Analyst, Cybersecurity

About this role

Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world. With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. OVERVIEW OF THE DEPARTMENT/SECTION The MENA Systems Team was established in 2010 to provide local support for MUFG staff in Dubai, Doha and Bahrain further where possible MENA Systems will back up our Systems Team in Riyadh and if needed provide regional support to offices such as Almaty, Cairo, Jo-Berg and Tehran. All local and internationally deployed technologies and applications are support by MENA Systems, this includes for example; Desktops, Servers, Network Appliances, Voice Recorders, Laptops, Tablets, Mobiles, Operating Systems, Desktop Applications, Internet Browsing, etc. NUMBER OF DIRECT REPORTS 0 MAIN PURPOSE OF THE ROLE The Cybersecurity Analyst will assist in protecting the Confidentiality, Integrity, and Availability of the organization’s information systems. This role supports awareness campaign, threat detection, incident response, and compliance initiatives in line with local and international regulatory frameworks relevant to financial institutions in DIFC, QFC, and KSA. KEY RESPONSIBILITIES Threat Intelligence • Processing of Threat Intel from various sources via the correct escalation route • Local escalation of immediate risks to prioritize resources to respond. • Log recording of all items processed. • Prepare metrics for KRIs in this area. • Ensure IOC’s are passed on and circulated. Vulnerability Assessment and Remediation - BAU • Registration and Tracking to conclusion of advertised vulnerabilities • Reporting and advising seniors of completed remediation activities. • Raise tickets on ServiceNow to formalize remediation requests • Be able to raise SII’s for Vulnerabilities which cannot be resolved immediately. • Become SME locally for Email DLP solution Awareness Campaign • Regular Cyber briefings via Email to Staff and Management • Regular Regional Cyber briefings to colleagues via MENA News Service • Processing and understand metrics for Phishing and other simulations • Organise and plan Cyber training days • Manage circulation of Critical documents (Cyber Policy) which must be acknowledged by all staff. • Manage locally Cyber Incident Response Training Plan Identity and Access Management • Perform Bi-annual permissions review for the region to the point of Sign off by Management Cyber KRI’s / KPI’s • Regular analysis of the following such as : • Monitoring Backups are restored and tested • Email encryption is working • Phishing metrics • Training Metrics • Compliance with Local Frameworks etc • Manage Cyber KRI’s to be measured during BCM / DR exercises. General Duties • Conduct Cyber Induction Training • Support MENA Systems as needed • Regular Task list – • Support MENA Systems BAU as needed (if busy or resource issue) • Work on weekends as needed • Establish and Manage Cyber MS Teams Channels as needed • Support CISO in KSA as needed. • Become IAUM for the Branch • Establish and maintain excellent communications with Information Security Team in London • Manage all Cyber Based exceptional handling Cyber GRC (Governance Risk and Compliance) • Manage regional Cyber Document Register and ensure cyclic renewal and approval of all key documents • Attend EMEA RSC meetings as needed • Attend Global Cyber CISO meetings as needed Project Support • Support Annual Cybersecurity Monitoring Project (support project through RFP to remediation) • Annual Funding Support – Manage and track register for potential project with MENA Project Departments • Provide information for required local Cybersecurity Projects • Provide Support for Regional and Global Projects Policy & Compliance Support • Support both internal and external audits and any regulatory compliance efforts (e.g., DIFC Cyber Thematic Reviews Law, QFC Regulations, SAMA or NCA Cybersecurity Frameworks). • Assist with policy reviews and ensure alignment with ISO 27001, NIST, and other relevant standards. • Maintain records of compliance checks and help prepare documentation for regulators. Infrastructure & Third-Party Risk (Exposure-Based) • Support reviews of infrastructure configurations (e.g., Microsoft Azure, AWS) for basic security settings. • Assist in collecting security assessments or due diligence documentation from vendors for review. Artificial Intelligence (AI) Regional Champion • Support Head of Cybersecurity, Systems and Corporate Services by becoming Branch AI Champion • Develop regular newsletters to provide updates and seek input from the business as to AI initiatives • Maintain an awareness of new products in the AI landscape that can benefit the branch • Attend regular AI events in Dubai to gain new ideas for AI • Support the Systems Developer to ensure ideas for replacement of existing or new ideas can where possible utilise AI • Maintain a register of potential projects that could benefit from AI • Become a member of AIG in London WORK EXPERIENCE • 12 months experience in cybersecurity or IT security (internship, graduate program, or first job). SKILLS AND EXPERIENCE • English language skills, written and verbal (fluent) • Analytical thinking and strong attention to detail. • Effective communication and documentation abilities. • Ability to work under pressure and meet regulatory deadlines. • Strong ethical standards and a sense of confidentiality. • Basic understanding of firewalls, IDS/IPS, endpoint security, and encryption. • Familiarity with regulatory requirements: - DIFC: Data Protection Law No. 5 of 2020 - QFC: QFC Data Protection Regulations - KSA: SAMA Cybersecurity Framework, National Cybersecurity Authority (NCA) compliance - CRI – Cyber Risk Institute • Excellent AI skills and an ability to have a creative approach to communications Education • Bachelor’s degree in Cybersecurity Certifications (Preferred but Not Required) • CompTIA Security+ • GIAC Security Essentials (GSEC) • EC-Council Certified SOC Analyst (CSA) • ISO/IEC 27001 Foundation • CEH – Certified Ethical Hacker PERSONAL REQUIREMENTS Personal alignment to MUFG Values:  Integrity & Responsibility  Professionalism & Teamwork  Challenge ourselves to grow Personal alignment to MUFG Cultural Principles:  Client Centric  People Focused  Listen Up, Speak Up  Innovate & Simplify  Own & Execute Other essential requirements:  Good communication skills  A pro-active, motivated approach.  The ability to operate with urgency and prioritise work accordingly  A structured and logical approach to work  Be able to independently think and act  Excellent attention to detail and accuracy  A calm approach, with the ability to perform well under pressure We are open to considering flexible working requests in line with organisational requirements. MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership. We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.

Related roles