Vice President, IT Risk Management Lead

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we’re 160,000 colleagues, striving to make a difference for every client, organization, and community we serve.

We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility.

This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

About the role :

The IT Risk Management Department Lead for Australia & New Zealand is responsible for identifying, assessing, and managing the IT information risks faced by the organisation.

This role is pivotal in protecting the company from potential threats and uncertainties related to information security.

The role will partner with the Asia Systems Office Oceania (ASOO) management and regional Asia Systems Office (ASO) leadership to lead the local IRMD (IT Risk Management Department) team and act as the Technology Information Security Officer (TISO) for Oceania.

What you’ll be doing :

Identify, assess, and prioritise potential IT risks to the organisation.

Support the development, review and implementation of appropriate IT risk management strategies and processes, in conjunction with the regional IRMD teams.

Own the development, alignment and integration of the local IT Information Security Risk Management Framework, Risk Appetite Statements, and Risk Policies.

Work with internal and external audit teams to ensure controls remain effective, and to drive closure of any findings that may eventuate.

Ensure appropriate RCSA (Risk Control Self-Assessment) processes are in place, that they are appropriate, and that they are actioned accordingly.

Communicate, enforce and oversee compliance to IT related policies, standards and processes across the organisation.

Ensure compliance with laws and regulations related to IT and keep the region up to date with local Oceania regulatory developments / requirements including but not limited to CPS234.

Work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.

Provide regular profiling and reporting on IT risks, issues, and controls to the Oceania business stakeholders and regional IT leaders.

Develop and maintain relationships with key business units within the organisation and key external stakeholders.

Own and drive the Access Control team in Oceania as part of the regional function team.

Be the representative for the regional IRMD team locally in Oceania.

Increase the awareness and importance of IT Risk across the region through effective communication and appropriate education strategies.

What we are looking for :

You’ll have extensive experience in information risk management within the banking industry, with knowledge and exposure to local regulatory authorities, such as APRA, ASIC, RBNZ etc.

You’ll also have experience at implementing technology controls and standards to adhere to regulatory requirements such as CPS234 and others.

Strong understanding of IT Governance, Risk & Compliance principles, IT Controls, and Cyber Security related risks is essential.

Skills required :

Strong analytical and decision-making abilities

Excellent communication skills, with the ability to work with teams across different geographical locations

Self-motivated and independent, with the ability to clearly challenge process and decisions, as well as to set new standards to ensure best practices are always followed

Highly motivated and a willingness to get involved

You’ll likely have a Bachelor’s degree in Computer Science, Information Technology or a related field (or equivalent experience), and preferably a Certified Information Systems Security Professional (CISSP), or Certified Information Systems Auditor (CISA) or Certified Information Systems Manager (CISM).

MUFG Bank Ltd & MUFG Securities Asia Limited (collectively referred to as MUFG ) is an equal opportunity employer. We view our employees as our key assets as they are fundamental to our long-term growth and success.

MUFG is committed to hiring based on merit and organsational fit, regardless of race, religion or gender.