Mufg

Financial Services

VicePresident,SecurityContentDetectionLogicEngineer

London, United Kingdom FULL TIME

The Brief

“Vice President, Security Content Detection Logic Engineer at Mufg. Skills: Security Content, Detection Logic, Splunk, SIEM. Serve as strategic lead for SOC Detection Logic Management. Enhance detection logic and response automation”

What You'll Achieve.

Enhance detection logic and response automation; Enable automation, orchestration, and advanced analytics for SOC workflows and reporting; Ensure platform health, ingestion reliability, and data fidelity; Proactively resolving gaps and performance issues; Ensure platform resilience, data integrity, and operational excellence; Support governance and strategic decision-making through reporting; Ensure timely, accurate, and defensible responses for audits; Enhance SOC capabilities through emerging technologies, automation, and data-driven insights

Industry & Context.

Financial Services

Problems you'll solve

Analytical and problem-solving abilities; Structured and logical approach to problem-solving; Decision-making skills; Sound judgment in complex and time-sensitive scenarios

Eligibility Requirements

Dual-hat arrangement for security across banking and securities business, Act and make decisions on behalf of both bank and securities business, Subject to same remit and level of authority, Irrespective of employing entity, Out-of-hours availability when required

What They're Looking For.

Must Have

Minimum of 5 years’ dedicated experience in Security Content & Detection Logic management and security engineering roles, Advanced proficiency in analysing security events across both Linux and Windows environments, Deep understanding of attacker tactics, techniques, and procedures (TTPs), SIEM query languages (e. g. , Splunk SPL, KQL, CrowdStrike Query Language), Building and maintaining detection content, Hands-on experience with the Splunk ecosystem, Proficiency in scripting languages such as Python and PowerShell, Foundational knowledge of cybersecurity principles, threat landscapes, and incident response methodologies, Excellent communication and collaboration skills, Analytical and problem-solving abilities

Nice to Have

Splunk Architect, or equivalent certifications

What You'll Do.

Serve as strategic lead for SOC Detection Logic Management

Enhance detection logic and response automation

Drive integration strategies across security platforms

lifecycle management of SOC platforms

Lead collaboration with Splunk Admins and engineering teams

Define and enforce data retention and access control policies

Oversee SOC Data & Platform Management

Mentor junior platform management staff

enhancement roadmap for Splunk

Ensure robust role-based access controls

Lead development and delivery of SOC metrics

Act as key stakeholder in audit

regulatory engagements

Provide executive oversight and escalation support

Champion innovation and continuous improvement

How You'll Work.

Team & Collaboration

Collaborate actively with Global Security Content and Response Automation Team (SCRAT); Lead collaboration with Splunk Admins and engineering teams; Work effectively across SOC, IR, and global engineering teams; Engage effectively across technical and business teams; Foster collaboration across teams and departments

Communication Scope

Excellent written and verbal communication skills; Ability to engage effectively across technical and business teams; Ability to work effectively across SOC, IR, and global engineering teams; Excellent interpersonal skills

Process & Methodology

Manage large workloads, Manage tight deadlines

Free ATS check

Applying for this Vice President, Security Content Detection Logic Engineer role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

Skill Signal 48 detected

Core

Splunk ×4

Security Content Management ×4

Detection Logic Management ×4

Security Engineering ×4

KQL ×4

Risk-based Alerting ×4

Splunk Enterprise Security ×4

Splunk UBA ×4

Splunk SOAR ×4

Cybersecurity Principles ×4

Required

SIEM ×3

Linux Event Analysis ×3

Windows Event Analysis ×3

Log Source Normalization ×3

Log Source Enrichment ×3

Attacker TTPs Analysis ×3

SIEM Querying ×3

Splunk SPL ×3

CrowdStrike Query Language ×3

Detection Content Building ×3

Nice to have

Linux

Windows

CrowdStrike

Python

PowerShell

Threat Detection

Threat Hunting

Anomaly Identification

Incident Response

Regulatory Requirements

Role Details

Seniority

executive

Work Mode

Type

FULL TIME

Experience

5–10 yrs

AI-Extracted Insights

Domain Areas

information-security

it-risk-management

cyber-security

financial-services

banking

securities-business

Certifications

Splunk Architect

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Mufg?

Real rants from real employees. Read before you apply.

Read Company Rants →