IT Control Officer, Assistant Vice-President (MUSA)Apply Now
- Requisition # 35215
- Job Type Day
- Location New York, NEW YORK
- Date Posted 09/02/2020
Your potential. Your opportunity.
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2020).In the Americas, we’re 13,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, developing positive relationships built on integrity and respect. It’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. We’re a team that accepts responsibility for the future by asking the tough questions and owning the solutions. Join MUFG and be empowered to make your voice heard and your actions count.
Mitsubishi UFJ Securities Holdings Co., Ltd. is a wholly-owned subsidiary of MUFG. The company conducts securities business in Japan through its domestic subsidiary Mitsubishi UFJ Morgan Stanley Securities Co., Ltd. and internationally through its overseas subsidiaries Mitsubishi UFJ Securities International PLC, Mitsubishi UFJ Securities (USA) Inc., Mitsubishi UFJ Securities (Hong Kong), Ltd. and Mitsubishi UFJ Securities (Singapore), Ltd. Through these subsidiaries, the company provides financial products and integrated advice to both its own clients and those of the MUFG Group.
Mitsubishi UFJ Securities (MUSA) provides investment banking and brokerage products and services to institutional clients throughout the Americas. MUSA, is headquartered in New York and is active throughout the international capital markets, focusing on fixed income, debt, equity, derivatives and structured products.
The incumbent must have an in-depth understanding of IT risk and governance frameworks and best practices.
Perform independent risk-based assessment and testing of key information risk-related controls, including documenting and reviewing the design of controls, reviewing the effectiveness and results of testing, and conducting sample-based testing of control effectiveness based on testing methodologies.
Develop test scripts and cases for controls testing, and prepare detailed workpapers in OpenPages.
Report on testing activities, including descriptions of goals, planning, scheduling, execution, results, analysis, conclusions, and recommendations.
Work with the IT process owners to identify and document remediation plans to address control gaps (i.e. design of controls vs. operating effectiveness).
Draft, prepare and submit RCSA findings and present them to senior management.
Act as an IT subject matter expert to ensure alignment with best practices.
Collaborate with internal and external stakeholders by sharing expertise and providing accurate and timely information.
Promote ongoing security and integrity within the company.
Liaise with Technology and Business teams as necessary to ensure MUSA process and programs meet CUSO policies and standards.
The successful candidate should have the following qualifications:
Bachelor of Computer Science or Management of Information Services degree from accredited college or university, or equivalent work experience.
5+ years professional work experience as an IT Risk / IT Audit.
Technical knowledge of Operating Systems, Database Management Systems, and Networks.
Strong working knowledge of FFIEC, SOX, or other US regulatory guidance and requirements.
Familiarity with best practices and standards, such as NIST Cybersecurity Framework, FFEIC Handbooks, ISO27001:2013, ISO22301:2012, NFPA 1600, NIST 800-53, and NIST 800-61.
Strong organizational skills, excellent interpersonal skills, team player, and ability to clearly document risk and controls.
Motivated self-starter with ability to work independently, adapt to changing priorities, handle multiple assignments and adhere to strict guidelines.
Strong analytical acumen and logical thought process required.
Communicates clearly and succinctly whether in oral or written form; effectively communicates in a variety of settings (formal and informal); attentive and active listener; straightforward and composed.
Working knowledge of Microsoft Office including PowerPoint, Word, Excel, and Access.
Experience with customizing SharePoint, Jira, Confluence, OpenPages and Archer are a plus.
Industry certification in one of the following: CISA, CISM, CRISC, CISSP or equivalent.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it’s the bank’s policy to only inquire into a candidate’s criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.