Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2018). In the Americas, we’re 13,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, developing positive relationships built on integrity and respect. It’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. We’re a team that accepts responsibility for the future by asking the tough questions and owning the solutions. Join MUFG and be empowered to make your voice heard and your actions count.
Job Summary:
- Reporting to the Head of Information Risk Due Diligence in the Second Line of Defense (SLoD), the Findings Management and Reporting Vice President is responsible for information risk findings (issues and observations) management and oversight.
- You will be responsible for defining criteria, tools, and methods for handling information risk findings including policy compliance exceptions, control deficiencies, and other self-identified issues in alignment with any bank policies / procedures.
- You are also responsible for providing oversight, including supporting the risk assessment teams and risk analytics personnel in identifying and driving action plan owners, monitoring those plans to closure, and reviewing the alignment of issues with KPIs / KRIs.
- You will also prepare related assessment metrics and reports for management review and awareness.
Major Responsibilities:
Specifically:
- You use enterprise standards to define the criteria, tools, and methodologies for balancing SLoD information risk findings (issues and observations)
- You track information risk findings including control deficiencies, policy exceptions, and other self-identified issues
- You track front line unit corrective actions across the enterprise
- You use Information Risk Assessment technologies to build and maintain an enterprise-wide risk issues library for information risk management
- You serve as a point of contact for escalation of issues when information risk issue related metric thresholds are breached; raise threat breaches to senior management as required
- You report key information risk issues to senior partners as required
- You handle partner management and working across various parts of the organization
- You communicate information risk matters to management
Are you ready for a challenge!
Qualifications:
Qualifications:
- Bachelor’s Degree or equivalent work experience required
- 8 + years of related experience
- Certifications: At least one security certification preferable, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
- Shown knowledge of information risk issue management criteria, tools, and methods
- Understanding of respective industry standard methodologies (e.g., NIST, ISO, COBIT, OWASP, ITIL)
- Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches
- Knowledge of the financial services industry and its regulations / laws
- Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business
- Knowledge of current industry trends in information risk management
- Able to influence and collaborate well with internal and external partners
- Subject Matter Authority on the information risk issue management process
- Experience with OpenPages, Archer, SharePoint, Strong MS Office skills along with strong verbal and written communication skills
The above statements are intended to describe the general nature and level of the work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.
Find one job in US 