MUFG Union Bank Jobs

Mobile mufg Logo

Job Information

MUFG Union Bank Technology Risk and Control Manager – Enterprise Information Security, Vice President in Arlington, Texas


Discover this rewarding opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2018) with total assets of over $2.9 trillion (106.2 (JPY) as of March 30, 2018) and 150,000 colleagues in more than 50 countries. In the U.S., we’re 13,000 strong, working together to positively impact every customer, organization, and community we serve. We achieve this by delivering on our values, putting people first, fostering long-term relationships and inspiring the best in each other. This is all part of our inclusive, high-performing culture supported by Total Rewards that include our cash balance pension plan. Join a team that’s working to fulfill its vision to be the world’s most trusted financial group.

Job Summary

A member of the Operations and Technology for the Americas (OTA) Risk & Controls Office (RCO), the Technology Risk and Control Manager, VP is a key member of a first line risk and controls team aligned to a specific OTA technology business Enterprise Information Security . This individual works with other team members to partner with technology teams to drive effective risk and control management. The teams are responsible for assessing the technology risk and control environment, identifying improvement opportunities, reporting and monitoring key risk metrics and providing governance with respect to all risk and control matters. The role reports to the Director, Business Unit Risk Manager.

Major Responsibilities:

  • You will drive implementation and sustainment of information technology and information security control framework.

  • You will evaluate and benchmark MUFG technology process execution against outstanding standards. (COBIT, NIST 800-53, FFIEC etc.)

  • You will manage the execution of front line controls self-assurance and risk assessment activities (adhoc controls review, BPM, RCSA) and support independent risk and audit activities as needed.

  • You will provide consult on controls design and efficiency to OTA partners in support their commitments to align with all applicable laws, regulations, and internal MUFG policies and procedures.

  • You will drive risk culture; influence self-identification and disclosure of control self-assurance gaps.

  • You will ensure gaps are addressed via remediation plans that adhere to issues management mandates; timely issue and corrective action submission, accurate root cause identification, corrective action monitoring, on time closure, no failed validations, and no repeat issue.

  • You will monitor and evaluate emerging risk, internal operational trends, and external risk events for potential impact to control environment

  • Quality risk analysis and risk mitigation recommendation.

  • You will support technology risk governance by ensuring OTA control environment performance is reported, have risk management plans in place or critical issues

  • You will support the preparation of risk and controls governance materials as needed.


  • 6 years of experience in information technology, information security and or operational risk management, (Includes operations, operational risk management, compliance, audit and third party risk management within technology and or information security), or a combination thereof.

  • Knowledge and implementation experience with industry best practices and frameworks such as: COSO, COBIT, NIST-800-53, Cybersecurity Horizontal Reviews, and ITIL in complex environment

  • Knowledge of critical domestic and international banking regulations (Reg W, Basel II, FFIEC, GDPR, etc.) and experience with enforcement agencies oversight activities (regulatory examinations, MRA’s, consent orders, etc.) within global systemically important financial institutions information technology and information security environments.

  • Experience with executing technology and or information security risk assessment/testing methodologies evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and or external compliance examinations.

  • Experience in creation and review of work papers to document testing and/or issue closure and experience in the management of regulatory matters

  • Ability to demonstrate an analytical approach to problem solving. Identify, analyze and apply/recommend practical solutions.

  • Experience with automating and or the ability to conceptualizing automated control solutions is highly desired.

  • Experience with risk metrics definition and reporting/scorecard development utilizing key risk metrics tools (IBM Open Pages, Tableau, SQL, Access etc.)

  • Ability to work effectively in team environment, and influence across all interpersonal levels, where flexibility, collaboration, adaptability, challenge and influence are important.

  • Strong planning, organizing skills, ability to multitask and deal with varied workload.

  • Ambitious and hardworking

  • Bachelor’s Arts or Science plus 8 years technology, information security, operational risk management or related roles.

  • Deep understanding of financial institution processes, products and risk.

  • Prior supervisory and or management role with a focus on talent development.

  • Risk, Information Security and of Technology Certifications desired, but not required. (CISA, CRISC, CISM, CGEIT, CSX, CISM, CISSP, ITIL, COBIT, etc.)

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.

Job: Risk

Primary Location: ARIZONA-Tempe

Other Locations: TEXAS-Arlington, NORTH CAROLINA-Charlotte

Shift Day

Req ID: 10038422-WD