MUFG Union Bank Sr. Vendor Risk Analyst - Remote Assessments, Assistant Vice President in Jersey City, New Jersey
Join a financial group that’s as committed to your future as you are. At MUFG, we share a vision for our future, we share our successes, and we strive to bring out the best in each other in everything we do. Our 14,000 diverse colleagues are connected by a common ambition to create change for the better—from forging more dynamic career paths, to driving progress in our communities, to continuously reshaping the standards of global financial services. Positive impact starts here; see the change you can make as we strive to become the world’s most trusted financial group.
• Coordinate with stakeholders to initiate, scope and plan controls assessments of new and existing vendor engagements.
• Perform Information Security remote/table-top assessments.
• Perform Information Security onsite assessments at vendor locations when required
• Assess completed questionnaire and supporting documentation to validate vendor appropriate implementation of information security controls; analyze the information to identify information security weaknesses or non-compliance with MUFG and industry standards.
• Produce detailed documentation of assessments and perform threat analysis of gaps identified.
• Communicate vendor information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.
• Validate evidence from vendors, before Remediation Plans are closed.
• Escalate issues associated with vendors as needed to management.
Demonstrate in-depth knowledge of concepts, best practices and controls in a breadth of information security areas/domains; these information security areas include risk management, access control, cryptography, physical security, security architecture and design, network security, application & operations security and compliance/incident management.
• Strong technical and/or IT audit background and practical knowledge of a wide variety of technologies which include server infrastructure & operating systems, network & web infrastructures, database architecture and intrusion detection/prevention systems.
• Proficient working knowledge within the following risk domains/technologies: Database and application security, IDS/IPS technologies, System/Access Administration, Firewall technologies, Network Architecture, Security Event Logging & Monitoring , Key Management/Tokenization, Database/Application/Network Layer Secure Protocols, Physical and Environmental Security, Secure Software/Code Development, Change Management, Vulnerability Management.
• Self-starter with the ability to manage and prioritize responsibilities through the effective use of time management techniques.
• Team player with proven skills in influencing people without having direct management authority and motivating them to successfully complete tasks within required timelines.
• Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person.
• Strong risk analysis and problem solving skills.
• Must be flexible to ensure assessments are performed by the mandated date and be able to manage multiple assessments simultaneously.
• Experience that is considered a strong plus: performing information security assessments; providing information security guidance to business stakeholders; interpreting and applying information security policy and standards
• IT Risk Management/Audit industry certification (such as CISSP, CISA, CRISC, etc.) preferred.
We are committed to leveraging the diverse backgrounds, perspectives and experiences of our workforce to create opportunities for our people and our business. Equal Opportunity Employer Minority/Female/Disability/Veterans.
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
Why Work for MUFG Corporation?
• We are a financially strong and stable bank.
• We value workplace diversity.
• We are committed to the training and development of our employees.
• Innovative vacation benefits
• We offer a matching 401k, a Retirement Plan, a variety of Flexible Health Benefits.
Job: *Systems / Technology
Title: Sr. Vendor Risk Analyst - Remote Assessments, Assistant Vice President
Location: NEW JERSEY-Jersey City
Requisition ID: 10009067-WD