Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with approximately 350 years of history, MUFG is a global network with around 2,300 offices in over 50 countries including the Americas, Europe, the Middle East and Africa, Asia and Oceania, and East Asia. The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.
As one of the top financial groups globally with a vision to be the world's most trusted, we want to attract, nurture and retain the most talented individuals in the market. The size and range of MUFG's global business creates opportunities for our employees to stretch themselves and reap the rewards, whilst our common values, to behave with integrity and responsibility, and to build a culture which is fair, transparent, and honest, underpin everything that we do. We aim to be the financial partner of choice for our clients, whatever their requirements, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
Please visit our website for more information - mufgemea.com.
IT Risk, Security & Control department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting the global Information Security Standards and Procedures (ISSP) requirements and local security requirements.
The department deploys, supports and monitors security solutions such as virus protection, vulnerability management, complianfce monitoring and threat/incident management activities to reduce risk.
MAIN PURPOSE OF THE ROLE
- To lead a team of Governance Risk and Control SMEs responsible for carrying out IT Security Assessments (Secure-by-Design) on technology projects.
- To ensure that all projects comply with IT security policies and requirements.
KEY RESPONSIBILITIES
In this role, you will be responsible for managing the secure-by-design team activities across MUFG’s banking arm and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you. The responsibilities include, but not limited to:
- Delivering on the secure-by-design process to help ensure that all relevant TEC projects undergo security review prior to implementation.
- Managing the team of GRC SMEs delivering on the Secure-by-Design activities: Outlining relevant KPIs and measuring the team against the KPIs
- Interviewing business and technology stakeholders responsible for controls (technical and non-technical)
- Reviewing the team’s reports and conclusions and ensuring suitability of the relevant evidence required to demonstrate the operating effectiveness
- Developing a testing strategy for testing operating effectiveness of controls
- Arriving at informed conclusions regarding gaps in control operating effectiveness
- Documentation of risks, gaps, findings and recommended actions
- Managing your and the team’s time to ensure testing is completed in a timely manner
WORK EXPERIENCE
Essential
- Experience in managing multiple tasks with broad scope, ambiguity, and high degree of difficulty
- Experience in providing assurance for cybersecurity technologies, policies, standards and procedures
- Demonstrable proficiency in a wide range of information IT security domains such as Security Governance, Identity and Access Management, Access Controls, Threat Intelligence, Asset Management, Risk Management, Security Assessment/Testing, Security Incident Management and Vulnerability and Patch Management
- Understand global IT risk management structure
- Demonstrable experience of senior stakeholder management and relevant management reporting.
- Ability to coach team members through knowledge transfer and constructive feedback
SKILLS AND EXPERIENCE
Functional / Technical Competencies
Essential:
- Good understanding of cybersecurity/IT control frameworks including but not limited to frameworks from SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, and PCI-DSS
- Good managerial skills
- Experience of working as an IT auditor, security auditor or governance, risk and compliance analyst
- Proven understanding of current best practice approach to security assurance and the application of security frameworks
- Planning and prioritizing multiple project work streams in response to rapidly developing and changing portfolios.
- Broad knowledge of computer, networking and IT security systems including operating systems, databases, firewalls, SIEM, DLP etc.
- Good presentation, documentation and reporting skills
Preferred:
- Experience in project management
- Experience in providing assurance for cybersecurity technologies, policies, standards and procedures
- Ability to maintain a working knowledge of cybersecurity principles and elements
- Understand global IT risk management structure
- Demonstrable experience of senior stakeholder management and relevant management reporting.
Education / Qualifications:
Essential
- Degree educated and / or equivalent experience.
Preferred:
- Relevant certifications (e.g. CISA, CRISC, CISM, CISSP….)
PERSONAL REQUIREMENTS
- Personal alignment to MUFG Values
- Integrity & Responsibility
- Professionalism & Teamwork
- Challenge ourselves to grow
- Personal alignment to EMEA Cultural Principles
- Client Centric
- People Focused
- Listen Up, Speak Up
- Innovate & Simplify
- Own & Execute
In addition:
- Excellent communication skills
- Results driven, with a strong sense of accountability
- A proactive, motivated approach.
- The ability to operate with urgency and prioritize work accordingly
- Strong decision making skills, the ability to demonstrate sound judgement
- A structured and logical approach to work
- Strong problem solving skills
- A creative and innovative approach to work
- Excellent interpersonal skills
- The ability to manage large workloads and tight deadlines
- Excellent attention to detail and accuracy
- A calm approach, with the ability to perform well in a pressurized environment
- Strong numerical skills
- Excellent Microsoft Office skills
- A confident approach, with the ability to provide clear direction to your team
- Excellent managerial/leadership experience
- The ability to lead a high performing team
- A strategic approach, with the ability to lead and motivate your team
We are open to considering flexible working requests in line with organisational requirements.
MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.
We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.
