Join MUFG as a Technology Risk Management - Control Officer. You will assess processes, risks, and the control environment, manage the issue lifecycle, and engage with stakeholders across lines of defense. In this role, you'll work collaboratively with business units and risk teams to execute key risk management activities.
What You'll Do
- Assess processes, risks, and the control environment.
- Manage the Issue Management lifecycle reporting.
- Partner with the business to proactively identify issues, document root causes, and coordinate with stakeholders.
- Work with other risk teams to challenge potential issues and participate in issue identification and development.
- Review, challenge, and participate in issues’ Management Action Plan (MAP) development.
- Perform first line validation of issues, including regulatory issues.
- Review and challenge issue lifecycle validation packages prior to tollgate meetings.
- Support management to generate various metrics and reports for senior management and board level committees.
- Maintain standard Issue Management templates.
- Provide quality assurance and reports on OpenPages issues.
- Engage with Operations & Technology key stakeholders, management, and lines of defense to ensure risks are understood and remediated.
- Manage the issues tollgate process, review submissions, provide feedback, and ensure follow-ups are completed.
What We're Looking For
- Bachelor’s degree in technology, engineering, risk management, computer science, information systems, or an equivalent field.
- Experience with key risks associated with Application Development (SDLC), Dev/Sec/Ops, deployment pipeline, and cloud architecture.
- Demonstrated experience in ITIL Foundation.
- Demonstrated experience with Risk and Control design and assessments.
- 2-4 years’ experience in Application Development (SDLC), risk & control, or an audit function.
Nice to Have
- Experience with risk metrics definition and reporting/scorecard development utilizing key risk metrics tools.
- Skilled experience with performing, defining, refining and documenting processes necessary to produce accurate periodic reporting.
- Experience relating to industry’s best practices and frameworks such as COSO, COBIT, NIST CSF and 800-53, Cybersecurity Horizontal Reviews, and ITIL in complex environments.
- Experience with risk assessment/testing methodologies evaluating the adequacy and efficiency of internal controls.
- Experience evaluating process documentation, risk, and control assessments and designing/executing test scripts.
- Previous experience in a risk and control or audit function.
- Understanding of risks and controls, issue management, reporting, metrics, and audits.
- Experience with problem solving in a team environment by utilizing critical and creative thinking skills.
- Experience using Microsoft collaboration and project management tools such as SharePoint, Teams, and Project.
- Experience using Microsoft CoPilot to automate and drive efficiencies.
- Knowledge of financial institution businesses, processes, products, and risk.
- Risk management exposure including evaluating the adequacy and efficiency of internal controls, and identifying issues.
- Exposure to enforcement agencies and oversight activities (regulatory examinations, etc.).
- Knowledge of critical domestic and international banking regulations (Reg W, Basel II, FFIEC, GDPR, etc.).
- Understanding of the regulatory environment and regulations related to risk, OCC, and FRB expectations.
- Understanding of application development, secure by design, and SDLC practices and framework.
Technical Stack
- Microsoft SharePoint
- Microsoft Teams
- Microsoft Project
- Microsoft CoPilot
- OpenPages
Team & Environment
You will work collaboratively with businesses as a BURM team representative and with other BURM and BURCO validation teams.
Benefits & Compensation
- Salary range: $125,000 - $164,000
- Comprehensive health and wellness benefits
- Retirement plans
- Educational assistance and training programs
- Income replacement for qualified employees with disabilities
- Paid maternity and parental bonding leave
- Paid vacation, sick days, and holidays
Work Mode
This position follows a hybrid work model and is based in New York, NY.
We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws.
