MUFG Union Bank Jobs

Mobile mufg Logo

Job Information

MUFG Union Bank Cyber Risk, Analyst / Officer in Charlotte, North Carolina

Cyber Risk, Analyst / Officer - 10043566-WD


About MUFG

Discover your next career opportunity at MUFG Union Bank, N.A., a member of Mitsubishi UFJ Financial Group (MUFG), the fifth-largest financial services company in the world. In the Americas, we are a community of 14,000 colleagues who go above and beyond to make a difference for every client and organization—and the world at large. Our culture emphasizes putting our values into action and developing positive relationships built on integrity and respect. As individuals, we listen to new and diverse ideas and collaborate toward greater innovation, speed, and agility. As a team, we take responsibility for the future by asking tough questions and owning the solutions. Want to make your voice heard and your actions count? Join us at MUFG.


In this role you will focus on internal and external compliance requirements, activities, and deliverables to ensure that Operations & Technology meets regulatory and audit milestones. Responsibilities include collaborating with Operations & Technology colleagues to prepare or review content prior to submission and manage follow-up actions; tracking, escalating, and/or remediating risks and issues.

As part of an effective risk and control framework, Operations & Technology for the Americas (OTA) documents and executes risk and control assessments across processes related to Operations & Technology. There is a comprehensive coverage and joint accountability model that promotes early identification and assessment of operational and technology risk, effective design and evaluation of controls, and sustainable solutions to mitigate operational and technology risk. Control testing is an integral part of the bank’s compliance with policies and standards, identifying whether controls are operating as intended to mitigate associated risk.

Major Responsibilities:

  • Support implementation of information technology and information security control framework

  • Provide ongoing assessment of the technology risk profile through regular monitoring and status reporting of risk issues and initiatives

  • Support the execution of front line controls, self-assurance, and risk assessment activities (ad hoc controls review, business process management (BPM), risk control self-assessment (RCSA)), and independent risk and audit activities as directed

  • Contribute to and assist in the implementation of remediation plans as directed

  • Contribute to risk analysis and risk mitigation recommendations

  • Support the execution and documentation of ITGC testing for in-scope processes across technology and First Line of Defense (FLoD) business units

  • Partner with stakeholders, including process owners and control officers, to document controls, enhance control language, and develop/maintain test scripts that validate controls are being performed in compliance with bank policies, procedures, and regulatory requirements to mitigate technology risk to the firm

  • Execute testing of ITGCs and application controls based on internal and industry standards and guidelines for design and effectiveness

  • Participate in technology walkthroughs for ITGCs and application controls and prepare meaningful documentation

  • Coordinate control testing activities, including logistical scheduling and document retrieval to support control testing in accordance with internal requirements

  • Provide project management support in tracking and coordinating the execution of policy and standards control testing activities

  • Liaise with risk assessment team and other stakeholders to ensure control testing is in alignment with broader risk assessment activities

  • Create synergies by identifying opportunities to repurpose control testing results to satisfy assessment requirements across the bank

  • Develop and distribute status reporting and communication related to control testing activities

  • Provide ongoing communication to internal stakeholders throughout the testing process to keep them apprised of progress and findings, escalating when appropriate

  • Prepare written reports that summarize the objectives, scope, findings, and conclusions for each assigned review

  • Support iterative review and challenge of assessment results, working with appropriate stakeholders across the lines of defense

  • Support adoption of automated ITGC testing platform by identifying controls for inclusion and respective prerequisites and logic for automated testing

  • Work collaboratively with risk and control team to execute against technology risk governance procedures

  • Coordinate required meetings, reviews and scheduling needs

  • Prepare materials for ongoing team meetings and meetings with OTA senior management



  • Degree in computer science or related field, or in business or finance with coursework or working experience in areas of risk and/or data analytics, information systems, technology management, or equivalent preferred

  • 3 years of experience in a risk & control or audit function

  • Experience with executing technology and/or information security risk assessment/testing methodologies evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and or external compliance examinations

  • Experience with risk metrics definition and reporting/scorecard development utilizing key risk metrics tools (IBM Open Pages, Tableau, structured query language (SQL), Access etc.)

  • Combined experience in IT external audit, IT internal audit, and technology risk, and/or IT General Controls (ITGC) assessment for compliance with Sarbanes-Oxley (SOX)

  • Experience with process documentation, risk, and control assessments and designing/executing ITGC test scripts

  • Experience with problem solving in a team environment by thinking outside of the box, providing innovative solutions, with and without technology

  • Excellent communication, presentation, and influencing skills and ability to manage stakeholders across multiple disciplines and strong written skills

  • Excellent analytical, organizational, and conceptual skills

  • Ability to manage multiple priorities concurrently, prioritize, and efficiently complete responsibilities while maintaining the highest quality

  • Ability to support work streams with sometimes limited oversight/information from inception to completion

  • Ability to identify obstacles and work in conjunction with others to identify options/solutions

  • Ability to constructively work both independently and in collaborative environments involving all levels of management and employees

  • Preferred: knowledge in technology areas including, but not limited to: access management, network security, enterprise architecture, release management, and incident response

  • Familiarity with regulations applicable to the banking and finance industry plus

  • Preferred: "Big Four" IT audit experience

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.

Job : Technology

Primary Location : NORTH CAROLINA-Charlotte

Other Locations : ARIZONA-Tempe

Job Posting : Jun 14, 2021, 1:21:18 PM

Shift: : Day

Schedule: : Full Time

Req ID: 10043566-WD