Receive alerts when this company posts new jobs.
Information Risk Management - Infrastructure - Vice President
at MUFG Americas
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world with total assets of over $2.4 trillion (as ranked by SNL Financial, April 2016) and 140,000 colleagues in nearly 50 countries. In the U.S., we're 13,000 strong, working together to positively impact every customer, organization, and community we serve. We achieve this by delivering on our values, putting people first, fostering long-term relationships built on honesty and mutual understanding, and inspiring the best in each other. This is all part of our inclusive, high-performing culture supported by Total Rewards that include our cash balance pension plan. Join a team that's working to fulfill its vision to be the world's most trusted financial group.
Reporting to the Information Risk Assessment - Infrastructure Director, the Infrastructure - General Technology Vice President is responsible for identifying, assessing, and monitoring information risk associated with technology infrastructure and assessing compliance with policy / standard / procedure related to technology infrastructure.
- Assesses compliance to policy / standard / procedure related to technology infrastructure
- Supports controls design and testing processes for information risks associated with technology infrastructure
- Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the risk associated with technology infrastructure
- Performs independent review and challenge of the front line unit risk assessments on technology infrastructure
- Maintains oversight of the front line unit remediation efforts for risk exposures, gaps, and deficiencies on technology infrastructure
- Conducts risk and threat assessments on technology infrastructure
- Performs independent review and challenge of front line unit RCSA outputs for technology infrastructure
- Stakeholder management and working across various parts of the organization
- Communicates information risk matters to senior management
- At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
- Subject matter expertise in conducting and designing risk assessments for technology infrastructure
- Prior experience of management of technology infrastructure is preferred
- Prior experience with server builds/support, networking and internet protection
- Experienced with vulnerability scanning and penetration testing tools and technologies
- Understanding of ITIL Service Management processes
- Knowledge of the financial services industry and its regulations / laws
- Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business
- Understanding of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
- Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches
- Knowledge of current industry trends in information risk management
- Knowledge of Amazon Web Services (AWS) and/or Office 365 nice to have
- Able to collaborate well with internal and external stakeholders
- Able to be a subject matter expert on assessing general technology processes relating to infrastructure
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.