MUFG Global Service
Manager- IT Risk
Job Location
bangalore, India
Job Description
About the Role: Position Title: IT Risk Manager . Corporate Title: Manager Reporting to: Asia Risk Management Office Regional Vice President and Assistant Vice President Location: Bengaluru Job Profile: Position details: Monitor and analyze key risk/other indicator, Self Identified Issue, etc the IT, Cyber risk status based on quantitative data Monitor/Observe 1st Line management meeting and conduct Review and Challenge Regulatory guideline analysis and providing the 2nd Line opinion/response Review and challenge 1st Line branch IT RCSA and control testing output Global Cyber trend input and awareness insight share Roles and Responsibilities : IT Risk (Senior Analyst Level example): Job responsibilities include but not limited to: Under supervision and guidance from regional technology risk team, Manage branch technology risk management by running branch local Global KRI, SII analysis and response, monitor/observe 1LoD management meeting and conduct review and challenge, regulatory guideline analysis and providing the 2LoD opinion/response, branch IT Risk Control Self Assessment, etc. in collaboration with branch local risk team to ensure timely and effective assessment, monitoring, escalation of technology risk. Providing Subject matter Expertise from the second line in the principles, processes and technical aspects of domains related to Cyber and IT Security in above mentioned field and others. Working in close partnership with Regional Asia Risk Management Office and Systems Office for Asia (ASO First Line), Internal Audit Office for Asia (AIAO), various APAC branches to manage technology risk initiatives in accordance with regulatory requirements, MUFG internal policies, and industry best practices. Manage regional Technology risk projects and specified BAU Second Line for Technology Risk Management will include but not limited to: Branch Technology Risk Governance, Oversight and Support Develop, review and maintain the branch Technology Risk Management above mentioned activities, processes and methodologies in line with regulatory requirements, MUFG policies, and industry best practices Perform thematic and targeted assurance reviews for prioritised areas, effectively articulate key risks/gaps, and guide first line to establish improvement plans to address the gaps In-depth and constructive collaboration with branches non-technology Risk Management Division to lift the branch technology risk management activity and to enable them to manage technology risk in a standardized and systematic manner Branch Risk Management and Audit Review and provide effective challenge to security risk assessments performed by the first line through committee meetings Provide guidance on IT risk regulations, risk assessments and industry best practices to regional and local first and second line so that they can focus their resources on key or high priority IT risk activities Monitor and report key risk indicators and prepare risk reports and dashboards to the management and risk committees on operational risk oversight Open issue management for Technology Risk Management to branches for regulatory and audit issues Manage audit end to end through collaboration with all relevant parties including APAC Regional Office, regulators, internal/external auditors and subject matter experts Work in partnership with head office, regional offices and branches to explore tools to automate and facilitate review and tracking of IT self-assessments, risk assessments, risk exceptions and acceptances General Execute necessary training on policies and standards to develop an effective risk culture for Technology Risk management Provide advisory for technology compliance and risk management activities Manage efforts on increasing IT risk awareness in the Bank to strengthen our first line Act as required based on any other instructions from the regional technology risk team lead Job Requirements: Strong understanding of IT governance, risk and cyber security concepts with minimum 8 years of relevant experience. Experience in Financial service would be preferred. Thorough understanding and implementation experience with IT risk and cyber security industry best practices and frameworks, as well as regulatory requirements and guidelines in Asia Well experienced in executing technology and /or security risk assessment and testing methodologies evaluating the adequacy and efficiency of security controls, and identifying issues resulting from internal and or external compliance reviews Well experienced in creation and review of work papers to document testing and/or issue closure for technology issue management including management of regulatory matters Well experienced with automating and or the ability to conceptualising automated control solutions is highly desired Well experienced with IT and cyber security risk metrics definition and reporting, scorecard development utilising key risk metrics tools Ability to Manage and work effectively in a team environment, and takes initiatives to collaborate and challenge status quo, and adaptable to embrace new changes Strong stakeholder communication, interpersonal and analytical skills attributes Self-motivated, able to Manage members and work independently and source for information, systematically evaluate options and recommend solutions Education, Professional Qualifications and Experience: Degree in Information Security, Computer Engineering, Information Systems, Computer Science or equivalent One or more professional certifications related to IT risk and cyber security such as CISSP, CRISC, CISA, CISM, ISO/IEC 27000 series, COBIT, ITIL, etc. will be advantageous IT professional with at least 8 years of relevant experience in cyber security, technology risk management, IT audit and/or related areas, within the Banking and Finance industry
Location: bangalore, IN
Posted Date: 11/23/2024
Location: bangalore, IN
Posted Date: 11/23/2024
Contact Information
Contact | Human Resources MUFG Global Service |
---|