Risk Assessment Support, Associate

Mufg Tempe , AZ 85280

Posted 6 months ago

Discover your opportunity with Mitsubishi UFJ Financial Group, Inc. (MUFG), one of the world's largest financial groups, with total assets of approximately $2.8 trillion (as of December 2017) and about 150,000 colleagues in more than 50 countries. In the U.S., we're more than 14,000 strong, working together to positively impact every customer, organization, and community we serve. We achieve this by delivering on our values, putting people first, fostering long-term relationships built on honesty and mutual understanding, and inspiring the best in each other. This is all part of our inclusive, high-performing culture supported by Total Rewards that include our cash balance pension plan. Join a team that's working to fulfill its vision to be the world's most trusted financial group.

Job Summary:

The Associate/AVP, Risk Assessment Support reports to the Head of Information Risk Due Diligence and is responsible for supporting various risk assessment planning, execution and reporting activities. You will demonstrate a background in Information Security and technology processes to effectively perform Review and Challenge of First Line of Defense activities.

Major Responsibilities:

  • You independently conduct or support information risk assessments of technology projects/initiatives from Second Line of Defense perspective

  • You conduct and/or support Review and Challenge of RCSAs

  • You support the team in building and maintaining related reports, templates and documentation

  • You work closely with partners from within IRA and other business units to effectively plan, execute and report on Information Risk Assessments as a Second Line of Defense SME

  • You review & challenge related First Line of Defense assessments in information risk domain

  • You provide hands-on support for SharePoint solution and to some level for GRC tools (Archer/OpenPages)

  • You handle related activities across team(s) and act as a single point of contact for assigned activities

  • You contribute ideas and effort to mature current services

  • You lead stakeholder partnerships and oversee across various parts of the organization

  • You communicate information risk matters to management

  • Bachelor's Degree required

  • 5 years related experience in leading/supporting information risk assessments

  • 1 or more certifications - PMP, CISSP, CISM, CISA, CRISC, CGEIT preferred, but not required

  • Strong background required in performing risk assessments for major projects/initiatives

  • Strong background required in technology architecture and information security domains

  • Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business

  • Understanding of respective industry standard methodologies (e.g., NIST, ISO, COBIT, OWASP, ITIL)

  • Shown functional knowledge of information risk management technology, specifically GRC tools such as Archer, Open Pages

  • Knowledge of the financial services industry and its regulations / laws

  • Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches

  • Knowledge of current industry trends in information risk management

  • Able to adjust with changing priorities and handle internal and external partner expectations

  • Able to use appropriate judgement in promptly bringing up matters to management as needed

  • Strong attention to detail and focus

  • Strong MS Office skills (specifically Excel, Word and PowerPoint Programs) along with strong verbal and written communication skills

The above statements are intended to describe the general nature and level of the work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.

We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Vendor Risk Assessment Analyst Assistant Vice President

Union Bank, N.A.

Posted 1 week ago

VIEW JOBS 10/2/2019 12:00:00 AM 2019-12-31T00:00 Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2018) with total assets of over $2.9 trillion (106.2 (JPY) as of March 30, 2018) and 150,000 colleagues in more than 50 countries. In the U.S., we're 13,000 strong, working together to positively impact every customer, organization, and community we serve. We achieve this by delivering on our values, putting people first, fostering long-term relationships built on honesty and mutual understanding, and inspiring the best in each other. This is all part of our inclusive, high-performing culture supported by Total Rewards that include our cash balance pension plan. Join a team that's working to fulfill its vision to be the world's most trusted financial group. Major Responsibilities: * Experience performing information security assessments; provide information security guidance to business stakeholders; interpreting and applying information security policy and standards * Experience working with the SIG (Standard Information Gathering) questionnaire, SOC2 reports, Penetration Test results, PCI (Payment Card Industry) reports as well as other Information Security documentation. * Coordinate with stakeholders to initiate, scope and plan controls assessments of new and existing vendor engagements. * Perform Information Security remote/table-top assessments. * Perform Information Security onsite assessments at vendor locations when required * Assess completed questionnaire and supporting documentation to validate vendor appropriate implementation of information security controls; analyze the information to identify information security weaknesses or non-compliance with MUFG and industry standards. * Produce detailed documentation of assessments and perform threat analysis of gaps identified. * Communicate vendor information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks. * Validate evidence from vendors, before Remediation Plans are closed. * Escalate issues associated with vendors as needed to management. * Knowledge of NIST 800-53 Controls Union Bank, N.A. Tempe AZ

Risk Assessment Support, Associate

Mufg