Vice President, Secure By Design SME

Do you want your voice heard and your actions to count

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG) one of the worlds leading financial groups. Across the globe were 150000 colleagues striving to make a difference for every client organization and community we serve. We stand for our values building long-term relationships serving society and fostering shared and sustainable growth for a better world.

With a vision to be the worlds most trusted financial group its part of our culture to put people first listen to new and diverse ideas and collaborate toward greater innovation speed and agility. This means investing in talent technologies and tools that empower you to own your career.

Join MUFG where being inspired is expected and making a meaningful impact is rewarded.

MUFG (Mitsubishi UFJ Financial Group) is one of the worlds leading financial groups. Headquartered in Tokyo and with approximately 350 years of history MUFG is a global network with around 2300 offices in over 50 countries including the Americas Europe the Middle East and Africa Asia and Oceania and East Asia. The group has over 150000 employees offering services including commercial banking trust banking securities credit cards consumer finance asset management and leasing.

As one of the top financial groups globally with a vision to be the worlds most trusted we want to attract nurture and retain the most talented individuals in the market. The size and range of MUFGs global business creates opportunities for our employees to stretch themselves and reap the rewards whilst our common values to behave with integrity and responsibility and to build a culture which is fair transparent and honest underpin everything that we do. We aim to be the financial partner of choice for our clients whatever their requirements building long-term relationships serving society and fostering shared and sustainable growth for a better world.

Please visit our website for more information - .

IT Risk Security & Control department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection governance risk management and reporting. This includes promoting the global Information Security Standards and Procedures (ISSP) requirements and local security requirements.

The department deploys supports and monitors security solutions such as virus protection vulnerability management complianfce monitoring and threat/incident management activities to reduce risk.

MAIN PURPOSE OF THE ROLE

• To lead a team of Governance Risk and Control SMEs responsible for carrying out IT Security Assessments (Secure-by-Design) on technology projects.
• To ensure that all projects comply with IT security policies and requirements.

KEY RESPONSIBILITIES

In this role you will be responsible for managing the secure-by-design team activities across MUFGs banking arm and securities business under a dual-hat arrangement. Under this arrangement you will act and make decisions on behalf of both the bank and the securities business subject to the same remit and level of authority and irrespective of the entity which employs you. The responsibilities include but not limited to:

• Delivering on the secure-by-design process to help ensure that all relevant TEC projects undergo security review prior to implementation.
• Managing the team of GRC SMEs delivering on the Secure-by-Design activities: Outlining relevant KPIs and measuring the team against the KPIs
• Interviewing business and technology stakeholders responsible for controls (technical and non-technical)
• Reviewing the teams reports and conclusions and ensuring suitability of the relevant evidence required to demonstrate the operating effectiveness
• Developing a testing strategy for testing operating effectiveness of controls
• Arriving at informed conclusions regarding gaps in control operating effectiveness
• Documentation of risks gaps findings and recommended actions
• Managing your and the teams time to ensure testing is completed in a timely manner

WORK EXPERIENCE

Essential

• Experience in managing multiple tasks with broad scope ambiguity and high degree of difficulty
• Experience in providing assurance for cybersecurity technologies policies standards and procedures
• Demonstrable proficiency in a wide range of information IT security domains such as Security Governance Identity and Access Management Access Controls Threat Intelligence Asset Management Risk Management Security Assessment/Testing Security Incident Management and Vulnerability and Patch Management
• Understand global IT risk management structure
• Demonstrable experience of senior stakeholder management and relevant management reporting.
• Ability to coach team members through knowledge transfer and constructive feedback

SKILLS AND EXPERIENCE

Functional / Technical Competencies

Essential:

• Good understanding of cybersecurity/IT control frameworks including but not limited to frameworks from SOX FFIEC ISO27001 NIST Cloud Security Alliance and PCI-DSS
• Good managerial skills
• Experience of working as an IT auditor security auditor or governance risk and compliance analyst
• Proven understanding of current best practice approach to security assurance and the application of security frameworks
• Planning and prioritizing multiple project work streams in response to rapidly developing and changing portfolios.
• Broad knowledge of computer networking and IT security systems including operating systems databases firewalls SIEM DLP etc.
• Good presentation documentation and reporting skills

Preferred:

• Experience in project management
• Experience in providing assurance for cybersecurity technologies policies standards and procedures
• Ability to maintain a working knowledge of cybersecurity principles and elements
• Understand global IT risk management structure
• Demonstrable experience of senior stakeholder management and relevant management reporting.

Education / Qualifications:

Essential

• Degree educated and / or equivalent experience.

Preferred:

• Relevant certifications (e.g. CISA CRISC CISM CISSP.)

PERSONAL REQUIREMENTS

• Personal alignment to MUFG Values
  • Integrity & Responsibility
  • Professionalism & Teamwork
  • Challenge ourselves to grow
• Personal alignment to EMEA Cultural Principles
  • Client Centric
  • People Focused
  • Listen Up Speak Up
  • Innovate & Simplify
  • Own & Execute

In addition:

• Excellent communication skills
• Results driven with a strong sense of accountability
• A proactive motivated approach.
• The ability to operate with urgency and prioritize work accordingly
• Strong decision making skills the ability to demonstrate sound judgement
• A structured and logical approach to work
• Strong problem solving skills
• A creative and innovative approach to work
• Excellent interpersonal skills
• The ability to manage large workloads and tight deadlines
• Excellent attention to detail and accuracy
• A calm approach with the ability to perform well in a pressurized environment
• Strong numerical skills
• Excellent Microsoft Office skills
• A confident approach with the ability to provide clear direction to your team
• Excellent managerial/leadership experience
• The ability to lead a high performing team
• A strategic approach with the ability to lead and motivate your team

We are open to considering flexible working requests in line with organisational requirements.

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued respected and their opinions count. We support the principles of equality diversity and inclusion in recruitment and employment and oppose all forms of discrimination on the grounds of age sex gender sexual orientation disability pregnancy and maternity race gender reassignment religion or belief and marriage or civil partnership.

We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.