MUFG Union Bank Jobs

Mobile mufg Logo

Job Information

MUFG Union Bank Technology Risk and Control Manager, VP in Charlotte, North Carolina

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

This is a hybrid position. There are flexible work from home options available. A member of our recruitment team will discuss the options with you in more detail.

Summary:

In this role you will focus on internal and external compliance requirements, activities, and deliverables to ensure that Operations & Technology meets regulatory and audit milestones. Responsibilities include engaging with regulators and/or leaders from other functions, including audit and compliance, and collaborating with Operations & Technology colleagues to prepare or review content prior to submission and manage follow-up actions; establishing processes, templates, and stakeholder matrices for activities; creating roadmaps aligned to recurring and ad hoc milestones; ensuring stakeholders execute appropriately and meet milestones on time; tracking, escalating, and/or remediating risks and issues; and developing and executing executive-level reporting.

This role is a key member of a first line risk and controls team aligned to a specific technology business. You will work with other team members to partner with technology teams to drive effective risk and control management. The teams are responsible for assessing the technology risk and control environment, identifying improvement opportunities, reporting and monitoring key risk metrics and providing governance with respect to all risk and control matters.

  • Drive implementation and sustainment of information technology and information security control framework

  • Evaluate and benchmark technology process execution against outstanding standards (NIST CSF/800-53, FFIEC Cybersecurity Assessment Tool).

  • Manage the execution of front line controls self-assurance and risk assessment activities (ad hoc controls review, business process management (BPM), risk and control self-assessments (RCSA)) and independent risk and audit activities as needed.

  • Consult on controls design and efficiency with technology partners in support of their commitments to align with all applicable laws, regulations, and internal policies and procedures. Drive risk culture; influence self-identification and disclosure of control self-assurance gaps

  • Ensure gaps are addressed via remediation plans that adhere to issues management mandates: timely issue and corrective action submission, accurate root cause identification, corrective action monitoring, on time closure, no failed validations, and no repeat issue

  • Monitor and evaluate emerging risk, internal operational trends, and external risk events for potential impact to control environment to prepare risk analysis and risk mitigation recommendations.

  • Support technology risk governance by ensuring our control environment performance is reported and has risk management plans in place for critical issues. Support the preparation of risk and controls governance materials as needed.

Qualifications:

  • Undergraduate degree plus 8 years in technology, information security, operational risk management, or related roles

  • Preferred: professional certifications such as Certified Information System Auditor (CISA), Certified Information Systems Manager (CISM), Certified Information Systems Security Professional (CISSP) or similiar

  • Cloud Service Provider (CSP) certifications desired (i.e. Amazon Web Services (AWS) Cloud Practitioner, AWS Specialty – Security), relevant professional certifications a plus

  • 6 plus years of experience in information technology, information security, and/or operational risk management, (Includes operations, operational risk management, compliance, audit, and third party risk management within technology and/or information security), or a combination thereof, or other highly regulated environment.

  • Experience with SQL, Tableau, and JIRA / Confluence is preferred.

  • Deep working experience with regulations applicable to the banking and finance industry required

  • Deep understanding of financial institution processes, products, and risk.

  • Preferred: knowledge in technology areas including, but not limited to: access management, network security, enterprise architecture, release management, and incident response.

  • Preferred: "Big Four" or large bank IT audit experience

  • Preferred: experience in a project management role

  • Experience with critical data elements (CDEs) and data lineage.

  • Understanding of data quality, data quality monitoring, and data maturity models.

  • Knowledge and implementation experience with industry best practices and frameworks such as: (NIST)-800-53, NIST CSF, Cybersecurity Horizontal Reviews, and ITIL in complex environment. Knowledge of critical domestic and international banking regulations (Reg W, Basel II, Federal Financial Institutions Examination Council (FFIEC), General Data Protection Regulation (GDPR), etc.) and experience with enforcement agencies oversight activities (regulatory examinations, matters requiring attention (MRAs), consent orders, etc.) within a global systemically important financial institution's information technology and information security environments.

  • Experience with executing technology and/or information security risk assessment/testing methodologies, evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and/or external compliance examinations

  • Understanding of the regulatory environment and regulations related to technology risk, and Office of the Comptroller of the Currency (OCC) and Federal Reserve Board (FRB) expectations.

  • Experience with executing technology and/or information security risk assessment/testing methodologies evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and/or external compliance examinations

  • Experience with risk metrics definition and reporting/scorecard development utilizing key risk metrics tools (IBM Open Pages, Tableau, structured query language (SQL), Access etc.)

  • Prior supervisory and/or management role with a focus on talent development

  • Experience in creation and review of work papers to document testing and/or issue closure, and experience in the management of regulatory matters

  • Experience with automating and/or the ability to conceptualize automated control solutions

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to exemptions for medical or religious reasons, as well as any other reason required by applicable law or order. Should you be selected for an interview, your recruiter will provide additional information.

At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!

Our Culture Principles

  • Client Centric

  • People Focused

  • Listen Up. Speak Up.

  • Innovate & Simplify

  • Own & Execute

DirectEmployers