Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
EDUCATION • Degree or equivalent work experience equally preferable • Degree or equivalent work experience in technology, information security, operational risk management, or related roles CERTIFICATIONS • Preferred: professional certifications such as Certified Information System Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Manager (CISM), Certified in the Governance of Enterprise Information Technology (CGEIT), CSX, Certified Information Systems Security Professional (CISSP), Information Technology Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (COBIT), etc. • Cloud Service Provider (CSP) certifications desired (i.e. Amazon Web Services (AWS) Cloud Practitioner, AWS Specialty – Security), relevant professional certifications a plus WORK EXPERIENCE • Requires significant experience in information technology, information security, and/or operational risk management, (Includes operations, operational risk management, compliance, audit, and third-party risk management within technology and/or information security), or a combination thereof, or other highly regulated environment • Deep working experience with regulations applicable to the banking and finance industry required • Deep understanding of financial institution processes, products, and risk • Experience with risk metrics definition and reporting/scorecard development utilizing key risk metrics tools (IBM Open Pages, Tableau, structured query language (SQL), Access, etc.) • Prior supervisory and or management role with a focus on talent development. • Experience in creation and review of work papers to document testing and/or issue closure and experience in the management of regulatory matters • Experience with automating and/or the ability to conceptualize automated control solutions • Additional preferred experience includes: • - Knowledge in technology areas including, but not limited to: access management, network security, enterprise architecture, release management, and incident response • - Big Four IT audit experience • - Project management role • - Executing technology and/or information security risk assessment/testing methodologies, evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and/or external compliance examinations FUNCTIONAL SKILLS • Experience with critical data elements (CDEs) and data lineage • Understanding of data quality, data quality monitoring, and data maturity models • Knowledge and implementation experience with industry best practices and frameworks such as: Committee of Sponsoring Organizations of the Treadway Commission (COSO), COBIT, National Institute of Standards and Technology (NIST)-800-53, Cybersecurity Horizontal Reviews, and ITIL in complex environment • Knowledge of critical domestic and international banking regulations (Reg W, Basel II, Federal Financial Institutions Examination Council (FFIEC), General Data Protection Regulation (GDPR), etc.) and experience with enforcement agencies oversight activities (regulatory examinations, matters requiring attention (MRAs), consent orders, etc.) within a global systemically important financial institution's Information Technology and information security environments • Experience with executing technology and/or information security risk assessment/testing methodologies, evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and/or external compliance examinations • Experience with process documentation, risk and control assessments, and designing/executing IT General Controls (ITGC) test scripts • Understanding of the regulatory environment and regulations related to technology risk, and Office of the Comptroller of the Currency (OCC) and Federal Reserve Board (FRB) expectations • Combined experience in IT external audit, IT internal audit, and technology risk and/or ITGC assessment for compliance with Sarbanes-Oxley (SOX) • Ability to attract, retain and develop talent FOUNDATIONAL SKILLS • Communicates effectively • Anticipates changing business needs, adjusts priorities accordingly, and allocates necessary resources and budget to achieve objectives • Equips the business to become an effective competitor in an highly dynamic landscape • Considers stakeholder needs and input as well as best practices and insights from industry trends when making strategic decisions • Is flexible, decisive, and serves as a trusted advisor to senior leaders within the organization • Demonstrates effective negotiation and influencing skills • Prioritizes and facilitates an culture of continuous improvement and systems thinking • Sets the tone for successful collaboration with other business units and corporate entities • Creates an environment that fosters communication, transparency, and collaboration • Cultivates innovation and values learning as a lifelong professional objective • Leads by example, engaging inclusively and with intent • Always acts with integrity • Analytical thinking • Iterative problem-solving • Excellent analytical, organizational, and conceptual skills • Ability to work effectively in team environment, and influence across all interpersonal levels, where flexibility, collaboration, adaptability, challenge, and influence are important • Strong planning and organizing skills; ability to multitask and deal with varied workload • Ability to demonstrate an analytical approach to problem solving. Identify, analyze and apply/recommend practical solutions • Ability to manage multiple priorities concurrently, prioritize, and efficiently complete responsibilities while maintaining the highest quality • Ability to support work streams with sometimes limited oversight/information from inception to completion • Experience with problem solving in a team environment by thinking outside of the box and providing innovative solutions, with and without technology • Ability to identify obstacles and work in conjunction with others to identify options/solutions • Ability to constructively work both independently and in collaborative environments involving all levels of management and employees • Strong work ethic, ability to make decisions, and work under tight deadlines; achievement-oriented and takes initiative RESPONSIBILITIES • Details: • Drive implementation and sustainment of Information Technology and information security control framework • Evaluate and benchmark technology process execution against outstanding standards (COBIT, NIST 800-53, Federal Financial Institutions Examination Council (FFIEC) etc.) • Manage the execution of front line controls self-assurance and risk assessment activities (ad hoc controls review, business process management (BPM), risk and control self-assessments (RCSA)) and independent risk and audit activities as needed • Consult on controls design and efficiency with technology partners in support of their commitments to align with all applicable laws, regulations, and internal policies and procedures • Drive risk culture; influence self-identification and disclosure of control self-assurance gaps • Ensure gaps are addressed via remediation plans that adhere to issues management mandates: timely issue and corrective action submission, accurate root cause identification, corrective action monitoring, on time closure, no failed validations, and no repeat issue • Monitor and evaluate emerging risk, internal operational trends, and external risk events for potential impact to control environment • Prepare risk analysis and risk mitigation recommendations • Lead technology risk governance by ensuring our control environment performance is reported and has risk management plans in place for critical issues • Lead the preparation of risk and controls governance materials • [People Manager duties largely differentiate from VP role]Mitsubishi UFJ Financial Group (MUFG) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success. MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.