Overview of SMBC Group
SMBC Group is a top-tier global financial group, with a 400-year history. Headquartered in Tokyo, the Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. With over 130 offices and 80,000 employees worldwide across nearly 40 countries, Sumitomo Mitsui Financial Group, Inc. (SMFG) serves as the holding company for SMBC Group.
In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Leveraging the capital strength of SMBC Group and its relationships in Asia, the Group provides a range of commercial and investment banking services to corporate, institutional, and municipal clients.
Key Role Responsibilities
1. Data Ingestion: Implement optimum data flows to ingest security data into our systems.
2. Data Optimization: Identify and filter data relevant to SIEM for rule detection and Data Lake for investigations and incident response.
3. Troubleshooting: Resolve and document operational issues, reporting time to respond and time to resolve.
4. Detection Strategy: Deliver a detection strategy to ensure SMBC complies with various Cyber Security Controls and Emerging Threats by implementing high-fidelity actionable security detections.
5. alert and Detection Creation: Create and tune alerts and detections from a SIEM and other devices in response to changing threats.
6. detection as Code Pipeline: Work with a detection-as-code pipeline featuring built-in change control and a full audit trail.
7. Automated Verification Suites: Build automated verification suites for our rule set to ensure rules behave as expected.
8. Adversary Simulations: Conduct advanced adversary simulations to assess the effectiveness of our detections.
9. Integration and Collaboration: Integrate outputs from red teaming into security strategies, enhancing our security posture, and collaborate across functions and vendors to drive implementation and enhancements of security detection capabilities.
10. Enhancements and Automation: Develop and implement enhancements to assist in detection, prevention, and analysis of security threats, automating robust enterprise solutions to reduce manual effort.
11. Cybersecurity Measures: Assess the effectiveness of cybersecurity measures utilized by systems, employing configuration management processes, and designing, developing, integrating, and updating system security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation.
12. Metric Tracking: Measure and track metrics for the detection engineering process to illustrate progress towards goals and track gaps in detection coverage.
13. Documentation and Training: Maintain and create documentation in support of detection and response capabilities and processes, readily fulfilling any audit requests, and providing mentoring, coaching, and professional development opportunities to team members.
Requirements and Qualifications
* At least 5 years of relevant experience
* Experience with log analysis from multiple sources
* Experience with cloud SIEM, UEBA, NSM, EDR, and/or other detection technologies
* Strong knowledge of Windows and Linux systems, Active Directory, Cloud technologies
* Ability to use logic and reasoning to identify solutions and improvements to manual/inefficient processes and tasks
* Experience building detection-as-code pipelines
* Experience mapping detections to the MITRE framework
* Expertise in query languages
* Strong troubleshooting ability
* Ability to balance operational tasks with project work
* Scripting ability
* Experience in other areas of Cyber Security an advantage
* Work effectively and collaboratively in a global team environment
* Strong sense of self-ownership and attention to detail
Additional Requirements
SMBC's employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.