MUFG Union Bank Information Risk Management - Process , Cyber Information Security - 3rd Party, Vice President in Jersey City, New Jersey
Join a financial group that’s as committed to your future as you are. At MUFG, we share a vision for our future, we share our successes, and we strive to bring out the best in each other in everything we do. Our 14,000 diverse colleagues are connected by a common ambition to create change for the better—from forging more dynamic career paths, to driving progress in our communities, to continuously reshaping the standards of global financial services. Positive impact starts here; see the change you can make as we strive to become the world’s most trusted financial group.
Reporting to the Information Risk Assessment - Process Director, the Cyber / Information Security - 3rd Party Vice President is responsible for identifying, assessing, and monitoring information technology and cyber risks associated with the use of 3rd parties. The Cyber / Information Security - 3rd Party Vice President is also responsible for defining controls testing processes for managing and assessing the technology and cyber risks associated with 3rd parties and for assessing compliance with IRM policies / standards / procedures related to processes, infrastructure, applications, and projects involving 3rd parties.
Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the technology and cyber risks associated with the use of 3rd parties
Assists in the development of the IRM risk controls inventory, specifically those that apply to 3rd parties
Assists in the development of IRM policies and standards, specifically those that apply to 3rd parties
Reviews and challenges first line information security assessments for new and existing 3rd parties
Performs independent information security risk assessments on both new and existing 3rd parties, as required
Executes sample based testing of 3rd party related information security risk controls
Establishes and maintains a centralized tracking of 3rd party related information security risk issues and remediation activities
Stakeholder management and working across various parts of the organization
Communicates information risk matters to senior management
Bachelor's Degree or equivalent work experience required
At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
5 years of related experience
Knowledge of information risk governance framework / policies / procedures / standards / controls, and mitigation strategies
Prior experience in conducting and managing 3rd party information security risk assessments
Knowledge of the financial services industry and its regulations / laws specifically pertaining to 3rd parties
Past experience of establishing and maintaining third party risk management practices is preferred
Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business
Understanding of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches
Knowledge of current industry trends in information risk management
Strong MS Office skills along with strong verbal and written communication skills
Able to collaborate well with internal and external stakeholders
Able to be a subject matter expert on review and challenge processes, information risk governance framework / policies / procedures / standards / controls, and mitigation strategies
We are committed to leveraging the diverse backgrounds, perspectives and experiences of our workforce to create opportunities for our people and our business. Equal Opportunity Employer Minority/Female/Disability/Veterans.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
Why Work for MUFG Corporation?
• We are a financially strong and stable bank.
• We value workplace diversity.
• We are committed to the training and development of our employees.
• Innovative vacation benefits
• We offer a matching 401k, a Retirement Plan, a variety of Flexible Health Benefits.
Job: *Risk & Compliance
Title: Information Risk Management - Process , Cyber Information Security - 3rd Party, Vice President
Location: NEW JERSEY-Jersey City
Requisition ID: 10009256-WD
Other Locations: NEW YORK-New York, CALIFORNIA-Monterey Park