CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
Job Purpose The job is a critical and influential one, especially in an environment as MBE which relies partially on manual processes and where multiple core systems are serviced by the parent company. The primary purpose is to ensure that relevant IT risks are consistently identified, assessed and managed across the organization and in compliance with both internal and external (regulatory) rules, policies and guidelines. The IT Risk Officer provides expertise on all aspects of the Bank's overall Information Technology Risk Management framework. Function positioning IT Risk within the Bank is defined as the risk of loss and related risk, arising from destruction, suspension, malfunction, misuse of IT, or unauthorized alteration and leakage of electronic data, which are caused by inability of system planning, development and operation, threats and vulnerabilities to IT security including cybersecurity, or external factors, such as disasters. This second line of defense function forms part of the Operational Risk Management which is responsible for:
Identification, measurement, assessment and mitigation of risks.
Support and advice in design and deployment of the overall risk management framework, including risk strategy, policies, appetite and tolerance.
Risk monitoring, control and reporting.
Challenge and escalation of risk and/or control issues to Management.
The Associate Vice President IT Risk has a direct reporting line to the Director Operational Risk and strong alignment with Vice President, IT Risk Manager.
Provide expert advice and guidance to the business units to ensure identification, measurement, assessment and consistent management of all IT risks.
Suporting to maintain IT Risk Library (Events, Scenarios and Control objectives) which is being designed based on COBIT/FFIEC*.
Monitor adherence to MUFG's framework of rules and policies as well as local laws and regulations and ensure embedding of risk management principles and practices in the Bank's daily business operations.
Support and perform KRI Monitoring, System Risk Assessments and Scenario-based Risk Assessments.
Escalation of (potential) risk events and regulatory breaches in accordance with the Bank's risk governance framework.
Cooperation with Compliance regarding country-specific legal and regulatory requirements relating to IT Risk Management.
Contribute to increased risk awareness in the organisation by providing appropriate training.
Supporting the IRM to prepare IT Risk Management Information reports comprising the Bank's risk exposures and control performance.
Documentation of relevant policies and procedures.
Support and participate in required projects or initiatives in facilitating the identification and evaluation of risks and controls, providing expertise and recommending proportional cost effective and efficient solutions.
Contribute to IT Disaster Recovery Plan, Business Continuity, Identity & Access Management (Role Based Access Control), New Product Approval and other Risk Management Division team's workload.
Supporting to implement and improve controls regarding MBE Identity & Access Management (Role Based Access Control) process.
Being critical and promote changes to systems, processes and working practices in order to achieve operational improvement.
Being able to develop and maintain relationships with in relevant areas of MUFG.
*) COBIT: Control Objectives for Information and Related Technology FFIEC: Federal Financial Institutions Examination Council Consultation and others Support in internal and/or external consultation platforms (either on an ad hoc or permanent basis) regarding Operational & IT Risk Management:
RMC (Risk Management Committee)
OISRC (Operational and IT Security Risk Committee)
IOCC (IT & Operation Control Committee)
BCC (Business Continuity Committee)
Close cooperation with the Information Security Manager (being liaison to Local Management and Head Office Tokyo). Competencies
Integrity and Responsibility:
Balance Risk with Opportunity
Deliver Extraordinary Customer Experiences
Demonstrate Global Perspective
Professionalism and Teamwork:
Drive for Results
Collaborate and Build Partnerships
Communicate Effectively and Professionally
Challenge Ourselves To Grow:
Influence and Inspire Others
Lead Change & Seek Continuous Improvement
Education, Knowledge and Skills
The function requires comprehensive knowledge at preferably Graduate level and wide practical experience across IT Risk and Quality Management, supporting, performing and/or organising IT Risk assessments, IT Controls, (ITGC's, SOX control testing), IT Risk frameworks (COBIT/FFIEC).
The Associate Vice President IT Risk should have finalized and if not the case, should take in agreement with the bank the necessary steps to continue his/her education in the field of IT Risk Management.
Knowledge of key relevant legal, regulatory and statutory requirements, technical interpretation and the ability to provide advice thereon.
Comprehensive understanding of MUFG's overall strategy and goals, risk profile, policies and culture together with a detailed knowledge of the policies, operations, systems and key strategies in own business unit.
An up-to-date understanding, of the wider financial services industry, IT industry, regulatory changes (e.g. ECB, EBA, DNB) and pertinent economic and political factors which may impact on MUFG's business and overall aims.
Maintains close contact with external organisations/professionals for exchange of information, developments and the sharing of best practice.
Can do, flexible attitude.
Verbal and written communication skills in Dutch and English are essential.
Strong business acumen, communication skills, networking and influencing skills.
Problem solving skills.
Understanding and feel of the applicable regulatory requirements.
Internal Number: 5878880
eFinancialCareers is a career site specializing in financial services.