MUFG Union Bank Third Party Information Security Risk Analyst in Tempe, Arizona
Third Party Information Security Risk Analyst - 10046537-WD
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2020). In the Americas, we’re 13,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, developing positive relationships built on integrity and respect. It’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. We’re a team that accepts responsibility for the future by asking the tough questions and owning the solutions. Join MUFG and be empowered to make your voice heard and your actions count.
This is a hybrid position. You will work at an MUFG facility an average of one to three days per week, with the remainder being worked remotely. There are flexible work-from-home options available. A member of our recruitment team will discuss the options with you in more detail.
Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to medical and/or religious exemptions, if applicable. Should you be selected for an interview, your recruiter will provide additional information.
In this role you will be responsibilities for engaging key stakeholders across the organization, conducting risk assessments and control tests for new or existing technology and third-party vendor engagements; leading or supporting various programs, including risk and control self-assessment (RCSA), process, risk, and control, and other risk policies, standards, and processes.
As part of an effective risk and control framework, Operations and Technology for the Americas (OTA) documents and executes risk and control assessments across processes related to Operations and Technology. There is a comprehensive coverage and joint accountability model that promotes early identification and assessment of operational and technology risk, effective design and evaluation of controls, and sustainable solutions to mitigate operational and technology risk.
Support the execution and documentation of ITGC testing for in-scope processes across technology and First Line of Defense (FLoD) business units
Execute testing of ITGCs and application controls based on internal and industry standards and guidelines for design and effectiveness
Participate in technology walkthroughs for ITGCs and application controls and prepare meaningful documentation
Coordinate control testing activities, including logistical scheduling and document retrieval to support control testing in accordance with internal requirements
Provide project management support in tracking and coordinating the execution of policy and standards control testing activities
Produce and distribute status reporting and communication related to control testing activities
Provide ongoing communication to internal stakeholders throughout the testing process to keep them apprised of progress and findings, escalating when appropriate
Assist with preparation of written reports that summarize the objectives, scope, findings, and conclusions for each assigned review
Support iterative review and challenge of assessment results, working with appropriate stakeholders across the lines of defense
Support adoption of automated ITGC testing platform by identifying controls for inclusion and respective prerequisites and logic for automated testing
Work collaboratively with risk and control team to execute against technology risk governance procedures
Assist with coordination of required meetings, reviews, and scheduling needs
Prepare materials for ongoing team meetings and meetings with senior management
Bachelor's degree in computer science, information systems, technology management, or equivalent preferred
Preferred: degree from a competitive school, demonstrating a strong academic and extracurricular track record
Requires a minimum of 1-3 years of experience in IT risk and controls
Preferred: "Big Four" IT audit experience, Professional in Project Management (PMP), Six Sigma Black Belt or Green Belt professional certifications
Preferred: experience with process documentation, risk, and control assessments
Preferred: proficient with Microsoft Office (Project, PowerPoint, Excel, Word)
Experience with process documentation, risk and control assessments, and designing/executing IT General Controls (ITGC) test scripts
Experience with problem solving in a team environment by thinking outside of the box and providing innovative solutions, with and without technology
Preferred: knowledge in technology areas including, but not limited to: access management, network security, enterprise architecture, release management and incident response
Preferred: experience in a project management role
Ability to manage multiple priorities concurrently, prioritize, and efficiently complete responsibilities while maintaining the highest quality
Ability to support work streams with sometimes limited oversight/information from inception to completion
Ability to identify obstacles and work in conjunction with others to identify options/solutions
Ability to constructively work both independently and in collaborative environments involving all levels of management and employees
The above statements are intended to describe the general nature and level of the work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified .
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it’s the bank’s policy to only inquire into a candidate’s criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.
Job : Technology
Primary Location : ARIZONA-Tempe
Job Posting : Sep 1, 2021, 9:59:22 AM
Shift: : Day
Schedule: : Full Time
Req ID: 10046537-WD