Vice President, Senior Incident Response Analyst

Mitsubishi UFJ Financial Group (MUFG) seeks an experienced Incident Response Lead to guard its banking and securities operations. The role requires senior technical expertise, strong communication, and a proactive mindset to manage high-severity security incidents across MUFG’s global business units.

Main Purpose of the Role

• Ensure effective management and control of information security, IT, and information risk for MUFI.
• Maintain appropriate security controls, evidence controls are followed, and controls are left across the business and IT department.
• Collaborate with other information security functions at MUFG and the MUFG Group to ensure a consistent approach to controls, standards, and policies.
• Develop and implement compliance with information security and IT security policies, standards, and procedures.
• Support reporting relationships with Technology and internal/external bodies (auditors, management committees, regulators).

Key Responsibilities

• Act as incident response lead for both the bank and securities business, reporting to the IR Lead.
• Investigate high-severity security incidents and lead containment, eradication, and recovery activities.
• Provide technical guidance to SOC and IR teams during investigations.
• Coordinate with Global Incident Response, Threat Intelligence, Threat Hunting, and other cybersecurity teams.
• Serve as the primary liaison for incident status updates to regulatory bodies, audit teams, and executive stakeholders.
• Maintain and improve incident response playbooks, workflows, and escalation protocols.
• Drive post-incident reviews to enhance response capabilities and reduce future risk.
• Represent the IR function in cross-functional cyber governance and risk forums.
• Ensure compliance with applicable laws, regulations, and industry standards.
• Provide out-of-hours support as part of the IR leadership rotation.

Skills and Experience

• Incident response experience within an established SOC environment.
• Expertise in threat analytics, incident triage, and response coordination across diverse attack scenarios.
• Hands-on experience with SIEM platforms (Splunk, Sentinel, QRadar) for threat detection and investigation.
• Deep understanding of ATT&CK tactics, techniques, and procedures.
• Familiarity with incident response frameworks (NIST, SANS, MITRE).
• Experience in network and host threat analytics, packet capture, and endpoint telemetry.
• Knowledge of security infrastructure (firewalls, IDS/IPS, EDR).
• Proficiency in query languages (Splunk SPL, CrowdStrike CPL).
• Strong communication skills to translate technical findings to non-technical stakeholders.
• Understanding of international security standards (ISO 27001, NIST CSF, CIS Controls).

Personal Requirements

• Excellent written and verbal communication across technical and business teams.
• Highly results-driven with a strong sense of ownership and accountability.
• Proactive, self-motivated, committed to continuous improvement.
• Prioritize tasks with urgency in high-pressure environments.
• Strong decision making and sound judgement in complex scenarios.
• Structured, logical problem-solving and incident analysis approach.
• Creative, innovative mindset adaptable to evolving threats.
• Exceptional interpersonal skills fostering collaboration across teams.
• Manage large workloads and tight deadlines without compromising quality.
• Exceptional attention to detail and accuracy in high-stakes investigations.
• Calm and composed under pressure during critical incidents.
• Relevant certifications (GCIH, GCFA, GMON, or equivalent) highly desirable.

Employment Equity

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected, and their opinions count. We support equality, diversity and inclusion in recruitment and oppose all forms of discrimination on age, sex, gender, sexual orientation, disability, pregnancy and maternity, race and other protected characteristics.