MUFG Union Bank Information Security Risk Analyst in Monterey Park, California

Join a financial group that’s as committed to your future as you are. At MUFG, we share a vision for our future, we share our successes, and we strive to bring out the best in each other in everything we do. Our 14,000 diverse colleagues are connected by a common ambition to create change for the better—from forging more dynamic career paths, to driving progress in our communities, to continuously reshaping the standards of global financial services. Positive impact starts here; see the change you can make as we strive to become the world’s most trusted financial group/./

/ Job Summary: /


The Information Security Risk Analyst primary responsibilities of this position is to perform Security Risk Assessments of information systems as per bank’s methodology, problem reporting, tracking, and documenting resolutions.

/ Major Responsibilities: /

  • Conducting information security assessment of information systems as per our methodology

  • Interpret and apply IT controls in an enterprise environment

  • Identify, document and communicate key control deficiencies to stakeholders

  • Assisting stakeholders with recommendations to address key control deficiencies

  • Evaluating management responses to ensure remediation tasks adequately address identified gaps

  • Maintaining familiarity with industry trends and security best practices

  • Contributing to the teams’ continuous improvement efforts

  • Adhering to and complying with all applicable, federal and state laws, regulations and guidance, including those related to Anti-Money Laundering (e.g. Bank Secrecy Act, USA PATRIOT Act, et.) 2) Adhering to Bank policies and procedures 3) Completing required training

  • Validate evidence, before identified risks are closed

  • Escalate issues to management as needed

  • At least 2 to 5 years’ experience in risk assessment and information security practices

  • Experience with large complex financial institutions or another highly-regulated industry

  • Understanding of the compliance requirement framework such as GLBA, SOX, PCI, HIPAA etc.,

  • Background engaging with both internal and external audit functions

  • Ability to identify, interpret and apply IT controls in changing environments

  • Familiarity with one or more of the following areas is highly desirable:

o IP networks infrastructure (network topology, switches, routers, firewalls, intrusion detection / prevention)

o Windows Active Directory (policies, structure, elements)

o Databases (SQL, Oracle, DB2, monitoring tools)

o Standards / Frameworks (CoBIT 5, ITIL, ISO 15504, ISO 20000, ISO 27000, ISO 31000, ISO 38500, NIST series 800 guidance)

o Access control (Identity Access Management user access provisioning and recertification.

o Logging (System Event / Audit log collection)

o Data Encryption / Masking techniques (At-rest, in-transit, in-motion)

o Physical security principles

  • Critical thinking, analytical, and project management skills

  • Ability to interact and communicate effectively with leadership and staff across both business and technology functions

  • Strong oral and written communication, including the ability to write clear, concise, non-technical and persuasive risk evaluation reports

Education Requirements

  • Bachelor's degree in Computer Science, Technology, or Related Fields.

  • Master’s Degree (preferred)

Desired Certifications

  • CISA

  • CIA

  • CISM


  • Other relevant professional certifications

  • Why Work for MUFG? *

We are a financially strong and stable bank.

We value workplace diversity.

We are committed to the training and development of our employees.

Innovative vacation benefits.

We offer a matching 401k, a Retirement Plan, and a variety of Flexible Health Benefits.

/ /

/ The above statements are intended to describe the general nature and level of work being performed. They are not intended to /

/ be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. /

/ /

T o learn more about MUFG, review all current career opportunities, and apply please visit us online:

/ /

/ We are committed to leveraging the diverse backgrounds, perspectives and experiences of our workforce to create opportunities for our people and our business. Equal Opportunity Employer: Minority/Female/Disability/Veteran. /

Job: *Systems / Technology

Title: Information Security Risk Analyst

Location: CALIFORNIA-Monterey Park

Requisition ID: 10010161-WD

Other Locations: ARIZONA-Tempe