2,530 Security Incidents jobs in the United Kingdom

We are looking for an enthusiastic and detail-oriented entry-level Security Analyst to join our growing information security and data protection team. This is an ideal opportunity for someone starting their career in information security and data protection. 

The Security Analyst will perform fundamental security and data protection tasks under the supervision of more experienced team members. You will assist in conducting security and data protection assessments, supporting vulnerability management, reviewing security configurations, and contributing to the development of security and data protection policies. The ideal candidate is eager to learn and grow within the information security and data protection fields while contributing to the team’s efforts to protect our organisation's data and IT infrastructure. 

Successful candidates will be enrolled on a fully funded Level 4 Cyber Security Risk Analyst apprenticeship and will be provided with mentoring support to help you grow and learn. Upon successful completion of the level 4 qualification, it is anticipated that you will be able to progress to a Senior Analyst role and continue on to a fully funded level 6 Cyber Security Risk Analyst apprenticeship. 

This is a full-time position with a paid salary of £28,200. Occasional after-hours work may be required for incident response or urgent security tasks.  

Key Responsibilities:

 Support in KPI Reporting & Metrics:   

• Assist in gathering data and preparing reports on security and data protection KPIs.  

• Help track trends and assist in identifying security and data protection issues based on metrics.  

 Assist with Security Assessments:   

• Support senior analysts in conducting risk assessments, managing vulnerability scan results, and other security and data protection assessments. 

• Help document findings and provide input into the risk mitigation process.  

Contribute to Policy & Standards Development:   

• Assist in researching and drafting security and data protection policies, procedures, standards, and guidance.  

• Help review and update existing policies under the guidance of senior team members.  

Configuration Reviews Support:   

• Help review system configurations to ensure alignment with security and data protection best practices.  

• Assist in documenting configuration settings and potential security and data protection concerns.  

Vulnerability Remediation Assistance:   

• Support the vulnerability remediation process by tracking open vulnerabilities and following up on remediation progress.  

• Help maintain records of vulnerabilities and remediation activities. 

Incident Response  

• Support the incident management leads, helping to coordinates the response to security incidents, including data breaches, system compromises, or attacks. 

Application Security  

• Work with development teams to embed secure coding practices. 

• Conduct regular security assessments of the company’s software, including the proprietary products sold to clients.  

Collaboration & Communication:   

• Help internal teams with security and data protection inquiries and guidance under supervision.  

• Participate in ongoing security and data protection awareness and training initiatives. 

Requirements

• Level 3 qualification in Information Technology or a related field, or equivalent experience 

• 0-2 years of experience in cyber security or a related IT role. 

• CompTIA Security+, Cisco CCNA, CISMP, or other entry-level certifications are preferred, but not essential. 

• Familiarity with basic security concepts, tools, and technologies (e.g., SIEM, firewalls, vulnerability scanners). 

• Basic understanding of network security and operating systems. 

**Please note that applications from individuals who already hold a BSc or MSc will not be considered. This role is targeted for individuals with a Level 3 qualification who are looking to gain their Level 4**

Benefits

Work’s a treat!

On top of a competitive salary, you can expect a whole load of perks:

• 25 days’ holiday + bank holidays  – we understand the importance of you getting some down time.

• Annual Wellbeing Day –  enjoy an additional day on us to look after your physical and mental wellbeing.
• Pension Scheme –  helping you save towards your retirement home in the sun!
• Corporate Medical Cash Plan –  claim back the cost of your medical treatments.
• Smart Working Options –  spend up to 40% of your working week from home.
• So many savings  – through our online community platform, you can access dozens of daily deals, from money off top brands to discounts on days out.

• Employee Assistance Programme  – our people are at the heart of everything we do, so if you’re happy, we’re happy.
• Cycle to Work Scheme  – save on the cost of biking to work.
• Monthly Employee Awards  - Employee of the Month programme with £50 bonus
• Raising money for charity  including a paid Volunteer Day  – we’re all about giving back… and having lots of fun in the process!
• Referral scheme  – know the perfect person to join the team? You could bag £1,500 for a utting a good word in.

• Wellbeing Programme –  giving you the opportunity to join regular, interactive Wellbeing Workshops or join our 30 plus Wellbeing Champions.
• Enhanced Family Friendly Leave –  support for you and your family to help you navigate through the craziness of family life.

We Value Diversity

We champion and welcome diversity in our workforce and ensure all job applicants receive equal and fair treatment, regardless of age, race, gender or gender identity, religion, sexual orientation, disability, or nationality.

We are not only committed to increasing the visibility and recognition of talent from under-represented groups within our organisation, but the wider industry too.

At the end of the day, we make sure we take time to look after ourselves, each other, and the planet, because we’re always stronger together.

ITG have a number of community groups (ERGs) available to employees which offer a safe space for like-minded colleagues, with shared interests to connect, socialise and check in with each other. These include Black ITGers Together, LGBTQ+ Together, Mens Health Together, Muslims Together, Neurodiversity Together, Working Parents and Carers Together and Women In Tech Together.

#LI-NW1

We are looking for an enthusiastic and detail-oriented entry-level Security Analyst to join our growing information security and data protection team. This is an ideal opportunity for someone starting their career in information security and data protection. 

The Security Analyst will perform fundamental security and data protection tasks under the supervision of more experienced team members. You will assist in conducting security and data protection assessments, supporting vulnerability management, reviewing security configurations, and contributing to the development of security and data protection policies. The ideal candidate is eager to learn and grow within the information security and data protection fields while contributing to the team’s efforts to protect our organisation's data and IT infrastructure. 

Successful candidates will be enrolled on a fully funded Level 4 Cyber Security Risk Analyst apprenticeship and will be provided with mentoring support to help you grow and learn. Upon successful completion of the level 4 qualification, it is anticipated that you will be able to progress to a Senior Analyst role and continue on to a fully funded level 6 Cyber Security Risk Analyst apprenticeship. 

This is a full-time position with a paid salary of £28,200. Occasional after-hours work may be required for incident response or urgent security tasks.  

Key Responsibilities:

 Support in KPI Reporting & Metrics:   

• Assist in gathering data and preparing reports on security and data protection KPIs.  

• Help track trends and assist in identifying security and data protection issues based on metrics.  

 Assist with Security Assessments:   

• Support senior analysts in conducting risk assessments, managing vulnerability scan results, and other security and data protection assessments. 

• Help document findings and provide input into the risk mitigation process.  

Contribute to Policy & Standards Development:   

• Assist in researching and drafting security and data protection policies, procedures, standards, and guidance.  

• Help review and update existing policies under the guidance of senior team members.  

Configuration Reviews Support:   

• Help review system configurations to ensure alignment with security and data protection best practices.  

• Assist in documenting configuration settings and potential security and data protection concerns.  

Vulnerability Remediation Assistance:   

• Support the vulnerability remediation process by tracking open vulnerabilities and following up on remediation progress.  

• Help maintain records of vulnerabilities and remediation activities. 

Incident Response  

• Support the incident management leads, helping to coordinates the response to security incidents, including data breaches, system compromises, or attacks. 

Application Security  

• Work with development teams to embed secure coding practices. 

• Conduct regular security assessments of the company’s software, including the proprietary products sold to clients.  

Collaboration & Communication:   

• Help internal teams with security and data protection inquiries and guidance under supervision.  

• Participate in ongoing security and data protection awareness and training initiatives. 

Requirements

• Level 3 qualification in Information Technology or a related field, or equivalent experience 

• 0-2 years of experience in cyber security or a related IT role. 

• CompTIA Security+, Cisco CCNA, CISMP, or other entry-level certifications are preferred, but not essential. 

• Familiarity with basic security concepts, tools, and technologies (e.g., SIEM, firewalls, vulnerability scanners). 

• Basic understanding of network security and operating systems. 

**Please note that applications from individuals who already hold a BSc or MSc will not be considered. This role is targeted for individuals with a Level 3 qualification who are looking to gain their Level 4**

Benefits

Work’s a treat!

On top of a competitive salary, you can expect a whole load of perks:

• 25 days’ holiday + bank holidays  – we understand the importance of you getting some down time.

• Annual Wellbeing Day –  enjoy an additional day on us to look after your physical and mental wellbeing.
• Pension Scheme –  helping you save towards your retirement home in the sun!
• Corporate Medical Cash Plan –  claim back the cost of your medical treatments.
• Smart Working Options –  spend up to 40% of your working week from home.
• So many savings  – through our online community platform, you can access dozens of daily deals, from money off top brands to discounts on days out.

• Employee Assistance Programme  – our people are at the heart of everything we do, so if you’re happy, we’re happy.
• Cycle to Work Scheme  – save on the cost of biking to work.
• Monthly Employee Awards  - Employee of the Month programme with £50 bonus
• Raising money for charity  including a paid Volunteer Day  – we’re all about giving back… and having lots of fun in the process!
• Referral scheme  – know the perfect person to join the team? You could bag £1,500 for a utting a good word in.

• Wellbeing Programme –  giving you the opportunity to join regular, interactive Wellbeing Workshops or join our 30 plus Wellbeing Champions.
• Enhanced Family Friendly Leave –  support for you and your family to help you navigate through the craziness of family life.

We Value Diversity

We champion and welcome diversity in our workforce and ensure all job applicants receive equal and fair treatment, regardless of age, race, gender or gender identity, religion, sexual orientation, disability, or nationality.

We are not only committed to increasing the visibility and recognition of talent from under-represented groups within our organisation, but the wider industry too.

At the end of the day, we make sure we take time to look after ourselves, each other, and the planet, because we’re always stronger together.

ITG have a number of community groups (ERGs) available to employees which offer a safe space for like-minded colleagues, with shared interests to connect, socialise and check in with each other. These include Black ITGers Together, LGBTQ+ Together, Mens Health Together, Muslims Together, Neurodiversity Together, Working Parents and Carers Together and Women In Tech Together.

#LI-NW1

***Please note that applications from individuals who already hold a BSc or MSc will not be considered. This role is targeted for individuals with a Level 3 qualification who are looking to gain their Level 4**

We are looking for an enthusiastic and detail-oriented entry-level Security Analyst to join our growing information security and data protection team. This is an ideal opportunity for someone starting their career in information security and data protection. 

The Security Analyst will perform fundamental security and data protection tasks under the supervision of more experienced team members. You will assist in conducting security and data protection assessments, supporting vulnerability management, reviewing security configurations, and contributing to the development of security and data protection policies. The ideal candidate is eager to learn and grow within the information security and data protection fields while contributing to the team’s efforts to protect our organisation's data and IT infrastructure. 

Successful candidates will be enrolled on a fully funded Level 4 Cyber Security Risk Analyst apprenticeship and will be provided with mentoring support to help you grow and learn. Upon successful completion of the level 4 qualification, it is anticipated that you will be able to progress to a Senior Analyst role and continue on to a fully funded level 6 Cyber Security Risk Analyst apprenticeship. 

This is a full-time position with a paid salary of £28,200. Occasional after-hours work may be required for incident response or urgent security tasks.  

Key Responsibilities:

 Support in KPI Reporting & Metrics:   

• Assist in gathering data and preparing reports on security and data protection KPIs.  

• Help track trends and assist in identifying security and data protection issues based on metrics.  

 Assist with Security Assessments:   

• Support senior analysts in conducting risk assessments, managing vulnerability scan results, and other security and data protection assessments. 

• Help document findings and provide input into the risk mitigation process.  

Contribute to Policy & Standards Development:   

• Assist in researching and drafting security and data protection policies, procedures, standards, and guidance.  

• Help review and update existing policies under the guidance of senior team members.  

Configuration Reviews Support:   

• Help review system configurations to ensure alignment with security and data protection best practices.  

• Assist in documenting configuration settings and potential security and data protection concerns.  

Vulnerability Remediation Assistance:   

• Support the vulnerability remediation process by tracking open vulnerabilities and following up on remediation progress.  

• Help maintain records of vulnerabilities and remediation activities. 

Incident Response  

• Support the incident management leads, helping to coordinates the response to security incidents, including data breaches, system compromises, or attacks. 

Application Security  

• Work with development teams to embed secure coding practices. 

• Conduct regular security assessments of the company’s software, including the proprietary products sold to clients.  

Collaboration & Communication:   

• Help internal teams with security and data protection inquiries and guidance under supervision.  

• Participate in ongoing security and data protection awareness and training initiatives. 

Requirements

• Level 3 qualification in Information Technology or a related field, or equivalent experience 

• 0-2 years of experience in cyber security or a related IT role. 

• CompTIA Security+, Cisco CCNA, CISMP, or other entry-level certifications are preferred, but not essential. 

• Familiarity with basic security concepts, tools, and technologies (e.g., SIEM, firewalls, vulnerability scanners). 

• Basic understanding of network security and operating systems. 

Benefits

Work’s a treat!

On top of a competitive salary, you can expect a whole load of perks:

• 25 days’ holiday + bank holidays  – we understand the importance of you getting some down time.

• Annual Wellbeing Day –  enjoy an additional day on us to look after your physical and mental wellbeing.
• Pension Scheme –  helping you save towards your retirement home in the sun!
• Corporate Medical Cash Plan –  claim back the cost of your medical treatments.
• Smart Working Options –  spend up to 40% of your working week from home.
• So many savings  – through our online community platform, you can access dozens of daily deals, from money off top brands to discounts on days out.

• Employee Assistance Programme  – our people are at the heart of everything we do, so if you’re happy, we’re happy.
• Cycle to Work Scheme  – save on the cost of biking to work.
• Monthly Employee Awards  - Employee of the Month programme with £50 bonus
• Raising money for charity  including a paid Volunteer Day  – we’re all about giving back… and having lots of fun in the process!
• Referral scheme  – know the perfect person to join the team? You could bag £1,500 for a utting a good word in.

• Wellbeing Programme –  giving you the opportunity to join regular, interactive Wellbeing Workshops or join our 30 plus Wellbeing Champions.
• Enhanced Family Friendly Leave –  support for you and your family to help you navigate through the craziness of family life.

We Value Diversity

We champion and welcome diversity in our workforce and ensure all job applicants receive equal and fair treatment, regardless of age, race, gender or gender identity, religion, sexual orientation, disability, or nationality.

We are not only committed to increasing the visibility and recognition of talent from under-represented groups within our organisation, but the wider industry too.

At the end of the day, we make sure we take time to look after ourselves, each other, and the planet, because we’re always stronger together.

ITG have a number of community groups (ERGs) available to employees which offer a safe space for like-minded colleagues, with shared interests to connect, socialise and check in with each other. These include Black ITGers Together, LGBTQ+ Together, Mens Health Together, Muslims Together, Neurodiversity Together, Working Parents and Carers Together and Women In Tech Together.

#LI-NW1

We are looking for an enthusiastic and detail-oriented entry-level Security Analyst to join our growing information security and data protection team. This is an ideal opportunity for someone starting their career in information security and data protection. 

The Security Analyst will perform fundamental security and data protection tasks under the supervision of more experienced team members. You will assist in conducting security and data protection assessments, supporting vulnerability management, reviewing security configurations, and contributing to the development of security and data protection policies. The ideal candidate is eager to learn and grow within the information security and data protection fields while contributing to the team’s efforts to protect our organisation's data and IT infrastructure. 

Successful candidates will be enrolled on a fully funded Level 4 Cyber Security Risk Analyst apprenticeship and will be provided with mentoring support to help you grow and learn. Upon successful completion of the level 4 qualification, it is anticipated that you will be able to progress to a Senior Analyst role and continue on to a fully funded level 6 Cyber Security Risk Analyst apprenticeship. 

This is a full-time position with a paid salary of £28,200. Occasional after-hours work may be required for incident response or urgent security tasks.  

Key Responsibilities:

 Support in KPI Reporting & Metrics:   

• Assist in gathering data and preparing reports on security and data protection KPIs.  

• Help track trends and assist in identifying security and data protection issues based on metrics.  

 Assist with Security Assessments:   

• Support senior analysts in conducting risk assessments, managing vulnerability scan results, and other security and data protection assessments. 

• Help document findings and provide input into the risk mitigation process.  

Contribute to Policy & Standards Development:   

• Assist in researching and drafting security and data protection policies, procedures, standards, and guidance.  

• Help review and update existing policies under the guidance of senior team members.  

Configuration Reviews Support:   

• Help review system configurations to ensure alignment with security and data protection best practices.  

• Assist in documenting configuration settings and potential security and data protection concerns.  

Vulnerability Remediation Assistance:   

• Support the vulnerability remediation process by tracking open vulnerabilities and following up on remediation progress.  

• Help maintain records of vulnerabilities and remediation activities. 

Incident Response  

• Support the incident management leads, helping to coordinates the response to security incidents, including data breaches, system compromises, or attacks. 

Application Security  

• Work with development teams to embed secure coding practices. 

• Conduct regular security assessments of the company’s software, including the proprietary products sold to clients.  

Collaboration & Communication:   

• Help internal teams with security and data protection inquiries and guidance under supervision.  

• Participate in ongoing security and data protection awareness and training initiatives. 

Requirements

• Level 3 qualification in Information Technology or a related field, or equivalent experience 

• 0-2 years of experience in cyber security or a related IT role. 

• CompTIA Security+, Cisco CCNA, CISMP, or other entry-level certifications are preferred, but not essential. 

• Familiarity with basic security concepts, tools, and technologies (e.g., SIEM, firewalls, vulnerability scanners). 

• Basic understanding of network security and operating systems. 

Benefits

Work’s a treat!

On top of a competitive salary, you can expect a whole load of perks:

• 25 days’ holiday + bank holidays  – we understand the importance of you getting some down time.

• Annual Wellbeing Day –  enjoy an additional day on us to look after your physical and mental wellbeing.
• Pension Scheme –  helping you save towards your retirement home in the sun!
• Corporate Medical Cash Plan –  claim back the cost of your medical treatments.
• Smart Working Options –  spend up to 40% of your working week from home.
• So many savings  – through our online community platform, you can access dozens of daily deals, from money off top brands to discounts on days out.

• Employee Assistance Programme  – our people are at the heart of everything we do, so if you’re happy, we’re happy.
• Cycle to Work Scheme  – save on the cost of biking to work.
• Monthly Employee Awards  - Employee of the Month programme with £50 bonus
• Raising money for charity  including a paid Volunteer Day  – we’re all about giving back… and having lots of fun in the process!
• Referral scheme  – know the perfect person to join the team? You could bag £1,500 for a utting a good word in.

• Wellbeing Programme –  giving you the opportunity to join regular, interactive Wellbeing Workshops or join our 30 plus Wellbeing Champions.
• Enhanced Family Friendly Leave –  support for you and your family to help you navigate through the craziness of family life.

We Value Diversity

We champion and welcome diversity in our workforce and ensure all job applicants receive equal and fair treatment, regardless of age, race, gender or gender identity, religion, sexual orientation, disability, or nationality.

We are not only committed to increasing the visibility and recognition of talent from under-represented groups within our organisation, but the wider industry too.

At the end of the day, we make sure we take time to look after ourselves, each other, and the planet, because we’re always stronger together.

ITG have a number of community groups (ERGs) available to employees which offer a safe space for like-minded colleagues, with shared interests to connect, socialise and check in with each other. These include Black ITGers Together, LGBTQ+ Together, Mens Health Together, Muslims Together, Neurodiversity Together, Working Parents and Carers Together and Women In Tech Together.

#LI-NW1

We are looking for an enthusiastic and detail-oriented entry-level Security Analyst to join our growing information security and data protection team. This is an ideal opportunity for someone starting their career in information security and data protection. 

The Security Analyst will perform fundamental security and data protection tasks under the supervision of more experienced team members. You will assist in conducting security and data protection assessments, supporting vulnerability management, reviewing security configurations, and contributing to the development of security and data protection policies. The ideal candidate is eager to learn and grow within the information security and data protection fields while contributing to the team’s efforts to protect our organisation's data and IT infrastructure. 

Successful candidates will be enrolled on a fully funded Level 4 Cyber Security Risk Analyst apprenticeship and will be provided with mentoring support to help you grow and learn. Upon successful completion of the level 4 qualification, it is anticipated that you will be able to progress to a Senior Analyst role and continue on to a fully funded level 6 Cyber Security Risk Analyst apprenticeship. 

This is a full-time position. Occasional after-hours work may be required for incident response or urgent security tasks.  

Key Responsibilities:

 Support in KPI Reporting & Metrics:   

• Assist in gathering data and preparing reports on security and data protection KPIs.  

• Help track trends and assist in identifying security and data protection issues based on metrics.  

 Assist with Security Assessments:   

• Support senior analysts in conducting risk assessments, managing vulnerability scan results, and other security and data protection assessments. 

• Help document findings and provide input into the risk mitigation process.  

Contribute to Policy & Standards Development:   

• Assist in researching and drafting security and data protection policies, procedures, standards, and guidance.  

• Help review and update existing policies under the guidance of senior team members.  

Configuration Reviews Support:   

• Help review system configurations to ensure alignment with security and data protection best practices.  

• Assist in documenting configuration settings and potential security and data protection concerns.  

Vulnerability Remediation Assistance:   

• Support the vulnerability remediation process by tracking open vulnerabilities and following up on remediation progress.  

• Help maintain records of vulnerabilities and remediation activities. 

Incident Response  

• Support the incident management leads, helping to coordinates the response to security incidents, including data breaches, system compromises, or attacks. 

Application Security  

• Work with development teams to embed secure coding practices. 

• Conduct regular security assessments of the company’s software, including the proprietary products sold to clients.  

Collaboration & Communication:   

• Help internal teams with security and data protection inquiries and guidance under supervision.  

• Participate in ongoing security and data protection awareness and training initiatives. 

Requirements

• Level 3 qualification in Information Technology or a related field, or equivalent experience 

• 0-2 years of experience in cyber security or a related IT role. 

• CompTIA Security+, Cisco CCNA, CISMP, or other entry-level certifications are preferred, but not essential. 

• Familiarity with basic security concepts, tools, and technologies (e.g., SIEM, firewalls, vulnerability scanners). 

• Basic understanding of network security and operating systems. 

Benefits

Work’s a treat!

On top of a competitive salary, you can expect a whole load of perks:

• 25 days’ holiday + bank holidays  – we understand the importance of you getting some down time.

• Annual Wellbeing Day –  enjoy an additional day on us to look after your physical and mental wellbeing.
• Pension Scheme –  helping you save towards your retirement home in the sun!
• Corporate Medical Cash Plan –  claim back the cost of your medical treatments.
• Smart Working Options –  spend up to 40% of your working week from home.
• So many savings  – through our online community platform, you can access dozens of daily deals, from money off top brands to discounts on days out.

• Employee Assistance Programme  – our people are at the heart of everything we do, so if you’re happy, we’re happy.
• Cycle to Work Scheme  – save on the cost of biking to work.
• Monthly Employee Awards  - Employee of the Month programme with £250 bonus
• Raising money for charity  including a paid Volunteer Day  – we’re all about giving back… and having lots of fun in the process!
• Referral scheme  – know the perfect person to join the team? You could bag £1,500 for a putting a good word in.

• Wellbeing Programme –  giving you the opportunity to join regular, interactive Wellbeing Workshops or join our 30 plus Wellbeing Champions.
• Enhanced Family Friendly Leave –  support for you and your family to help you navigate through the craziness of family life.

We Value Diversity

We champion and welcome diversity in our workforce and ensure all job applicants receive equal and fair treatment, regardless of age, race, gender or gender identity, religion, sexual orientation, disability, or nationality.

We are not only committed to increasing the visibility and recognition of talent from under-represented groups within our organisation, but the wider industry too.

At the end of the day, we make sure we take time to look after ourselves, each other, and the planet, because we’re always stronger together.

ITG have a number of community groups (ERGs) available to employees which offer a safe space for like-minded colleagues, with shared interests to connect, socialise and check in with each other. These include Black ITGers Together, LGBTQ+ Together, Mens Health Together, Muslims Together, Neurodiversity Together, Working Parents and Carers Together and Women In Tech Together.

#LI-NW1

**Do you want your voice heard and your actions to count?**
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The Threat and Vulnerability Management Team Lead is responsible for defining, developing, and leading the strategic direction for safeguarding the organisation's infrastructure and applications. This is achieved by proactively identifying, assessing, and remediating security vulnerabilities. The role sits within the Digital Engineering Services & Solutions (DES) department of the Technology Division.
The role is part of the Digital Engineering Services & Solutions (DES) department, which encompasses Infrastructure and Service Management across EMEA Bank, International Securities, and the 15+ countries in which these entities operate. The position is responsible for leading the Threat and Vulnerability Management function, including oversight of an outsourced offshore third-party service.
This function integrates secure practices into the development lifecycle and aligns with service transition processes to ensure compliance with internal controls and regulatory standards. It plays a critical role in governance, audit readiness, and the continuous improvement of MUFG's security posture, while also serving as the central coordination point for all vulnerability-related activities across DES.
The successful candidate must demonstrate proven experience in leading teams and fostering a culture of technical excellence. They will be expected to establish best practices for risk identification and remediation planning, while also influencing stakeholders and delivering competitive advantage for global organisations by protecting against external threats and potential security vulnerabilities.
NUMBER OF DIRECT REPORTS
Circa 5
**KEY RESPONSIBILITIES**
**Strategic Leadership & Vision**
+ Lead the design, development, operation and management of the department's Threat and Vulnerability Management (TVM) strategy and roadmaps, ensuring alignment with business requirements, services, strategic goals, and IT risk appetite.
+ Develop short, medium, and long-term strategic goals and objectives for DES TVM, including documenting the current environment and defining the future roadmap.
+ Define measurable, repeatable processes and reporting metrics, subject to continuous improvement.
+ Define the DES Threat and Vulnerability function's Key Risk Indicators (KRIs) and govern accordingly. Produce regular KPI, MI, and risk management data for senior management.
+ Responsible for identifying cost-saving and optimisation opportunities within MUS EMEA and the wider MUFG group.
**Operational Oversight & Technical Execution**
+ Lead a team of Threat and Vulnerability Engineers to deliver best practice operations and strategic development, shaping the department's security posture while adhering to MUFG policies and procedures.
+ Oversee the successful deployment of routine and out-of-band security patches across IT infrastructure.
+ Automate patch deployments and associated post-deployment check-outs.
+ Triage vulnerabilities into "Fix, Acknowledge, and Investigate" categories using industry-aligned risk rating methodologies.
+ Use ServiceNow Application Vulnerability Response (AVR) and Vulnerability Response (VR) modules to manage and report on vulnerabilities and violations across the estate, integrating with dashboards and workflows for visibility and accountability.
**Risk Management & Remediation**
+ Work with other technology teams to provide in-depth analysis of vulnerabilities and impacts to key stakeholders.
+ Collaborate with application teams to ensure secure coding practices and timely remediation of vulnerabilities, aligned with criticality-based policy enforcement.
+ Prioritise weaknesses in IT infrastructure and applications using manual and automated methods, including results from Static Application Testing (SAST) and Software Composition Analysis (SCA) tooling (in conjunction with the Service Transition team).
+ Influence stakeholders to prioritise and drive remediation of process and technology gaps
+ Work with Cyber Security, Application Teams, and IT Risk to ensure controls are met and vulnerabilities are addressed across infrastructure and applications.
+ Engage and support Cyber Security for remediation of penetration test findings.
+ Engage with Internal and External Auditors as the SME on all matters relating to VM.
**Stakeholder Engagement & Culture**
+ Act as the primary Service Matter Expert and point of contact for the Threat and Vulnerability Management function within DES.
+ Work closely with industry partners, vendors, and the wider technology ecosystem to leverage external expertise and best practices. Conduct market research to identify emerging risk and vulnerability trends.
+ Build strong relationships across Bank and Securities functions (e.g. IT Risk & Control, Cyber Security, Operational Risk), underpinned by trust and MUFG's core values.
+ Lead by example in building relationships across the Bank, strengthening peer networks and collaboration.
+ Promote MUFG's values-led culture, fostering inclusivity and diversity.
+ Champion staff cyber education and awareness to embed a proactive cyber-focused culture.
+ Promote a dynamic, delivery-driven culture that works alongside Technology and Business units to provide responsive resolutions and value-driven solutions.
**SKILLS AND EXPERIENCE**
**Leadership & Team Development**
+ Proven experience of directly managing a team of Threat and Vulnerability Engineers, including mentoring, developing, and guiding security professionals in a collaborative, high-performing environment.
+ Strong strategic thinking and visionary skills with the ability to co-develop and drive the function's technical vision, strategy, and roadmap aligned with business goals and risk appetite.
**Technical Expertise & Security Operations**
+ Prior extensive experience working within infrastructure environments and cloud platforms (AWS, Azure, Oracle), with a high-level understanding of platforms, operating systems, and technologies.
+ Proven capability in creating and executing comprehensive threat and vulnerability management programmes, including vulnerability scanning, penetration testing, and security awareness training.
+ Proficiency in using vulnerability scanning tools (e.g. Tenable, Qualys, Rapid7, Veracode, JFrog Xray), threat intelligence platforms, and incident response tools.
+ Prior experience implementing automated solutions for vulnerability scanning, threat detection, and incident response, with a focus on continuous process improvement.
**Risk Management & Threat Intelligence**
+ Strong familiarity with security frameworks and standards (e.g. NIST, ISO 27001), and deep understanding of security concepts including vulnerability management, threat intelligence, incident response, and offensive security techniques.
+ Experience in gathering and analysing threat intelligence to understand emerging threats, attack vectors, and threat actors. Maintains up-to-date knowledge of the latest security threats, vulnerabilities, and best practices.
+ Strong analytical and problem-solving skills to analyse data, identify patterns and develop effective solutions to mitigate risk.
**Communication & Stakeholder Engagement**
+ Proven ability to communicate effectively with senior management, providing governance and risk oversight.
+ Excellent verbal and written communication skills to report findings and collaborate across cross-functional Technology and non-Technology teams.
+ Ability to translate technical risks into business-relevant language for both technical and non-technical stakeholders, including executive leadership.
EDUCATION / QUALIFICATIONS/ TECHNICAL COMPETENCIES
**Essential**
+ Recognised cybersecurity certification: CISSP and/or CISM
+ Strong knowledge of:
+ Ivanti LANDesk, Qualys, Splunk
+ Windows Server/Desktop, RHEL/OEL Linux
+ PowerShell and Python scripting
+ Proven experience leading strategic security initiatives and process automation in large-scale environments
**Desirable**
+ Additional certifications: CCSP
+ Familiarity with:
+ CyberArk PAM, ServiceNow SecOps Vulnerability Response / Application Vulnerability Response.
+ VMWare, Nutanix, Java VM
+ MSSQL, Oracle, MongoDB
+ Red Hat Satellite, Active Directory, LDAP, Kerberos
+ Confluence, JIRA
+ GDPR and SOX compliance frameworks
**PERSONAL REQUIREMENTS**
+ Excellent communication skills
+ Ability to manage constructive conflict effectively
+ Ability to build strong and lasting relationships across the bank
+ Results driven, with a strong sense of accountability, focused on business outcomes
+ Strong decision-making skills, the ability to demonstrate sound judgement
+ A structured and logical approach to work
+ A creative and innovative approach to work
+ Excellent interpersonal skills
+ The ability to manage large workloads and tight deadlines
+ Excellent attention to detail and accuracy
+ A calm approach, with the ability to perform well in a pressurised environment
+ A confident approach, with the ability to provide clear direction to your team
+ Ability to lead a high performing team
+ A strategic approach, with the ability to lead and motivate your team
+ Conscientious, methodical and logical approach to work
We are open to considering flexible working requests in line with organisational requirements.
MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.
We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
**Our Culture Principles**
+ Client Centric
+ People Focused
+ Listen Up. Speak Up.
+ Innovate & Simplify
+ Own & Execute