Insider Threat Engineer
- Requisition # 10048530-WD
- Job Type Full time
- Location Raleigh, North Carolina
- Date posted 12/09/2021
Your potential. Your opportunity.
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.This is a remote position. A member of our recruitment team will discuss location preferences with you in more detail.• Collaborate closely with online banking and authentication teams to develop and test indicators to detect compromised customers and clients • Build tools to assist in analyzing and extracting configuration data from banking (or other) malware targeting MUFG customers and clients • Produce concise, detailed written products highlighting key components of research and analysis • Engage effectively with multiple teams within the bank to achieve objectives and proactively mitigate losses from financial malware • 5-6 years of overall technical experience in either reverse engineering/malware analysis, threat intelligence, incident response, security operations, or related information security field • 5-6 years of experience in application design/engineering, including but not limited to programming/scripting, Windows/Linux system administration, relational database management system (RDBMS)/NoSQL database administration, etc. • Experience in the banking or finance industries preferred • 2+ years' experience in penetration testing or ethical hacking • 2+ years' experience with reverse engineering tools like IDA Pro, Ghidra, OllyDbg, WinDbg, and Wireshark • 2+ years' experience of Python scripting to automate analysis and reverse engineering tasks (and Bash or PowerShell or PerlC/C++) • 2+ years' experience of x86, ARM, and x64 architectures. • Background in network traffic analysis; knowledge of networking protocols: Transmission Control Protocol/Internet Protocol (TCP/IP), Hyper Text Transfer Protocol/Secure (HTTP/HTTPs), File Transfer Protocol (FTP), Internet Relay Chat (IRC), etc. • GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA) or Certified Information Systems Security Professional (CISSP) certification is desired, but not required • Security and IT metrics experience a plus; report creation abilities strongly desired. • Direct experience of analyzing malware, must have a solid understanding of dynamic/static analysis of malware • Experience in encryption/obfuscation and how to reverse it is desired, but not required • Able to work well both independently and as part of a team • Excellent communication skills and ability to adapt to the audienceThe above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to exemptions for medical or religious reasons, as well as any other reason required by applicable law or order. Should you be selected for an interview, your recruiter will provide additional information.