Tech Control Officer, AVP

Company: MUFG
Location: Tempe
Posted on: September 17, 2023

Job Description:

Do you want your voice heard and your actions to count?Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we're 160,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.This is a hybrid position. The selected colleague will work at an MUFG office or client sites up to four days per week and work remotely the remaining day(s). A member of our Talent Acquisition team will provide more details.In this role you will focus on internal and external compliance requirements, activities, and deliverables to ensure that Operations & Technology meets regulatory and audit milestones. Responsibilities include collaborating with Operations & Technology colleagues to prepare or review content prior to submission and manage follow-up actions; tracking, escalating, and/or remediating risks and issues; and contributing to executive-level reporting.A member of the Operations and Technology for the Americas (OTA) Risk & Controls Office (RCO), this role is a key member of a first line risk and controls team aligned to a specific OTA technology business. This individual works with other team members to partner with technology teams to drive effective risk and control management. The teams are responsible for assessing the technology risk and control environment, identifying improvement opportunities, reporting and monitoring key risk metrics and providing governance with respect to all risk and control matters.RESPONSIBILITIESEvaluate and benchmark technology process execution against outstanding standards. (COBIT, NIST 800-53, FFIEC etc.)Support the execution of front line controls self-assurance and risk assessment activities (ad hoc controls review, business process management (BPM), risk and control self-assessments (RCSA and independent risk and audit activities as neededContribute to controls design and efficiency to technology partners in support their commitments to align with all applicable laws, regulations, and internal policies and proceduresImplement remediation plans that adhere to issues management mandates: timely issue and corrective action submission, accurate root cause identification, corrective action monitoring, on time closure, no failed validations, and no repeat issueMonitor and document emerging risk, internal operational trends, and external risk events for potential impact to control environmentContribute to risk analysis and risk mitigation recommendationsSupport technology risk governance by ensuring our control environment performance is reported in a timely mannerSupport the preparation of risk and controls governance materials as neededFacilitate and provide oversight of the issue management lifecycle, challenging the quality of new issues and performing validation activities on issues ready for closureSupport high priority technology related regulatory initiatives and remediation activitiesOversee and challenge technology metrics and reportingServe as a risk escalation point, to raise material concerns to the appropriate partiesExamine trends, develop insights, and collaborate on solutions to sustain and strengthen the control environmentMonitor and assess the implementation of internal controls, industry standards, policies and/or procedures, including the assessment, reporting, management, and mitigation of risk across the legacy, cloud, and third-party hosted technology environmentsAssist in execution of Risk and Control Self Assessments (RCSAs)Participate in design of control testing and risk monitoring programParticipate in risk and control-related projects and initiatives focused on process enhancements, control assessment, and deep dives with various functional and business partnersPartner with the business to facilitate remediation of regulatory, audit, and self-identified risk and control issuesEngage with multiple stakeholders and collaborate with key business partners, risk management, and internal auditExecute RCSA activities for IAM and Cloud owned processesAlign to specific technology risk controls or business functions, as applicable, as well as identifying potential risks and developing protocols and controls to reduce or manage those risksQUALIFICATIONSDegree in information systems, computer science, or related field, or in business or finance with coursework or working experience in areas of risk and/or data analytics.Preferred: Professional certifications such as Certified Information System Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified in the Governance of Enterprise Information Technology (CGEIT), Control Objectives for Information and Related Technology (COBIT), etc5-6 years experience in a risk & control or audit function, and compliance.5+ years of experience preferably in a financial institution or other highly regulated environment in technology infrastructure, technology risk management role or equivalent or related field.Demonstrable experience with and knowledge of regulations applicable to the banking and finance industry preferredKnowledge and implementation experience with industry best practices and frameworks such as: Committee of Sponsoring Organizations of the Treadway Commission (COSO), COBIT, National Institute of Standards and Technology (NIST)-800-53, Cybersecurity Horizontal Reviews, and ITIL in complex environmentFamiliarity with U.S. regulatory, compliance, and governance with a focus on banking and financial institution regulationsUnderstanding of risk management, including experience executing risk assessments, testing and evaluating processes and controlsExperience with executing technology and or information security risk assessment/testing methodologies evaluating the adequacy and efficiency of internal controls; and identifying issues resulting from internal and or external compliance examinations.Experience in auditing Identity and Access Management, Privileged Access, and AWS Cloud environment controlsExcellent communication, presentation, and influencing skills and ability to manage stakeholders across multiple disciplines.Excellent analytical, organizational, and conceptual skills.Strong work ethic, ability to make decisions and work under tight deadlines; achievement-oriented and takes initiative.Strong project management skills; includes an ability to independently drive work, and pragmatically solve problems.The typical base pay range for this role is between $100K - $125K depending on job-related knowledge, skills, experience and location. This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation. Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays.The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status of an individual or that individual's associates or relatives that is protected under applicable federal, state, or local law.

Keywords: MUFG, Tempe , Tech Control Officer, AVP, Accounting, Auditing , Tempe, Arizona