MUFG Union Bank Ops & Tech Risk & Control Office Risk Management, AVP - Hybrid in Charlotte, North Carolina
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
This is a hybrid position. There are flexible work from home options available. A member of our recruitment team will discuss the options with you in more detail.
In this role you will focus on internal and external compliance requirements, activities, and deliverables to ensure that Operations & Technology meets regulatory and audit milestones. Responsibilities include collaborating with Operations & Technology colleagues to prepare or review content prior to submission and manage follow-up actions; tracking, escalating, and/or remediating risks and issues; and contributing to executive-level reporting.
This role is responsible for supporting executing a comprehensive first line of defense. You will work with critical crisis incident management team, strategic initiatives, and commercial transformation and technology teams to support the operational risk program that is consistent and aligned with the policy and standards second line of defense establishes for the operational risk program.
Support implementation of information technology and information security control framework
Evaluate and benchmark technology process execution against outstanding standards. (COBIT, NIST 800-53, Federal Financial Institutions Examination Council (FFIEC) etc.)
Support the execution of front line controls self-assurance and risk assessment activities (ad hoc controls review, business process management (BPM), risk and control self-assessments (RCSA)) and independent risk and audit activities as needed
Contribute to controls design and efficiency to technology partners in support their commitments to align with all applicable laws, regulations, and internal policies and procedures
Implement remediation plans that adhere to issues management mandates; timely issue and corrective action submission, accurate root cause identification, corrective action monitoring, on time closure, no failed validations, and no repeat issue
Monitor and document emerging risk, internal operational trends, and external risk events for potential impact to control environment
Contribute to risk analysis and risk mitigation recommendations
Support technology risk governance by ensuring our control environment performance is reported in a timely manner
Support the preparation of risk and controls governance materials as needed
Assist the BURM and/or partner with central function to build and maintain RSCA for all significant processes and follow-up on control deficiency remediation
Document process flows using Visio tool to ensure a clear audit / historic record
Report accurately and timely significant and emerging risks from the business unit view
Participate in ad hoc working groups to address and resolve new areas of risk within their area of responsibility
Facilitate support on internal audits and regulator exams and other control reviews, assist in resolving identified issues, and monitor their resolution
Perform independent quality assurance to assess issue closure design and effectiveness of the remediation
Support documentation of testing results in MUFG’s operational risk system of record (Open Pages) and/or coordinate with BURM testing staff and business units of any remediation activities, including documentation of action plans
Ensure success of remediation activities through effective process monitoring
Ensure that the resources dedicated to risk management within their area of responsibility are qualified and sufficient to efficiently and effectively carry out the required functions
Monitor risk management activities to ensure that they are properly performed and completed for the units within their area of responsibility
Assist business partners in reviewing risks evolving from various initiatives to ensure that operational risks are recognized, mitigated, reported, and/or accepted
Support internal control certifications, end user computing (EUC), vendor risk management, and other risk oversight areas as assigned
Identify and perform root cause analysis on risk trends and/or symptoms of process control breakdowns
Keep the BURM and BURCO apprised of changes in inherent risk or control breakdowns/deficiencies that could impact residual risk
Review bank-wide procedures and policies for the division as well as division desktop procedures
Liaise with other staff in the OPE Risk Management areas to use their domain expertise
Degree in computer science or related field, or in business or finance with coursework or working experience in areas of risk and/or data analytics], or typically requires a BA or BS degree
Preferred: professional certifications such as Certified Information System Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Manager (CISM), Certified in the Governance of Enterprise Information Technology (CGEIT), CSX, Certified Information Systems Security Professional (CISSP), Information Technology Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (COBIT), etc.
5-6 years experience in a risk & control or audit function, and compliance.
5+ years of experience preferably in a financial institution or other highly regulated environment in technology infrastructure, technology risk management role or equivalent or related field.
Demonstrable experience with and knowledge of regulations applicable to the banking and finance industry required
Experience with critical data elements (CDE's) and data lineage
Understanding of data quality, data quality monitoring, and data maturity models
Knowledge and implementation experience with industry best practices and frameworks such as: Committee of Sponsoring Organizations of the Treadway Commission (COSO), COBIT, National Institute of Standards and Technology (NIST)-800-53, Cybersecurity Horizontal Reviews, and ITIL in complex environment
Knowledge of critical domestic and international banking regulations (Reg W, Basel II, Federal Financial Institutions Examination Council (FFIEC), General Data Protection Regulation (GDPR), etc.)
Ability to identify signs of changing risk levels
Experience with executing technology and or information security risk assessment/testing methodologies evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and or external compliance examinations
Experience with risk metrics definition and reporting/scorecard development utilizing key risk metrics tools (IBM Open Pages, Tableau, structured query language (SQL), Access etc.)
Good experience in operational risks in the operations business lines
Domain expertise in related operations is a preference
Excellent analytical skills especially in risk assessment analysis
Excellent communication, presentation and influencing skills, and ability to manage stakeholders across multiple disciplines
Excellent analytical, organizational, and conceptual skills
Strong work ethic, ability to make decisions and work under tight deadlines; achievement-oriented and takes initiative.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.
Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to exemptions for medical or religious reasons, as well as any other reason required by applicable law or order. Should you be selected for an interview, your recruiter will provide additional information.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
Our Culture Principles
Listen Up. Speak Up.
Innovate & Simplify
Own & Execute