Cyber Defense, Adversary Emulation
Mizuho, Woodbridge, NJ, United States
Join Mizuho as a Join Mizuho as a Cyber Defense, Adversary Emulation!
Summary
In this role you will serve as a senior leader within the Cyber Defense organization, responsible for the day‑to‑day oversight and management of the Threat and Vulnerability Management (TVM) program for Mizuho Americas Services. You will partner closely with Information Security, Infrastructure, Application, and third‑party teams to identify, prioritize, and remediate threats and vulnerabilities across the enterprise.
The role combines hands‑on technical expertise with strategic leadership, ensuring comprehensive threat identification, effective risk reporting, and continuous enhancement of security processes through automation and integration. The ideal candidate also provides subject‑matter expertise during security incidents and oversees external security consultants and vendors.
About The Team
The Cyber Defense organization within Mizuho Americas Services (MAS) operates under the CISO and is responsible for identifying, analyzing, and mitigating cyber threats across the Mizuho enterprise. The Adversary Emulation and Threat & Vulnerability Management functions play a critical role in proactively improving the firm’s security posture by leveraging vulnerability intelligence of real‑world threats, identifying systemic weaknesses, and driving remediation across infrastructure, applications, and cloud environments.
Responsibilities
Oversee the Threat and Vulnerability Management program
Prioritize work amongst full‑time staff and third‑party resources
Oversee tools, technologies, and processes related to threat management
Ensure effective reporting of security activities, reporting status, risks, issues, and escalations to senior leadership (CISO, CIO, and other senior stakeholders)
Manage relationships with other Security, Infrastructure, and Application teams to identify, mitigate, and remediate vulnerabilities and other threats in the environment
Provide expertise on Security Incidents
Map TTPs and CVEs to identified threats and prioritize appropriately
Recommend and implement enhancements to existing processes, focusing on automation and integration between other security tools
Ensure comprehensive threat identification of the entire Mizuho enterprise
Review daily, weekly, and monthly security reports for any anomalies or issues
Maintain documentation on security architecture, procedures, configurations
Project based work
Provide feedback to MAS teams to implement well engineered solutions to improve security posture
Identify workflow areas to proactively address potential vulnerabilities
Work with colleagues and vendors to assess different technologies and determine their impact within the Mizuho environment
Provide security requirements for the design, development, engineering, and implementation of hardware, networks, and applications
Conduct lessons learned exercises and RCAs after security incidents, detection of major system vulnerabilities, and ongoing compliance violations
Analyze threat intelligence, vulnerability and security assessments; produce vulnerability reports and work with IT teams to correct or mitigate found deficiencies
Qualifications
At least 10+ years’ security domain related experience, preferably within a financial services firm
5+ years of experience in a similar position
Proven experience in a vulnerability management program within a large enterprise.
Strong understanding of cybersecurity risk management and information security standards (SOX, NIST, FISMA, etc.)
Ability to manage and use various scanning technologies across different layers of the tech stack, such as SAST, DAST, cloud infrastructure
Strong understanding of OWASP and other common Application Security issues and frameworks.
Fundamental understanding of vulnerability reporting and management processes or tools
Solid grasp and understanding of vulnerability scoring and classification methodologies
Excellent communication and leadership skills, with the ability to manage and prioritize multiple projects and initiatives
Strong knowledge of internet, web, application and network security platforms.
Strong knowledge of Linux & Windows operating system and security functions
Strong knowledge of Cloud Deployment and management
Develop, document, and maintain policies, procedures, and training plans for system administration and appropriate use
Strong written and verbal communication skills. Ability to clearly articulate ideas, solutions etc.
Educational background with BS / MS in Information Technology, Computer Science, Engineering or related area
Additional Qualifications
Possess security certifications (CISSP, CISM, CISA, GSEC, etc.)
Experience with project management and industry best practices
Experience working within the Financial Services industry
Experience in support projects and able to handle issues against defined SLA / KPI
Clear communication & presentation skills, and the ability to articulate complex issues concisely
Leadership, relationship‑building and influencing skills to drive agendas across a number of teams
Proven track record of effectively interacting with senior management
Ability to work strategically and collaboratively across departments
Excellent organizational skills with the ability to multi‑task, prioritize competing demands, be versatile and action‑oriented
The expected base salary ranges from $111k-$185k. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.
Other Requirements
Mizuho has in place a hybrid working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations. Roles in some of our departments have greater in‑office requirements that will be communicated to you as part of the recruitment process.
Company Overview
Mizuho Financial Group, Inc. is the 15th largest bank in the world as measured by total assets of ~$2 trillion. Mizuho's 60,000 employees worldwide offer comprehensive financial services to clients in 35 countries and 800 offices throughout the Americas, EMEA and Asia. Mizuho Americas is a leading provider of corporate and investment banking services to clients in the US, Canada, and Latin America. Through its acquisition of Greenhill, Mizuho provides M&A, restructuring and private capital advisory capabilities across Americas, Europe and Asia. Mizuho Americas employs approximately 3,500 professionals, and its capabilities span corporate and investment banking, capital markets, equity and fixed income sales & trading, derivatives, FX, custody and research. Visit www.mizuhoamericas.com.
Mizuho Americas offers a competitive total rewards package.
We are an EEO/AA Employer - M/F/Disability/Veteran.
We participate in the E-Verify program.
We maintain a drug‑free workplace and reserve the right to require pre- and post-hire drug testing as permitted by applicable law.
#J-18808-Ljbffr
Summary
In this role you will serve as a senior leader within the Cyber Defense organization, responsible for the day‑to‑day oversight and management of the Threat and Vulnerability Management (TVM) program for Mizuho Americas Services. You will partner closely with Information Security, Infrastructure, Application, and third‑party teams to identify, prioritize, and remediate threats and vulnerabilities across the enterprise.
The role combines hands‑on technical expertise with strategic leadership, ensuring comprehensive threat identification, effective risk reporting, and continuous enhancement of security processes through automation and integration. The ideal candidate also provides subject‑matter expertise during security incidents and oversees external security consultants and vendors.
About The Team
The Cyber Defense organization within Mizuho Americas Services (MAS) operates under the CISO and is responsible for identifying, analyzing, and mitigating cyber threats across the Mizuho enterprise. The Adversary Emulation and Threat & Vulnerability Management functions play a critical role in proactively improving the firm’s security posture by leveraging vulnerability intelligence of real‑world threats, identifying systemic weaknesses, and driving remediation across infrastructure, applications, and cloud environments.
Responsibilities
Oversee the Threat and Vulnerability Management program
Prioritize work amongst full‑time staff and third‑party resources
Oversee tools, technologies, and processes related to threat management
Ensure effective reporting of security activities, reporting status, risks, issues, and escalations to senior leadership (CISO, CIO, and other senior stakeholders)
Manage relationships with other Security, Infrastructure, and Application teams to identify, mitigate, and remediate vulnerabilities and other threats in the environment
Provide expertise on Security Incidents
Map TTPs and CVEs to identified threats and prioritize appropriately
Recommend and implement enhancements to existing processes, focusing on automation and integration between other security tools
Ensure comprehensive threat identification of the entire Mizuho enterprise
Review daily, weekly, and monthly security reports for any anomalies or issues
Maintain documentation on security architecture, procedures, configurations
Project based work
Provide feedback to MAS teams to implement well engineered solutions to improve security posture
Identify workflow areas to proactively address potential vulnerabilities
Work with colleagues and vendors to assess different technologies and determine their impact within the Mizuho environment
Provide security requirements for the design, development, engineering, and implementation of hardware, networks, and applications
Conduct lessons learned exercises and RCAs after security incidents, detection of major system vulnerabilities, and ongoing compliance violations
Analyze threat intelligence, vulnerability and security assessments; produce vulnerability reports and work with IT teams to correct or mitigate found deficiencies
Qualifications
At least 10+ years’ security domain related experience, preferably within a financial services firm
5+ years of experience in a similar position
Proven experience in a vulnerability management program within a large enterprise.
Strong understanding of cybersecurity risk management and information security standards (SOX, NIST, FISMA, etc.)
Ability to manage and use various scanning technologies across different layers of the tech stack, such as SAST, DAST, cloud infrastructure
Strong understanding of OWASP and other common Application Security issues and frameworks.
Fundamental understanding of vulnerability reporting and management processes or tools
Solid grasp and understanding of vulnerability scoring and classification methodologies
Excellent communication and leadership skills, with the ability to manage and prioritize multiple projects and initiatives
Strong knowledge of internet, web, application and network security platforms.
Strong knowledge of Linux & Windows operating system and security functions
Strong knowledge of Cloud Deployment and management
Develop, document, and maintain policies, procedures, and training plans for system administration and appropriate use
Strong written and verbal communication skills. Ability to clearly articulate ideas, solutions etc.
Educational background with BS / MS in Information Technology, Computer Science, Engineering or related area
Additional Qualifications
Possess security certifications (CISSP, CISM, CISA, GSEC, etc.)
Experience with project management and industry best practices
Experience working within the Financial Services industry
Experience in support projects and able to handle issues against defined SLA / KPI
Clear communication & presentation skills, and the ability to articulate complex issues concisely
Leadership, relationship‑building and influencing skills to drive agendas across a number of teams
Proven track record of effectively interacting with senior management
Ability to work strategically and collaboratively across departments
Excellent organizational skills with the ability to multi‑task, prioritize competing demands, be versatile and action‑oriented
The expected base salary ranges from $111k-$185k. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.
Other Requirements
Mizuho has in place a hybrid working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations. Roles in some of our departments have greater in‑office requirements that will be communicated to you as part of the recruitment process.
Company Overview
Mizuho Financial Group, Inc. is the 15th largest bank in the world as measured by total assets of ~$2 trillion. Mizuho's 60,000 employees worldwide offer comprehensive financial services to clients in 35 countries and 800 offices throughout the Americas, EMEA and Asia. Mizuho Americas is a leading provider of corporate and investment banking services to clients in the US, Canada, and Latin America. Through its acquisition of Greenhill, Mizuho provides M&A, restructuring and private capital advisory capabilities across Americas, Europe and Asia. Mizuho Americas employs approximately 3,500 professionals, and its capabilities span corporate and investment banking, capital markets, equity and fixed income sales & trading, derivatives, FX, custody and research. Visit www.mizuhoamericas.com.
Mizuho Americas offers a competitive total rewards package.
We are an EEO/AA Employer - M/F/Disability/Veteran.
We participate in the E-Verify program.
We maintain a drug‑free workplace and reserve the right to require pre- and post-hire drug testing as permitted by applicable law.
#J-18808-Ljbffr