Vice President, Technology Process Assessment / Control Testing

Company: MUFG
Location: Kannapolis
Posted on: January 15, 2021

Job Description:

Do you want your voice heard and your actions to count?Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2020).In the Americas, we're 13,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, developing positive relationships built on integrity and respect. It's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. We're a team that accepts responsibility for the future by asking the tough questions and owning the solutions. Join MUFG and be empowered to make your voice heard and your actions count.Job SummaryReporting to the Information Risk Assessment - Process Director, the QA and Testing Vice President is responsible for testing the design and operating effectiveness of information risk controls, particularly relating to issue remediation efforts. The QA and Testing Vice President is also responsible for review and challenge of first line control testing and performing quality assurance of 2nd line risk assessments executed by the Process Information Risk Assessment team.Major ResponsibilitiesSpecifically :- Assists with design and operates the assessment QA process for Process Team assessment activities- Plans and performs control testing processes for critical IT controls on core Information Security, Cyber and Technology processes and programs- Performs independent review, challenge and testing of control remediation action plans and remediation activities- Prepares workpapers, maintains artifact repositories, and prepares reports for management consumption relating to assessment and QA activities- Performs independent review and challenge of first line Risk and Control Self-Assessments- Reviews and challenges the design of first line controls relating to core Security, Cyber and Technology processesGenerally :- Stakeholder management and working across various parts of the organization, including technology and audit business units- Communicates information risk matters to senior management"QualificationsEducation :Bachelor"s Degree or equivalent work experience requiredCertifications :At least one IT audit and/or security certification is preferred, such as Certified Information Systems Auditor (CISA), Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC).Experience :5 + years of related experience, preferably in IT Audit and/or RCSA related to Information Risk domainsKnowledge :- Experience of performing QA reviews on risk related content e.g. audit workpapers, RCSA documentation- Strong skills related to designing and executing control testing, as well as documentation and communication of results- Knowledge of information risk governance framework / policies / procedures / standards / controls, and mitigation strategies- Knowledge of the financial services industry and its regulations / laws, including experience with regulatory commitment remediation- Understanding of respective industry best practices / frameworks (e.g., NIST, ISO, COBIT, OWASP, ITIL)- Knowledge of current industry trends in information risk management and risk assessment"Skills :Strong MS Office skills along with strong verbal and written communication skillsAbilities :- Able to collaborate well and clearly communicate with internal and external stakeholders, including peers as part of QA process results reporting- Able to be a subject matter expert on review and challenge processes, information risk governance framework / policies / procedures / standards / controls, and mitigation strategies"The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it"s the bank"s policy to only inquire into a candidate"s criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.About MUFG

Keywords: MUFG, Kannapolis , Vice President, Technology Process Assessment / Control Testing, Executive , Kannapolis, North Carolina