Threat Hunter, VP

Job Summary In this role you will focus on proactively hunting for threat‑actor tactics, techniques, procedures, and behaviors based on threat intelligence and formed hypotheses. You will use your knowledge of networking, operating systems, SIEM, EDR, and threat hunting tools to find adversaries, identify gaps in detection and cyber hygiene, and recommend improvements to detection rules. You will assist in incident response with threat‑actor behavior, IoC‑based hunting, and track and measure the value of threat harvesting activity. You will work closely with a highly skilled team of individuals globally, collaborating across lines of defense, businesses, and technology teams to disseminate threat‑hunting activity and risk‑mitigation results. This is a 24/7 Cybersecurity Operations organization, so you may be occasionally required to perform threat‑hunting work after hours or on weekends in support of a cyber incident or other threat‑related requirement. Major Responsibilities Perform threat hunts using SIEM, EDR and Threat Hunting Tools, based on threat intelligence, threat‑actor TTPs and IOCs, and Threat Hunting hypotheses Weekly/Monthly tracking and reporting of Threat Hunting activity, progress, and metrics Threat Hunting supporting incident response Serve as backup and rotation for Threat and Vulnerability Intelligence functions Support audit and regulatory exams Administer tools and platforms and related technologies to support Threat Hunting Document and maintain processes and procedures Presentations to stakeholders and senior leaders Qualifications 6+ years of prior Threat Hunting or Incident Response experience Proficiency in Python, PowerShell, or Bash for automation, data parsing, and custom tooling Experience writing detection logic using SIGMA, YARA, Splunk SPL, or KQL Ability to develop and maintain scripts for threat‑hunting workflows and incident response Experience using and building AI platforms/agents to automate and build efficiencies Experience with Threat or Vulnerability intelligence, assessment, management (plus) Knowledge of industry standards and frameworks such as NIST, MITRE ATT&CK, TAHITI, PEAK Knowledge of SIEM, EDR, networking, operating systems, and scripting languages Knowledge of AI agents (auto‑create) and 6+ years overall experience working in a global organization Minimum 6 years working directly in Cybersecurity Operations Experience working within the Financial Services Industry preferred Relevant technical and industry certifications a plus such as CISSP, ISSMP, SANS, GCIA, CISM, EnCE, CEH, GCFA, GCFE, GCIH, or GSEC Education Bachelor's degree in Computer Science or a closely-related discipline, or an equivalent combination of formal education and experience Pay Range New York / New Jersey: $123k – $194k depending on job‑related knowledge, skills, experience, and location. Benefits Additionally, our Total Rewards program provides colleagues with a competitive benefits package that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. Work Schedule Hybrid work schedule: four days on-site and one day remote per week. Equal Opportunity Employment and Hiring Policies We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including the San Francisco Fair Chance Ordinance, the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance, and the California Fair Chance Act) to the extent that an applicant is not subject to a statutory disqualification pursuant to Section3(a)(39) of the Securities and Exchange Act of 1934 or Section8a(2) or8a(3) of the Commodity Exchange Act, and they do not conflict with the background‑screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of a conditional offer of employment, if any. The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or their associates or relatives that is protected under applicable federal, state, or local law. #J-18808-Ljbffr MUFG Bank, Ltd.