Thursday, September 1, 2016

Technology Risk Mgt, VP - Mitsubishi UFJ Fin - San Francisco

Technology Risk Management, Control Officer, Vice President - Mitsubishi UFJ Financial Group, Inc. - San Francisco

 Join a financial group that’s as committed to your future as you are. At MUFG, we share a vision for our future, we share our successes, and we strive to bring out the best in each other in everything we do. Our 14,000 diverse colleagues are connected by a common ambition to create change for the better—from forging more dynamic career paths, to driving progress in our communities, to continuously reshaping the standards of global financial services. Positive impact starts here; see the change you can make as we strive to become the world’s most trusted financial group.
Job Summary
Technology Risk Management Control Officer will serve as a Technology Risk SME aligned to specific operational unit and will be responsible for supporting development, implementation, and ongoing management of a First Line of Defense (FLOD) program related to assigned operational unit and enforcing policies & procedures developed to ensure compliance with regulatory obligations. The Control Officer will engage with various groups to help develop the assigned unit-specific project plan and drive the execution of the plan in line with established deadlines, and will interact with Compliance, Legal, Risk, and all other corporate groups supporting the execution of the program.  Additionally, there will be defined elements of the policies and procedures that will become the responsibilities of the Control Officer upon achieving a business as usual environment.
Major Responsibilities: 
People Management Responsibilities:
  • Train others on the Risk Control methodologies and reinforce an inherent culture of accountability and ownership for implementation and execution of controls across all levels and functions within the organization
  • Establish strong relationships with key functional stakeholders including FLOD lines of business, Risk, Compliance, and Internal Audit. Instill confidence by demonstrating credibility and expertise on control issues
  • Manage the implementation of all aspects of the technology risk function for the assigned operating unit, including implementation of processes, tools and systems to identify, assess, measure, manage, monitor and report risks
Process Responsibilities:
    • Provide supported operating unit with Risk Control SME advisory service, adopting a partnership approach, in order to minimize risk and offering solutions to mitigate and lessen the cost of risk
    • Developing and preparing reports for senior management for KRI/KPI as well as reporting project-based updates
    • Assist in the development of and manage processes to identify and evaluate operating unit’s risks as well as risk and control self-assessments
    • Manage the process for developing risk policies and procedures, risk limits, and approval authorities
    • Monitor first line of defense (FLOD) technology processes, risk control limits and tolerance thresholds
    • Perform a risk-based cycle of periodic control reviews
    • Conduct control identification reviews and document process maps and controls such as regulatory requirements and address identified process gaps
    • Implement information risk controls and technology processes in line with IRM standards
    • Test the normal execution of critical/key controls across functions and then promptly escalate exceptions
    • Prepare reports on control reviews undertaken, controls inventory maintenance, and remediation activities to relevant stakeholders
    • Monitor remediation steps and corrective action plans from control review findings to implementation
    • Work closely with second line of defense on tasks not limited to: maintain risk, threat, and controls libraries; define metrics and create management reports; manage issues, oversee corrective actions and escalate as needed; establish IRM controls and compliance programs
    • Oversee definition of technology processes, operating procedures and technical standards
    • Maintain asset inventories (information, apps, etc.) in line with first line of defense (FLOD) operating procedures
    • Other tasks as required
    • Maintain the highest level of personal integrity in all dealings thereby mitigating reputational risk to MUB
    • Stakeholder management and working across various parts of the organization
    • Communicates information risk matters to senior management
    • 5 years of financial services experience with a large financial services firm or advisory/consulting firm including experience as an internal auditor and or public accountant or compliance officer
    • Eperience specializing in technology, audit, or risk and controls
    • Knowledgeable about processes, risks and controls/controls design
    • Experience in process and controls mapping methodologies
    • Proven experience in writing policies, procedures and reports
  • Proven knowledge of information risk management metrics and reporting process / methodologies and tools
  • Knowledge of the financial services industry and its regulations / laws
  • Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business
  • Understanding of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
  • Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches
  • Knowledge of current industry trends in information risk management       
  • Able to collaborate well with internal and external stakeholders
  • Able to enforce and communicate related policies, procedures, and guidelines
  • Able to be a subject matter expert on information risk management metrics and reporting
  • Ability to work effectively in a matrixed environment
  • Demonstrated ability to build strong professional relationships
  • Self-motivated professional with the ability to work under pressure and meet deadlines and goals
  • Strong influencing and collaboration skills
 Strong MS Office skills along with strong oral and written communication skills
Education Requirements
  • Bachelor's degree in Computer Science, Technology, or Related Fields.
  • Master’s Degree (preferred)
Preferred Certifications
Certifications: Security certification is desirable, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
Why Work for MUFG?
We are a financially strong and stable bank.
We value workplace diversity.
We are committed to the training and development of our employees.
Innovative vacation benefits.
We offer a matching 401k, a Retirement Plan, and a variety of Flexible Health Benefits.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to
be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
To learn more about MUFG, review all current career opportunities, and apply please visit us online:
We are committed to leveraging the diverse backgrounds, perspectives and experiences of our workforce to create opportunities for our people and our business. Equal Opportunity Employer: Minority/Female/Disability/Veteran.
Job: Systems / Technology
Other Locations: AUG 30, 2016, 8:14:07 PM
Shift: Day
Schedule: Full Time

No comments: