested.Support MUFG EMEA Cyber Security risk profile and associated operational risk reporting.Support Audit & Regulatory liaison and ensure consistent and timely answers to information requests.Support any issues and remedial actions resulting from Cyber Security incidents and audits within agreed timelines.Provide Cyber Security awareness and/or training to MUFG staff as necessary.Essential:Degree or equivalent in IT related discipline with some programming knowledge or understanding.Strong Information or Cyber Security Operations/Engineering background with over 4-8 years of experience.Strong ability to implement security solutions that enable business activity rather than close opportunities.Strong knowledge of cyber security frameworks, standards, and regulations such as ISO27001, NIST, CIS, GDPR, etc.Strong ability to analyse and distill complex issues and present succinct updates to management.Active involvement in internal and external audits and experience of managing Audit relationships.Relevant professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), or Certified Ethical Hacker (CEH), are preferred, as is exposure to GRC frameworks including (but not limited to) ISO27001; NIST, CIS benchmarks & Cyber Essentials / Plus.Excellent communication and interpersonal skillsA structured, logical and proactive approach to workResults driven, with a strong sense of accountabilityThe ability to operate with urgency and prioritise work accordinglyA calm approach, with the ability to perform well in a pressurised environmentStrong decision making skills and the ability to demonstrate sound judgementComfortable in taking ownership of workstreams and seeing them through to completionSelf-awareness and confidence to challenge business requirements and deliver difficult messagesPassion for Cyber Security and a proactive approach to identifying and mitigating risksCommitment to continuous learning and improvement in the rapidly evolving field of Cyber Security ATS