Access Management Engineer, Assistant Vice President (MUSA)Apply Now
- Requisition # 35218
- Job Type Day
- Location New York, NEW YORK
- Date Posted 09/11/2020
Your potential. Your opportunity.
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2020).In the Americas, we’re 13,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, developing positive relationships built on integrity and respect. It’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. We’re a team that accepts responsibility for the future by asking the tough questions and owning the solutions. Join MUFG and be empowered to make your voice heard and your actions count.
Mitsubishi UFJ Securities Holdings Co., Ltd. is a wholly-owned subsidiary of MUFG. The company conducts securities business in Japan through its domestic subsidiary Mitsubishi UFJ Morgan Stanley Securities Co., Ltd. and internationally through its overseas subsidiaries Mitsubishi UFJ Securities International PLC, Mitsubishi UFJ Securities (USA) Inc., Mitsubishi UFJ Securities (Hong Kong), Ltd. and Mitsubishi UFJ Securities (Singapore), Ltd. Through these subsidiaries, the company provides financial products and integrated advice to both its own clients and those of the MUFG Group.
Mitsubishi UFJ Securities (MUSA) provides investment banking and brokerage products and services to institutional clients throughout the Americas. MUSA, is headquartered in New York and is active throughout the international capital markets, focusing on fixed income, debt, equity, derivatives and structured products.
Job Summary/Major Responsibilities:
As a Security engineer focused on access management, you will be responsible to understand how access control lifecycle works within the firm and how access reviews and recertifications are performed.
Work with application and system teams to understand access control structure consisting of regular and privileged users and advise on Access control guidelines derived from IRM standards and implement to ensure there are no control gaps within the environment.
Security Administration – perform access management support tasks including review and collection of re-certification documentation, daily validation tasks, fulfilling Audit & Compliance information requests.
Responsible and accountable for ensuring monthly access management key metrics are measured and reported accurately.
Operationalize access key metrics and improve its performance in co-ordination with key stakeholders.
Participate in access management RCSA process by FLOD, challenge and response by SLOD and audits by TLOD.
Serve as primary contact to Information Security and Risk related to IAM efforts and compliance, and as a recognized subject matter expert in the area of identity and access management.
Partner with local and international technology teams.
Strong knowledge in user provisioning, directory services, authentication, authorization, public key infrastructure, and identity federation.
Involved in new implementations and determining access control requirements as part of application security framework.
Manage and maintain advisory documentation around access management process areas.
Ensure documentation associated with control activities are up to date, including process flow diagrams and procedure documentations.
Total 7 + years in experience in access management and application security.
Experience in Information Security (primarily With Access management and concept of Application security).
Experience working with Access management tools and reporting (Aveksa products, CyberArk PAM and others.
Experience creating Visio diagrams and managing documentation with process flows
Excellent written and verbal communication skills and interpersonal skills to develop business partner relationship.
Excellent attention to detail and follow-up.
Ability to organize and prioritize ongoing efforts associated with other process areas within Engineering team.
- Ability to work remotely as required.
Proficiency with the following toolsets:
- CyberArk Privileged Access Management.
- RSA My Access Live.
Network and web-related protocol knowledge (TCP/IP, IPSEC, HTTP/S, routing protocols).
B.S or advanced degree in Computer Science, Computer Engineering.
Familiarity with implementing the NIST Risk Management Framework and SP800-53 along with BSIMM.
Certifications: CISSP. IAM based tool certifications.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it’s the bank’s policy to only inquire into a candidate’s criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.