Head Of Information Security Transformation

Head of Information Security Transformation

Join to apply for the Head of Information Security Transformation role at MUFG Pension & Market Services .

The Head of Information Security Transformation plays a critical role in leading and executing cybersecurity initiatives for MUFG PMS globally. This position is responsible for ensuring that projects are completed on time, within budget, and aligned with strategic security objectives. This role will manage a team of cybersecurity experts, overseeing resource allocation and balancing capacity needs across multiple projects while supporting the execution of the Information Security strategy, aligning security objectives with business outcomes through expert advice and early engagement. You will act as a trusted strategic advisor, guiding internal and external stakeholders on best practices in information security, architecture & design, identity access management, risk management and vulnerability remediation within a hybrid cloud and on-premise technology environment globally.

Key Accountabilities and Main Responsibilities

Strategic Focus

• Develop and implement global cybersecurity project delivery strategies, ensuring alignment with the Group’s overarching security goals and regulatory obligations.
• Deliver on the information security strategy and controls roadmap, collaborating with the CISO to ensure comprehensive development and execution.
• Collaborate with senior leadership to integrate cybersecurity objectives into broader organisational plans and strategies, enabling business and client outcomes.
• Support the CISO in the development of the overall information security strategy and roadmap.
• Work with Technology leaders to define Information Security inputs for technology roadmaps.

Operational Management

• Define global security reference architecture including baseline configuration for security tools.
• Prioritise and sequence cybersecurity initiatives to optimise resource utilisation and address the most critical risks and business impacts.
• Act as the interface between Information Security and the Business from a project delivery perspective.
• Provide expert advice to business leaders to ensure information security risks are understood and mitigated where possible.
• Oversee the planning, execution, and monitoring of cybersecurity projects, ensuring efficient and high-quality delivery.
• Implement effective project management frameworks and methodologies, including Agile where appropriate, to drive flexibility and responsiveness.
• Optimise resource capacity by assigning team members to projects in alignment with project demands and strategic priorities.
• Ensure clear communication and coordination with IT, business units, and external vendors, facilitating smooth project execution and resolving conflicts as needed.
• Increase delivery, consistency, visibility and awareness of information security services and advice.
• Provide security tooling and support aligned to strategy and SLAs in an efficient and easy to engage manner.
• Provide balanced advice to key stakeholders and project resources which aligns with International Information Security frameworks and reduces the risk of control weaknesses being introduced by projects.
• Lead a team of cybersecurity experts, providing guidance, mentorship, and professional development opportunities.
• Foster a culture of collaboration, accountability, and continuous improvement within the team.
• Develop strategies to enhance the skills and knowledge of team members, preparing them to adapt to new challenges and technologies.
• Balance and align team members’ workloads, ensuring effective resource allocation while promoting team well-being and engagement.

Governance & Risk

• Identify, assess, and manage risks associated with project delivery, implementing proactive mitigation strategies to minimise impact.
• Ensure compliance with security policies, regulatory requirements, and industry standards across all projects.
• Regularly review and report project progress, risks, and key metrics to senior leadership, maintaining transparency and accountability.
• Maintain robust governance practices, ensuring adherence to financial and operational controls, and manage project budgets effectively.

The above list of key accountabilities is not exhaustive and may change based on business needs.

Experience & Personal Attributes

• Thorough understanding of information security operations and governance concepts, including best practices, techniques, processes, and technologies.
• 5+ years of experience in project delivery within cybersecurity or IT environments, with a proven track record of delivering complex projects successfully.
• Strong experience with control frameworks such as ISO27001, NIST, CPS234, and COBIT.
• Extensive experience with security technologies, including Intrusion Detection, Anti-virus / anti-malware, Database Activity Monitoring, Data Loss Prevention, Penetration Testing, Firewalls, and Security Log management tools.
• Ability to identify key risks, issues, trends, and patterns in complex security problems.
• Sound knowledge of security best practice controls and control frameworks.
• Ability to define pragmatic solutions for security requirements in a fast-paced environment.
• Ability to work accurately under pressure, following processes and procedures.
• Well-developed communication skills, capable of clearly and concisely describing complex issues and actions.
• Knowledge of enterprise risk frameworks and best practice risk management processes.
• Experience managing a team and planning the capacity of technical resources.
• Exposure to large financial services organisations and understanding the associated risks.
• Formal Information Security or Project Management certifications such as CISSP, CISM, PMP, or equivalent are highly desirable.
• Demonstrate accountability - takes ownership of decisions and proactively leads change.
• Technical Proficiency : Strong understanding of cybersecurity principles and technologies to communicate effectively with technical teams and stakeholders.
• Problem-Solving & Analytical Abilities : Demonstrates a proactive approach to identifying and resolving issues, with strong decision-making capabilities.
• Strategic Thinking : Ability to prioritise and manage multiple projects in a fast-paced, dynamic environment.
• Demonstrate a high level of energy and resilience to operate in challenging environments.
• Demonstrate a high level of autonomy in delivering outcomes.
• Decision Making : Making decisions at the appropriate time, considering the needs of the situation, priorities, constraints, and the availability of necessary information.

Seniority Level

• Mid-Senior level

Employment Type

• Full-time

Job Function

• Information Technology
• Industries : Security Systems Services, Data Security Software Products, and Insurance