MUFG Union Bank Jobs

Mobile mufg Logo

Job Information

MUFG Union Bank Risk Assessment Cyber Applications, Associate Vice President in Charlotte, North Carolina

Risk Assessment Cyber Applications, Associate Vice President - 10042931-WD

Description

About MUFG

Discover your next career opportunity at MUFG Union Bank, N.A., a member of Mitsubishi UFJ Financial Group (MUFG), the fifth-largest financial services company in the world. In the Americas, we are a community of 14,000 colleagues who go above and beyond to make a difference for every client and organization—and the world at large. Our culture emphasizes putting our values into action and developing positive relationships built on integrity and respect. As individuals, we listen to new and diverse ideas and collaborate toward greater innovation, speed, and agility. As a team, we take responsibility for the future by asking tough questions and owning the solutions. Want to make your voice heard and your actions count? Join us at MUFG.

Job Summary

Reporting to the Information Risk Assessment - Applications Director, the Associate Vice President is responsible for: defining cyber application risk assessments and control testing processes for applications (both in-house and third party), conducting 2nd line assessments and control testing for applications as required, and reviewing and challenging cyber risk application assessment and testing performed by the 1st line.

Major Responsibilities

Specifically:

  • Assists in the development of cyber policies and standards relevant to applications

  • Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the cyber risks associated with applications (both in-house and third party)

  • Assists in the development of the IRM control inventory, specifically for controls related to technology applications

  • Assesses compliance to cyber policies and standards related to applications

  • Performs independent review and challenge of the front line unit cyber risk assessment and control testing for applications

  • Reviews risk mitigation strategies and tracks remediation efforts as issues are identified

  • Conducts 2nd line cyber risk assessments and control testing for applications; includes vulnerability scans, penetration tests and other assessment techniques

Generally:

  • Stakeholder management and working across various parts of the organization

Communicates information risk matters to senior management

Qualifications

Qualifications:

  • Education: Bachelor's Degree or equivalent work experience required

  • Certifications: At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)

  • Experience: 5 years of related experience

  • Knowledge:

  • Proven knowledge of application security assessment methodologies and technologies

  • Experienced in application security related standards, and best practices such as secure code reviews, secure SDLC, and application vulnerability management

  • Prior experience with application development and SDLC related processes is preferred

  • Knowledge of the financial services industry and its regulations / laws

  • Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business

  • Understanding of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)

  • Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches

  • Knowledge of current industry trends in information risk management

  • Skills : Strong MS Office skills along with strong verbal and written communication skills

  • Abilities:

  • Able to collaborate well with internal and external stakeholders

  • Able to be a subject matter expert on application security assessment methodologies and tools

This job description outlines this role’s general nature and level of responsibility. The above does not represent an exhaustive list of the duties or skills required.

The above statements are intended to describe the general nature and level of the work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.

We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.

Job : Risk

Primary Location : NORTH CAROLINA-Charlotte

Job Posting : Apr 14, 2021, 10:26:49 AM

Shift: : Day

Schedule: : Full Time

Req ID: 10042931-WD

DirectEmployers