MUFG Union Bank Information Security Risk Analyst in Jersey City, New Jersey
Join a financial group that’s as committed to your future as you are. At MUFG, we share a vision for our future, we share our successes, and we strive to bring out the best in each other in everything we do. Our 14,000 diverse colleagues are connected by a common ambition to create change for the better—from forging more dynamic career paths, to driving progress in our communities, to continuously reshaping the standards of global financial services. Positive impact starts here; see the change you can make as we strive to become the world’s most trusted financial group/./
/ Job Summary: /
The Information Security Risk Analyst primary responsibilities of this position is to perform Security Risk Assessments of information systems as per bank’s methodology, problem reporting, tracking, and documenting resolutions.
/ Major Responsibilities: /
Conducting information security assessment of information systems as per our methodology
Interpret and apply IT controls in an enterprise environment
Identify, document and communicate key control deficiencies to stakeholders
Assisting stakeholders with recommendations to address key control deficiencies
Evaluating management responses to ensure remediation tasks adequately address identified gaps
Maintaining familiarity with industry trends and security best practices
Contributing to the teams’ continuous improvement efforts
Adhering to and complying with all applicable, federal and state laws, regulations and guidance, including those related to Anti-Money Laundering (e.g. Bank Secrecy Act, USA PATRIOT Act, et.) 2) Adhering to Bank policies and procedures 3) Completing required training
Validate evidence, before identified risks are closed
Escalate issues to management as needed
At least 2 to 5 years’ experience in risk assessment and information security practices
Experience with large complex financial institutions or another highly-regulated industry
Understanding of the compliance requirement framework such as GLBA, SOX, PCI, HIPAA etc.,
Background engaging with both internal and external audit functions
Ability to identify, interpret and apply IT controls in changing environments
Familiarity with one or more of the following areas is highly desirable:
o IP networks infrastructure (network topology, switches, routers, firewalls, intrusion detection / prevention)
o Windows Active Directory (policies, structure, elements)
o Databases (SQL, Oracle, DB2, monitoring tools)
o Standards / Frameworks (CoBIT 5, ITIL, ISO 15504, ISO 20000, ISO 27000, ISO 31000, ISO 38500, NIST series 800 guidance)
o Access control (Identity Access Management user access provisioning and recertification.
o Logging (System Event / Audit log collection)
o Data Encryption / Masking techniques (At-rest, in-transit, in-motion)
o Physical security principles
Critical thinking, analytical, and project management skills
Ability to interact and communicate effectively with leadership and staff across both business and technology functions
Strong oral and written communication, including the ability to write clear, concise, non-technical and persuasive risk evaluation reports
Bachelor's degree in Computer Science, Technology, or Related Fields.
Master’s Degree (preferred)
Other relevant professional certifications
Why Work for MUFG? *
We are a financially strong and stable bank.
We value workplace diversity.
We are committed to the training and development of our employees.
Innovative vacation benefits.
We offer a matching 401k, a Retirement Plan, and a variety of Flexible Health Benefits.
/ The above statements are intended to describe the general nature and level of work being performed. They are not intended to /
/ be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. /
T o learn more about MUFG, review all current career opportunities, and apply please visit us online: www.mufg-americas.com/careers
/ We are committed to leveraging the diverse backgrounds, perspectives and experiences of our workforce to create opportunities for our people and our business. Equal Opportunity Employer: Minority/Female/Disability/Veteran. /
Job: *Systems / Technology
Title: Information Security Risk Analyst
Location: NEW JERSEY-Jersey City
Requisition ID: 10010161-WD
Other Locations: ARIZONA-Tempe