MUFG Union Bank Information Risk Management - Policy, Vice President in New York, New York

Join a financial group that’s as committed to your future as you are. At MUFG, we share a vision for our future, we share our successes, and we strive to bring out the best in each other in everything we do. Our 14,000 diverse colleagues are connected by a common ambition to create change for the better—from forging more dynamic career paths, to driving progress in our communities, to continuously reshaping the standards of global financial services. Positive impact starts here; see the change you can make as we strive to become the world’s most trusted financial group/./

/ /

/ Summary: /

/ /

Reporting to the Frameworks Director, the Policy Vice President is responsible for defining and maintaining Information Risk Management (IRM) policies..

/ /

/ Major Responsibilities: /

  • Defines and maintains IRM policies.

  • Defines and maintains the IRM policy framework based upon industry standards.

  • Defines and maintains the policy and standard creation and update processes including stakeholders and syndication and approval processes.

  • Builds and maintains IRM policies and standards and keeps relevant.

  • Supports the alignment of the policies and standards to both regulations and controls.

  • Defines supporting implementation guidance associated with the IRM policies.

  • Ensures policies adhere to enterprise standards and templates.

  • Ensures (new) polices follow the required approval process.

  • Ensures policies are updated as needed and always in good standing.

  • Represents IRM in other associates policy and standard syndication.

  • Collaborates with other subject matter experts to determine and communicate the business impact of changes to information risk management policy and standards. Ensures policy changes and new policies are appropriately communicated to the respective stakeholders.

General Responsibilities / Requirements:

  • Stakeholder management and working across various parts of the organization.

  • Communicates information risk matters to senior management.

  • Education: Bachelor's Degree required

  • Certifications: At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP).

  • Experience: 5 years experience in writing IRM policies and standards is required

  • Knowledge :

  • Proven knowledge of policy creation and maintenance; ensuring adherence and compliance.

  • Knowledge of the financial services industry and its regulations / laws.

  • Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business.

  • Understanding of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL).

  • Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches.

  • Knowledge of current industry trends in information risk management.

  • Skills: Strong MS Office, writing, and communication skills.

  • Abilities:

  • Able to collaborate well with internal and external stakeholders.

  • Able to enforce and communicate related policies, procedures, and guidelines.

  • Able to be a subject matter expert on information risk management policies and standards.

  • Why Work for MUFG? *

We are a financially strong and stable bank.

We value workplace diversity.

We are committed to the training and development of our employees.

Innovative vacation benefits.

We offer a matching 401K, a Retirement Plan, and a variety of Flexible Health Benefits.

/ /

/ The above statements are intended to describe the general nature and level of work being performed. They are not intended to /

/ be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. /

/ /

T o learn more about MUFG, review all current career opportunities, and apply please visit us online:

/ /


/We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category./


Job: *Risk & Compliance

Title: Information Risk Management - Policy, Vice President

Location: NEW YORK-New York

Requisition ID: 10008258-WD

Other Locations: NEW JERSEY-Jersey City, CALIFORNIA-Monterey Park