Senior Cloud Security Engineer

Location: Tampa, FL, Jersey City, NJ

Time Type: Full time

Job Description

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.

Education:

Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or relevant industry certifications. Equivalent work experience equally preferable.

Qualifications:

• At least 3 years of experience in designing, implementing, and securing public cloud platforms and services, preferably in AWS and Azure; OCI is a plus.

• Professional experience in highly regulated industries, preferably in financial industry is major plus.

Required certifications - at least one the following:
• AWS Certified Solutions Architect (Associate and/or Professional)
• AWS Certified Security - Specialty,
• Microsoft Certified: Azure Security Engineer Associate

The following certifications are a plus:
• ISC2 Certified Cloud Security Professional (CCSP)
• ISC2 Certified Information Systems Security Professional (CISSP)
• ISACA Certified Information Systems Manager (CISM)
• EC-Council Certified Ethical Hacker (CEH)

Functional Skills:

• Expertise in public cloud service providers, especially in Amazon Web Services (AWS) and Microsoft Azure; Oracle Cloud Infrastructure (OCI) is a plus.

• Hands on experience with public cloud-native platforms and services - such as Compute, Network, Storage, and ideally Generative AI/Agentic AI public cloud services - with understanding of security control requirements to securely implement for usage of services.

• Hands on experience with public cloud-native security services specialized in Threat Detection, Encryption, Data Protection, Compliance, Identity and Access Management / Permission guardrails, etc.

• Preferably, hands on experience with solutioning and configuring automated security policies in Cloud Native Application Protection (CNAPP) inclusive of capabilities such as Cloud Security Posture Management (CSPM), Infrastructure-as-code (IaC) Scanning, etc.

• Deep understanding of cloud security frameworks (e.g., AWS Well-Architected Framework, Azure Well-Architected Framework), industry compliance requirements, and best practices

• Familiar with Infrastructure as code, preferably Hashicorp Terraform; AWS CloudFormation, and Azure Resource Manager (ARM) templates.Strong analytical skills to identify potential security risks and automate security compliance checks.

• Excellent problem-solving abilities and the capacity to work effectively under pressure.

• Be proactive, with a strategic approach to security management, ensuring that the public cloud platform and solutions are not only secure but also compliant at all times through automated policies and validation.

Foundational Skills:

Exceptional team member who will drive innovation while never losing sight of the basics
- Exceptional ability to champion ideas, execute and drive positive change
- Strong drive to build a best in the world program driven by security excellence
- Strategic, creative, and innovative mind
- Zero tolerance for operational, design, and strategy-oriented gaps
- Absolute self-starter who will take the lead and initiative to find and solve problems
- Be able to effectively communicate many examples of where you drove positive change with organization buy-in and cooperation.

Responsibilities:

• Identify threats, and design and develop appropriate defense measures.

• Evaluate public cloud platform's, native cloud services', public cloud workloads' changes for security implications.

• Ensure public cloud platform, services, and workloads are secure by design, which includes identifying, presenting opportunities of improvement on enhance the security posture of the public cloud environments.

• Configure continuous compliance validation to ensure ongoing adherence to security policies and regulations.

• Support the monitoring of cloud environments for security incidents and for rapid response through automated mechanisms.

• Collaborate with cross-functional teams, including developers, cloud engineers, architects, and operations, to (1) embed security-as-code practices into the DevOps pipeline, and (2) implement technical enhancements to the security design/posture of the public cloud environments.

• Serve as a subject matter expert on public cloud technologies and security solutions

• Provide guidance and mentorship to team members. Foster a culture of continuous improvement, innovation, and knowledge sharing  across the organization.

• Stay updated on the latest cloud security threats and advancements

Other:

• As per MUFG’s work policy, must work onsite 4 days and 1 day remotely out of either Tampa, FL, or Jersey City, NJ office.

• The typical base pay range for this role is between $140K - $185K depending on job-related knowledge, skills, experience, and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.

MUFG Benefits Summary

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.