Job Description
SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG’s shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization’s extensive global network.As a Threat Detection Engineer, you will be a key member of a high-performing team responsible for security detection and monitoring capabilities and strategy. This position includes mastery of a wide range of security detection and monitoring technologies (both cloud and on-premise) with a focus on ensuring optimal performance, building out new detection and coverage capabilities, and maintaining continuous monitoring and tuning. The successful candidate will execute detection engineering with minimal guidance.Role ObjectivesDevelop and maintain efficient data ingestion pipelines for collecting security-related data from various sources (both cloud and on-premise).Liaise with threat intelligence team to proactively develop new detection rules and strategies and incorporate indicators of compromise into detection mechanisms.Utilize cutting-edge security tools, threat intelligence feeds, and advanced analytics to monitor and detect cyber threats targeting the bank's infrastructure and digital assets.Collaborate closely with security analysts, incident responders, and other cross-functional teams to swiftly investigate and mitigate identified threats, minimizing potential impact.Develop and fine-tune detection rules, signatures, and behavioral patterns to enhance the bank's ability to identify anomalous and malicious activities.Stay informed about the latest cyber threats, attack methodologies, and vulnerabilities to ensure the bank remains resilient against evolving risks.Collaborate with internal teams to ensure security measures are seamlessly integrated into new projects, systems, and applications.Contribute to the continuous improvement of security monitoring processes and technologies to enhance the bank's ability to detect and respond to threats in real-time.Continuously fine-tune and optimize detection rules and algorithms to reduce false positives and enhance the accuracy of alerts.Ensure that threat detection mechanisms align with compliance standards and frameworks.Maintain and create documentation in support of detection and response capabilities and processes.Assess the effectiveness of cybersecurity measures.Qualifications and Skills3+ years of relevant experienceExperience with log analysis from multiple sourcesAutomation skillsExperience with cloud SIEM, UEBA, EDR and/or other detection technologiesAbility to use logic and reasoning to identify solutions and improvements to manual/inefficient processes and tasksExperience of building detection as code pipelinesExperience mapping detections to the MITRE frameworkExpertise in query languagesStrong troubleshooting abilityAbility to balance operational tasks with project workExpertise of Windows and Linux operating systemsAbility to translate threat intelligence into actionable detection logicExperience in other areas of Cyber Security an advantageWork effectively and collaboratively in a global team environmentStrong sense of self-ownership and attention to detailAdditional RequirementsSMBC’s employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SMBC provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application process, please let us know at accommodations@smbcgroup.com. #J-18808-Ljbffr