Microsoft Ai & Automation Governance Engineer – Productivity Intelligence (Financial Services), VP

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.

Role Summary

This role is responsible for helping mature and scale a governance framework that enables employees to safely build and use Microsoft Copilot Studio agents and Power Platform solutions across a global financial enterprise. The focus is on security, compliance, and operational governance for citizen development at scale, spanning multiple Microsoft 365 tenants with varied regulatory requirements across regions. The ideal candidate will help design the policies, controls, and support systems that ensure innovation on the Power Platform and Copilot Studio is secure, compliant, and well-managed without stifling agility. This role emphasizes enablement over solution delivery: instead of building individual apps or bots, you will empower an enterprise to build them responsibly.

Key Responsibilities

Governance Framework & Policy Leadership

• Develop and enforce enterprise-wide governance frameworks for Copilot Studio and Microsoft Power Platform in a multi-tenant environment. Define the policies, standards, and guardrails to ensure all low-code/no-code development is secure, compliant, and aligned with organizational objectives, compliance standards, and data security.
• Lead development and implementation of comprehensive data protection, security, and compliance measures for citizen-developed solutions, ensuring alignment with organizational goals and financial industry regulations (e.g., SOX, GDPR). In partnership with Information Security, Compliance, and Privacy teams, ensure solutions adhere to internal policies and regulatory requirements.
• Multi-Tenant Oversight: Coordinate governance across multiple Microsoft 365 tenants as applicable. Develop strategies for cross-tenant consistency in DLP policies, environment configuration, and identity governance. Leverage multi-tenant management capabilities (such as Azure Entra cross-tenant policies) and third-party governance tools to manage at scale. AvePoint, for instance, enables migrating Power Platform apps between tenants while enforcing governance guardrails.
• Center of Excellence (CoE) Management: Help operate the Power Platform CoE, including ownership of the Microsoft CoE Starter Kit tooling for monitoring and governance. Create and maintain environment management strategies — including creating new environments, managing the dev/test/prod lifecycle, and geographic tenant segmentation — to enable controlled solution development and deployment. Review and approve environment creations and manage tenant-level settings in line with governance policies.

Security & Compliance Controls

• Working in collaboration with Enterprise Security help implement Data Loss Prevention (DLP) policies on two levels: (1) Power Platform DLP policies in the Power Platform Admin Center to govern connector and data source usage, controlling what agents can do — which connectors they may use, which knowledge sources are accessible, and which publishing channels are permitted; and (2) Microsoft Purview DLP policies in the Purview compliance portal to monitor and prevent leakage of sensitive data through Copilot/AI interactions, controlling what data can flow through them.
• Microsoft Security & Compliance Tooling: Leverage Microsoft Purview (data classification, sensitivity labels, DLP policies, retention, and compliance concepts), Defender for Cloud Apps, and Entra ID (Azure AD) to enforce security. Work with the team to configure conditional access policies and app permissions via Entra ID to secure Power Platform applications and Copilot agents. Use Microsoft Defender and Cloud App Security policies to detect anomalies in Power Platform usage.
• Connector and API Governance: Help the team manage the inventory of connectors (standard and custom) available to makers. Maintain a categorized connectors list in DLP policies (Business, Non-Business, Blocked) to prevent unauthorized data flows. Evaluate and approve new connectors after security review and enforce least-privilege access for service accounts.
• AvePoint or Third-Party Governance Integration (Bonus): Where applicable, implement solutions such as AvePoint Cloud Governance to automate enforcement of policies. AvePoint provides scalable management and governance through automated policies enforcing proper control of data access and functionality, automated backup for Power BI workspaces, Power Apps and flows, and cross-tenant migration capabilities.
• Identity & Access Management: Work with the Identity team to ensure appropriate role-based access controls (RBAC) and permissions within the Power Platform. Configure Maker and Environment Admin roles, and govern the use of service principals. If multiple tenants are in play, set up cross-tenant access settings and help setup B2B collaboration policies for approved sharing while blocking ad-hoc routes outside of governance.

Operational Governance & Monitoring

• Solution Lifecycle & ALM: Oversee application lifecycle management (ALM) for Power Platform solutions and Copilot agents. Define how solutions move from development to production —Ensure every app, flow, and bot has an assigned owner and support plan.
• Monitoring & Reporting: Design and implement monitoring and compliance reporting systems for platform usage, providing visibility into platform performance and adherence to established standards. Use Power Platform CoE Starter Kit dashboards and custom telemetry to track metrics: active makers, app launches, flow runs, connector usage, DLP policy hits, etc.
• Automated Security Scanning: Design and implement automated security scanning and deployment strategies for low-code/no-code initiatives, ensuring efficient and streamlined workflows that catch compliance issues before production deployment.

Collaboration & Enablement

• Stakeholder Engagement: Liaison between the CoE and departments such as Cybersecurity, Compliance, Legal, and IT Operations. Collaborate to continuously refine policies, engage with Data Privacy officers to update DLP classifications, and work with Internal Audit and Risk teams to provide evidence of controls.
• Training & Community Building: Help the AI adoption team develop training programs and guidance for citizen developers on secure and compliant development practices. Work closely with citizen developers and power users to guide on best practices and educate and empower them to leverage the Power Platform effectively.
• Enterprise Enablement vs. Solution Delivery: Remain focused on enabling others. Rather than building solutions for business use cases directly, equip business units to build their own solutions safely. Create reusable components, reference architectures, and guardrail documentation so teams can accelerate projects without bypassing controls. In some cases, develop proof-of-concept automations or Copilot agents to demonstrate new governed capabilities, which can then be scaled by business-led teams.

Continuous Improvement & Innovation

• Regulatory Watch: Continuously monitor evolving regulatory guidelines in financial services (e.g., FFIEC guidance on AI, data privacy requirements) that could impact low-code AI solutions. Update governance policies proactively to address new compliance obligations or security threats. Stay current on Microsoft's roadmap for Copilot, Power Platform, and related governance tooling.
• Emerging AI Governance: As the organization moves from simple Copilot usage to building more advanced AI agents (possibly with Azure AI Foundry or Microsoft Agent 365), ensure the governance model scales accordingly.
• Value Articulation & Metrics: Define KPIs to measure the program's success: growth in compliant citizen development, time-to-market for solutions, percentage of apps/flows passing compliance checks, DLP incident counts, cost savings from license optimization.

Required Qualifications & Skills

• Education & Experience: Bachelor's degree in Computer Science, Software Engineering, or related field . 8+ years of experience in IT governance, security, or compliance, with at least 3+ years focused on low-code/no-code platform governance. 5+ years of hands-on experience administering and governing Microsoft Power Platform in a large enterprise (Power Apps, Power Automate, Power BI, Dataverse)
• Power Platform & Copilot Expertise: In-depth understanding of Microsoft Power Platform architecture and administration: environment strategy, DLP policies, security roles/permissions, solution lifecycle (ALM) management, and Dataverse data governance. Experience with Microsoft 365 Copilot and Copilot Studio features — ideally including participation in deployments at scale and configuration of agent lifecycle, actions, and integrations in alignment with compliance needs.
• Security & Compliance Knowledge: Strong understanding of security frameworks, compliance requirements, and risk management in a financial context. Experience developing and implementing enterprise-wide governance policies. Familiarity with regulatory compliance requirements for data and AI in finance (e.g., GDPR, CCPA, SOX, data privacy, records retention). Demonstrated ability to design controls and produce documentation for audit purposes.
• Microsoft Purview & M365 Security: Hands-on experience with Microsoft Purview compliance portal features — DLP configurations, sensitivity labels, data classification, retention policies— and understanding of how Purview's AI-related controls manage Copilot usage. Familiarity with Microsoft Defender suite (Defender for Cloud Apps, Identity, Endpoint). Proficiency in Azure Entra ID (Azure AD) administration — conditional access, enterprise app permissions, cross-tenant access settings, security basics (AAD/Entra
• DevOps & Automation: Knowledge of CI/CD pipelines and DevOps practices for managing Power Platform components (solutions in source control, automated build/deploy). Ability to script or automate administrative tasks (PowerShell, Power Platform for Admins connectors) for scaling governance operations. Experience implementing monitoring and reporting solutions (e.g., Power BI dashboards, CoE Starter Kit analytics)
• Leadership & Soft Skills: Strong strategic thinking and planning abilities Track record of successful stakeholder management and cross-functional collaboration Proven ability to influence without direct authority . Experience in change management and organizational transformation . Ability to balance governance requirements with business agility— ensuring that controls mitigate risk without unnecessarily hampering productivity. Excellent communication abilities to articulate technical concepts across organizational levels

Preferred Qualifications

• Certifications: Microsoft Power Platform certifications (Security/compliance certifications (CISSP, CISM) or cloud certifications (Azure Administrator, Azure Security Engineer) are beneficial. AI certifications (e.g., AI-102 Azure AI Engineer Associate) indicating familiarity with AI services would be advantageous.
• AvePoint or Third-Party Governance Tools: Hands-on experience with governance solutions like AvePoint (Cloud Governance for M365/Power Platform) that help manage multi-tenant environment.
• Enterprise-Scale Digital Transformation: Experience guiding an organization through a large-scale platform adoption or transformation initiative (e.g., rolling out Teams, SharePoint, or Power Platform globally with proper governance) Familiarity with organizational change management techniques and champion network models.
• Responsible AI Frameworks: Experience with AI/LLM governance or Responsible AI frameworks. Knowledge of how autonomous agents, retrieval-augmented generation, and advanced AI capabilities create new governance requirements. Understanding of how Copilot agents should be positioned as decision-support tools rather than autonomous decision-makers in regulated environments.
• Financial Services Domain: Prior work in banking, insurance, or capital markets IT preferred. Understanding of how financial enterprises conduct risk management and auditing. Experience with multi-national regulatory compliance — for example, navigating data sovereignty by restricting certain data to certain geographic tenants

Education:

•Bachelor's degree in Computer Science or a closely-related discipline, or an equivalent combination of formal education and experience

“Visa sponsorship/support is based on business needs. We do not anticipate providing visa sponsorship/support for this position.”

The typical base pay range for this role is as follows:

• New York / New Jersey: $127–$205
• Non–New York / New Jersey: $127–$188

depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.

Our hybrid work schedule is four days on-site and work remotely one day per week.

MUFG Benefits Summary

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.