Job Information
MUFG Sr. IT Risk Governance, VP – VP in New York, New York
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s 10 largest financial institutions according to S&P Global. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. A member of our recruitment team will provide more details.
Senior Technology Auditing, Compliance, & Governance Manager will ensure the integrity, confidentiality and availability of the Firm’s information via risk assessments, audits, controls testing, policy and procedure and compliance initiatives and operational duties. The successful candidate will support various GRC initiatives and work on a diverse set of security related tools and applications.
Responsibilities:
Coordinate with CUSO to maintain a comprehensive Risk Governance framework that aligns with MUFG’s overall Information Risk Management strategy and regulatory requirements.
Risk Assessment and Monitoring: Lead regular risk assessments (RCSAs, EIS Assessments, FFIEC CAT, Cyber Risk Institute, etc.) and monitoring activities to identify, evaluate, and mitigate IT risks, ensuring a proactive approach to risk management.
Coordinate Risk and Controls Testing: Coordinate controls testing activities, including maintaining inventory of controls in Open Pages, usher independent testing teams to SMEs, and prepare responses for any potential issues.
Coordination with Regional Teams: Collaborate with IT risk governance teams across MUSI and MUBK to ensure unified approach to IT risk management, facilitating effective communication and coordination.
Regulatory Compliance: Ensure IT Risk governance practices comply with all relevant regulatory reequipments, providing guidance and oversight to ensure adherence (i.e., SWIFT Security Attestations).
Reporting and communication: Develop and maintain regular reports on IT risk to senior management and board, provide insights and recommendations for risk mitigation and governance improvements. This includes Information risk management program updates, Risk metrics reporting, and MUSA executive management committee updates.
Required Skills:
10 – 15+ years of experience in Information Securities Technology & Governance with a focus on technology risk management.
Strong background in Technology Risk Management implementing strategies, policies, and standards and familiarity with financial or technology audit, risk, and control processes.
Develop and maintain an effective IT Risk Management framework, ensuring alignment with industry best practices, regulatory requirements, and compliance policies.
Partner and collaborate with various Business Lines as well as Internal Risk, Audit teams to develop Risk and Audit methodologies, governance, compliance, and strategies.
Strong exposure and experience in Audit (internal and/or external audit), e.g. risk management or internal control function, IT, cyber security, finance, and project management, system implementation project experience, etc.)
Conduct regular audits of IT systems, processes, and controls to identify areas of improvement, and recommend necessary changes.
Strong history and knowledge in technology with experience in Technology auditor.
Preferably worked in the Broker-Dealer world and handled multiple projects concurrently, dealt simultaneously with FLoD, SLoD and TLoD.
Create, analyze and develop risk assessment/audit reports and remediation plans resulting from the identification of risks and vulnerabilities discovered during audits/risk assessments.
Maintain Audit procedures, templates, and documentations to ensure consistency and efficiency in Audit processes.
Partner and prepare comprehensive audit, risk reports and documentations for Sr. Level Management and audit committees.
Experience with metric collection, data analytics, business analysis, and process improvement is advantageous.
Experience working in a team as a team lead; individual and group contributor.
Detail-oriented and able to meet tight and aggressive deadlines.
Strong interpersonal and communication skills, with the ability to build relationships and collaborate effectively.
Excellent documentation skills.
Desire and ability to learn new skills and concepts.
Highly motivated self-starter with an inquisitive personality
Quick learner with a proactive approach to new projects and technologies.
Excellent analytical skills with a keen eye for Mitigating Risk and accuracy.
Self-disciplined with the ability to work independently and make informed decisions.
Proficiency in Microsoft Office/O365, collaboration tools (Teams, SharePoint, Zoom), and advanced Excel and PowerPoint skills.
Proficiency in JIRA, Confluence
Working knowledge of SOX, FFEIC, COBIT, NIST and ISO27001; Third Party Risk Management; PCI
Education:
- Bachelor's or Master's degree in Computer Science, and/or or equivalent work experience equally preferable.
Preferred:
- One or more professional certifications, such as: CISSP, CISA, GIAC and other Industry Certifications considered a plus.
Other Qualifications:
- As per MUFG’s work policy, must work onsite 4 days and 1 day remotely out of 1251 Avenue of the Americas, New York, NY office.
The typical base pay range for this role is between $139K - $171K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays. For more information on our Total Rewards package, please click the link below.
MUFG Benefits Summary (https://careers.mufgamericas.com/sites/default/files/document/2023-01/mb-live-well-work-well.pdf)
We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA). The major responsibilities listed above are the material job duties of this role for which the Company reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of conditional offer of employment, if any.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual’s associates or relatives that is protected under applicable federal, state, or local law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
Our Culture Principles
Client Centric
People Focused
Listen Up. Speak Up.
Innovate & Simplify
Own & Execute