Director, Threat and Vulnerability Management

Overview Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world. With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details. Responsibilities Strategic Leadership — Lead and continuously evolve the enterprise Threat Intelligence, Threat Hunting, and Vulnerability Management programs. Define and execute a multi-year strategy aligned to organizational risk appetite and business priorities. Establish measurable security KPIs and maturity metrics; regularly present program effectiveness and risk posture to senior management. Threat Intelligence & Hunting — Build and mature a Cyber Threat Intelligence (CTI) program; lead proactive threat hunting initiatives across enterprise and compute environments; map threat actor TTPs to the MITRE ATT&CK framework to identify gaps in detection and prevention coverage. Vulnerability Management — Establish and drive a risk-based vulnerability management model; ensure timely remediation, validation, and reporting of identified vulnerabilities across infrastructure, applications, and cloud environments. Partner with technology and business teams to embed remediation into operational and engineering workflows. Technology & Innovation — Evaluate and implement AI-driven and automation technologies to improve efficiency, scale, and effectiveness of threat and vulnerability operations; continuously assess processes and tools for optimization and risk reduction. Collaboration & Communication — Serve as a trusted advisor to engineering, architecture, risk, and incident response teams; communicate complex security topics to technical and non-technical stakeholders, including executives and regulators; build relationships with internal partners and external security communities and vendors. People Leadership — Lead, mentor, and develop a high-performing security team; foster a security-aware and accountability-driven culture. Requirements / Qualifications Work Experience — 10+ years of progressive experience in cybersecurity, including threat intelligence, threat hunting, vulnerability management, or detection engineering; proven experience leading enterprise-scale security programs and teams; deep understanding of threat actor behaviors, MITRE ATT&CK, vulnerability exploitation, and modern attack techniques; strong experience with risk-based security frameworks and metrics; familiarity with AI/ML in security operations; scripting experience (e.g., Python); ability to influence senior leadership and drive cross-functional execution. Functional Skills — Deep knowledge of cyber threat actors and their TTPs; scripting to enhance hunting; AI capabilities for automation; vulnerability management identification and treatment; familiarity with NIST and FFIEC standards; technical background in systems or network administration, engineering, or operations. Foundational Skills — Effective communication; ability to anticipate changing business needs; collaboration and integrity; negotiation and influencing; continuous improvement mindset; leadership by example; analytical thinking and problem-solving; vendor management; 24/7 escalation coordination; knowledge of industry trends and threats. Certifications — Industry certifications such as CISSP, CISM, GIAC, or equivalent. Education — Bachelor's degree in Computer Science or a closely-related discipline, or equivalent combination of education and experience. Compensation & Benefits The typical base pay range for this role is New York / New Jersey: $203k – $249k depending on job-related knowledge, skills, experience and location. This role may be eligible for discretionary performance-based bonus and/or incentive compensation. Our Total Rewards program includes comprehensive health and wellness benefits, retirement plans, educational assistance, income replacement for disabilities, paid maternity and parental leave, and paid vacation, sick days, and holidays. Work Arrangement Hybrid work schedule is four days on-site and one day remote per week. Additional Information Visa sponsorship/support is based on business needs. We do not anticipate providing visa sponsorship/support for this position. MUFG is an Equal Opportunity Employer. We are committed to leveraging diverse backgrounds and experience. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran or military status, disability, medical condition, sexual orientation, or any other status protected by applicable law. #J-18808-Ljbffr MUFG Bank, Ltd.