Architect Public Key Infrastructure role at BMW Group focusing on IT Security with a Zero Trust initiative. Collaborating on secure IT systems and advanced PKI solutions.
About the role
- Cyber Security Threat Modeler focusing on integrating effective threat modeling processes in MUFG's security risk management. Collaborating with technology teams to ensure robust security controls.
Responsibilities
- Monitor information security issues related to MUFG systems and workflows to ensure internal security controls are appropriate and operating as intended
- Manage threat modeling process to help our technology teams, control partners, and business stakeholders understand the state of our technology and data control suite, while working together to prioritize and remediate identified gaps
- Generate security trend analyses and vulnerability reports
- Utilize the MITRE ATT&CK framework to identify and mitigate threats effectively
- Identify and implement controls to mitigate identified threats
- Cross-train other teams on threat modeling techniques and best practices
Requirements
- 6+ years of experience in secure coding, application security, or similar disciplines
- Knowledge of information security standards, rules and regulations related to information security and data confidentiality
- Experience with performing Threat Modeling on web applications
- Conducting research into real-world threat actor tactics, techniques, and procedures
- Solid knowledge and understanding of development life cycle (SSDLC), CI/CD pipelines and Agile methodologies
- Understanding of common software security issues and remediation techniques (OWASP Top 10, SANS 25, Mitre’s ATT&CK)
- Excellent knowledge of Windows/AD/Linux systems administration and vulnerabilities
- Experience in the banking or finance industries preferred
- Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), or other security certifications desired
- Experience working in a highly-regulated environment desired
Benefits
- comprehensive health and wellness benefits
- retirement plans
- educational assistance and training programs
- income replacement for qualified employees with disabilities
- paid maternity and parental bonding leave
- paid vacation
- sick days
- holidays
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Development Engineer in E - Mobility focusing on Functional Safety at BMW Group. Involves handling and evaluating safety concepts and ensuring compliance in electric drive components.
Senior Web Security Researcher responsible for threat detection and security research. Collaborating with security and data researchers to combat cybercrime and enhance detection capabilities.
Stagiaire assistant communication chez Liebherr - Aerospace pour le déploiement du système de management de la sécurité aérienne. Activités variées en communication et mise à jour de formation.
Cybersecurity intern supporting Desjardins Group with risk analysis and security practices. Collaborating on projects to ensure compliance with security measures while developing practical governance strategies.
Product Marketing Manager for Upwind Security, creating compelling narratives in cloud security. Collaborating with various teams to translate complex ideas into clear technical content.
CYE seeks Junior Cybersecurity Architect focusing on governance, risk analysis, and security processes. Work with security leaders, engineering teams, and customers to develop mitigation plans.
Senior leader responsible for designing and executing a corporate security program while collaborating with cybersecurity, IT and risk teams at LPL Financial.
Principal Security Engineer leading cyber security efforts and providing technical direction at Intact. Focusing on risk mitigation and mentoring security teams in a hybrid environment.
Lead Information Security Engineer managing inbound web application security to protect enterprise web assets at Wells Fargo. Design and implement security measures against application - layer attacks.