Assistant Vice President, Authentication & Directory Services Engineer

MUFG • Full-time • London Ropemaker place, United Kingdom • 1d ago

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with approximately 350 years of history, MUFG is a global network with around 2,300 offices in over 50 countries including the Americas, Europe, the Middle East and Africa, Asia and Oceania, and East Asia.. The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.

As one of the top financial groups globally with a vison to be the world's most trusted, we want to attract, nurture and retain the most talented individuals in the market. The size and range of MUFG's global business creates opportunities for our employees to stretch themselves and reap the rewards, whilst our common values, to behave with integrity and responsibility, and to build a culture which is fair, transparent, and honest, underpin everything that we do.We aim to be the financial partner of choice for our clients, whatever their requirements, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

MUFG’s shares trade on the Tokyo, Nagoya, and New York (NYSE: MTU) stock exchanges. The group’s operating companies include, but are not limited to, Bank of Tokyo-Mitsubishi UFJ, Mitsubishi UFJ Trust and Banking (Japan's leading trust bank), Mitsubishi UFJ Securities Holdings (one of Japan's largest securities firms), and MUFG Americas Holdings. Please visit our website for more information - mufgemea.com.

Corporate Technology is responsible for the operation, development and support of all applications across all areas of the business. Corporate Technology ensures IT strategy, architecture and solutions are aligned to business requirements. Within Corporate Technology, IT Security works across Technology and the Business in the delivery of cyber security and responsible for the Security Operations Centre, IT Security Architecture & Support, Identity & Access Management and Threat & Vulnerability Management with an EMEA-wide oversight across Bank and Securities.

NUMBER OF DIRECT REPORTS

4 to 8 direct reports

MAIN PURPOSE OF THE ROLE

An exciting opportunity is available to join this group for a senior experienced leader with a technical background in Identity & Access Management. They will lead the team and provide the technical capability to support the execution of critical IAM processes across MUFG. This will include platform operations, supporting and maintaining the overall service health, managing vendors and driving the product direct and strategic delivery.

The team handles day to day management of all Identity & Access Management needs of the business There will need to be close co-ordination with the other teams including HR, IT Risk, Compliance and Infrastructure Teams. All technical documentation and platform standards must be kept up to date and technical direction, and strategy must be developed and enhanced as required.

The successful candidate will be an experienced leader and must familiarise themselves with the processes and procedures of the Bank quickly to be able to support and oversee the day-to-day platform and operational management. They will provide the team with coaching and mentoring on best practice in IAM. Candidates will be expected to articulate complex technical matters in plain English to earn the support of senior management stakeholders and those technically less experienced.

The role requires an excellent team player; a self-starter with a motivation and desire to seek out & deliver improvements and a drive to build the team and promote future platform opportunities for approval and funding. Experience of managing personnel both onshore and offshore is essential.

Candidates applying for this role must be able to demonstrate senior leadership and management skills, with around 10 years of experience, have an in-depth knowledge of Identity & Access Management through either a recognised qualification or proven experience working in this area. Candidates should also be able to demonstrate practical experience and insight gained through similar roles including in-depth troubleshooting and team leadership skills.

KEY RESPONSIBILITIES

Own and run end-to-end IAM operations to deliver reliable, secure, and scalable identity services across workforce and non-human identities.
Lead on IAM service delivery, automation and self-service,
Own day-to-day IAM operations across identity lifecycle (joiner-mover-leaver), access requests and access fulfillment workflows.
Run ITSM-aligned operations: incident, problem, change, request, and knowledge management with clear escalation paths and on-call readiness.
Own operational communications: status updates, planned maintenance notices, user-impact messaging, and post-incident reviews with measurable corrective actions.
Oversee operational stability and administration for IAM platforms and dependencies (examples: SSO/MFA platforms, directories, IGA administration, ITSM workflows, HR source-of-truth, APIs/connectors).
Lead audit and compliance execution for access controls: evidence collection, recertification operational execution, control testing support, remediation tracking, and sustained audit readiness.
Establish an automation-first operating model targeting removal of repetitive manual tasks and reduction of ticket volume across IAM workflows.
Expand end-user self-service capabilities (request catalog, automated approvals, MFA recovery flows, identity and access status checks) to reduce Service Desk dependency.
Implement a continuous improvement loop: analyze top ticket drivers, remove root causes, standardize processes, improve knowledge, and automate recurring issues.
Own operational risk posture for IAM services including access outages, mis-provisioning, privileged drift, toxic combinations and non-human identity sprawl
Ensure strong monitoring, alerting, and telemetry for IAM services and integrations, and partner with SecOps where needed (SIEM, logging, anomaly detection).
Drive reduction in repeat incidents through disciplined root cause analysis, prevention, and engineering partnership.
Build strong partnerships across Security, Infrastructure, HR, application owners, and enterprise service management teams.

WORK EXPERIENCE

Essential:

12+ years of experience in IAM, security operations, or identity platform operations, with 5+ years leading teams and service delivery.
Proven experience operating IAM services at enterprise scale (large user populations, many applications, multi-region environments).
Strong ITSM and operational management experience: incident/problem/change/request, SLAs/SLOs, metrics, and service health reporting.
Demonstrated ability to manage third-party SI partners and/or managed services with measurable outcomes (scorecards, SLAs, escalations, coverage models).
Track record delivering automation and self-service using workflows, APIs, and orchestration with tangible reductions in manual effort and ticket volume.
Experience supporting audits and compliance requirements related to access controls (SOX, SOC 2, ISO 27001, PCI, or similar), including evidence production and remediation.
Excellent stakeholder management and communication skills, including leading major incidents and delivering executive-level updates.
High ownership and operational rigor with a strong bias for action and measurable outcomes.
Structured problem solving and disciplined root cause analysis with prevention mindset.
Clear communicator under pressure with strong executive presence.
Ability to balance reliability, security, and user experience while driving standardization.
Talent builder who creates leaders and scales operating models globally.
Strong prioritization and roadmap discipline across run, improve, and transform workstreams.
Experience implementing privileged access operational controls, including emergency access, time-bound access, and privileged session support coordination.
Experience operating in complex environments (multiple directories/tenants, M&A integrations, directory consolidation, app migrations).
Familiarity with Zero Trust principles and identity-centric security patterns.
Experience applying AI agents or AI-assisted support in IT or security operations with strong governance and auditability.
A sound understanding of Identity and Access Management processes and controls including external audit and SOX requirements
Experience with critical production server support, application upgrades and project lifecycle/ SDLC processes
Good knowledge of control frameworks such as NIST, CRI, DORA, SOX.
Excellent written and verbal communication skills.

Preferred:

Knowledge of Privileged Access Management principles, process and tools
Experience applying AI agents or AI-assisted support in IT or security operations with strong governance and auditability.
Exposure to cloud identity patterns (AWS, Azure, GCP) and CI/CD access models.
Financial Services experience a bonus
Experience of Financial regulations, compliance and standards
Must have Experience of supporting Global Organisation (10,000 users +)

Education

Educated to degree level
CISSP, CISM, or equivalent professional qualifications desirable

SKILLS AND EXPERIENCE

Essential:

Proven experience with running and managing leading IAM platforms (Saviynt, Sailpoint, Entra ID, AD, etc.).
Strong IAM domain knowledge: JML, authorization, lifecycle management, RBAC/ABAC concepts, and access governance fundamentals.
Strong understanding of Identity Governance and Administration (IGA), including RBAC (Role-Based Access Control) and entitlement management.
Experience with application onboarding and integration through AD/Entra, REST/SCIM, DB, SAP and other Connector frameworks as well as disconnected application integration patterns for application access governance.
Experience with integration into authoritative sources in HR and other including Workday
Experience in creation of self-service IAM forms, process automation and integration with ITSM tools such as ServiceNow
Experience with integration methodologies and tools (Informatica, Azure API Gateway, Mulesoft etc)
Proficiency in database technologies (preferably Oracle), LDAP, Active Directory, and scripting languages such as SQL, Java, PowerShell, or Python.

Preferred:

Advanced hands-on experience with RSA Governance & Lifecycle.
Identity Access Management on Public Cloud such as AWS, GCP, Azure.
Network concepts and understanding of networking devices.

PERSONAL REQUIREMENTS

Excellent communication skills
Results driven, with a strong sense of accountability
A proactive, motivated approach.
The ability to operate with urgency and prioritise work accordingly
Strong decision-making skills, the ability to demonstrate sound judgement
A structured and logical approach to work
Strong problem-solving skills
A creative and innovative approach to work
Excellent interpersonal skills
The ability to manage large workloads and tight deadlines
Excellent attention to detail and accuracy
A calm approach, with the ability to perform well in a pressurised environment
Excellent Microsoft Office skills

Desirable

A proactive, motivated approach, self-managing.
Going above and beyond core duties of the role.

We are open to considering flexible working requests in line with organisational requirements.

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.

We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.