MUFG Union Bank Jobs

Mobile mufg Logo

Job Information

MUFG Union Bank Ops & Tech Risk & Control Office Risk Management, AVP - Hybrid in Charlotte, North Carolina

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

This is a hybrid position. There are flexible work from home options available. A member of our recruitment team will discuss the options with you in more detail.

Job Summary:

In this role you will focus on internal and external compliance requirements, activities, and deliverables to ensure that Operations & Technology meets regulatory and audit milestones. Responsibilities include collaborating with Operations & Technology colleagues to prepare or review content prior to submission and manage follow-up actions; tracking, escalating, and/or remediating risks and issues; and contributing to executive-level reporting.

This role is responsible for supporting executing a comprehensive first line of defense. You will work with critical crisis incident management team, strategic initiatives, and commercial transformation and technology teams to support the operational risk program that is consistent and aligned with the policy and standards second line of defense establishes for the operational risk program.

  • Support implementation of information technology and information security control framework

  • Evaluate and benchmark technology process execution against outstanding standards. (COBIT, NIST 800-53, Federal Financial Institutions Examination Council (FFIEC) etc.)

  • Support the execution of front line controls self-assurance and risk assessment activities (ad hoc controls review, business process management (BPM), risk and control self-assessments (RCSA)) and independent risk and audit activities as needed

  • Contribute to controls design and efficiency to technology partners in support their commitments to align with all applicable laws, regulations, and internal policies and procedures

  • Implement remediation plans that adhere to issues management mandates; timely issue and corrective action submission, accurate root cause identification, corrective action monitoring, on time closure, no failed validations, and no repeat issue

  • Monitor and document emerging risk, internal operational trends, and external risk events for potential impact to control environment

  • Contribute to risk analysis and risk mitigation recommendations

  • Support technology risk governance by ensuring our control environment performance is reported in a timely manner

  • Support the preparation of risk and controls governance materials as needed

  • Assist the BURM and/or partner with central function to build and maintain RSCA for all significant processes and follow-up on control deficiency remediation

  • Document process flows using Visio tool to ensure a clear audit / historic record

  • Report accurately and timely significant and emerging risks from the business unit view

  • Participate in ad hoc working groups to address and resolve new areas of risk within their area of responsibility

  • Facilitate support on internal audits and regulator exams and other control reviews, assist in resolving identified issues, and monitor their resolution

  • Perform independent quality assurance to assess issue closure design and effectiveness of the remediation

  • Support documentation of testing results in MUFG’s operational risk system of record (Open Pages) and/or coordinate with BURM testing staff and business units of any remediation activities, including documentation of action plans

  • Ensure success of remediation activities through effective process monitoring

  • Ensure that the resources dedicated to risk management within their area of responsibility are qualified and sufficient to efficiently and effectively carry out the required functions

  • Monitor risk management activities to ensure that they are properly performed and completed for the units within their area of responsibility

  • Assist business partners in reviewing risks evolving from various initiatives to ensure that operational risks are recognized, mitigated, reported, and/or accepted

  • Support internal control certifications, end user computing (EUC), vendor risk management, and other risk oversight areas as assigned

  • Identify and perform root cause analysis on risk trends and/or symptoms of process control breakdowns

  • Keep the BURM and BURCO apprised of changes in inherent risk or control breakdowns/deficiencies that could impact residual risk

  • Review bank-wide procedures and policies for the division as well as division desktop procedures

  • Liaise with other staff in the OPE Risk Management areas to use their domain expertise


  • Degree in computer science or related field, or in business or finance with coursework or working experience in areas of risk and/or data analytics], or typically requires a BA or BS degree

  • Preferred: professional certifications such as Certified Information System Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Manager (CISM), Certified in the Governance of Enterprise Information Technology (CGEIT), CSX, Certified Information Systems Security Professional (CISSP), Information Technology Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (COBIT), etc.

  • 5-6 years experience in a risk & control or audit function, and compliance.

  • 5+ years of experience preferably in a financial institution or other highly regulated environment in technology infrastructure, technology risk management role or equivalent or related field.

  • Demonstrable experience with and knowledge of regulations applicable to the banking and finance industry required

  • Experience with critical data elements (CDE's) and data lineage

  • Understanding of data quality, data quality monitoring, and data maturity models

  • Knowledge and implementation experience with industry best practices and frameworks such as: Committee of Sponsoring Organizations of the Treadway Commission (COSO), COBIT, National Institute of Standards and Technology (NIST)-800-53, Cybersecurity Horizontal Reviews, and ITIL in complex environment

  • Knowledge of critical domestic and international banking regulations (Reg W, Basel II, Federal Financial Institutions Examination Council (FFIEC), General Data Protection Regulation (GDPR), etc.)

  • Ability to identify signs of changing risk levels

  • Experience with executing technology and or information security risk assessment/testing methodologies evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and or external compliance examinations

  • Experience with risk metrics definition and reporting/scorecard development utilizing key risk metrics tools (IBM Open Pages, Tableau, structured query language (SQL), Access etc.)

  • Good experience in operational risks in the operations business lines

  • Domain expertise in related operations is a preference

  • Excellent analytical skills especially in risk assessment analysis

  • Excellent communication, presentation and influencing skills, and ability to manage stakeholders across multiple disciplines

  • Excellent analytical, organizational, and conceptual skills

  • Strong work ethic, ability to make decisions and work under tight deadlines; achievement-oriented and takes initiative.


The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.

Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to exemptions for medical or religious reasons, as well as any other reason required by applicable law or order. Should you be selected for an interview, your recruiter will provide additional information.