Vice President, IAM Governance Manager

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

Headquartered in Tokyo and with approximately 350 years of history, MUFG is a global network with around 2,300 offices in over 50 countries including the Americas, Europe, the Middle East and Africa, Asia and Oceania, and East Asia. The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.

4-5

This is a critical role to provide oversight of risks and controls relating to Identity and Access Management (IAM). We are embarking on a multi-year uplift of our IAM processes and controls, this role forms a key part of both our remediation plans during and post-remediation to provide oversight and monitoring of IAM controls to ensure effective operation in line with regulatory and audit expectations. The role will deliver reporting, governance and escalation over all aspects of identity and access management ensuing that all participants are adhering to controls and standards in the IAM lifecycle. A key aspect of this will be the oversight of implementation and operation of the Toxic Combination framework. Reporting to the Head of Technology Risk Governance you will play a key and highly visible role in the management of IAM risks across the MUFG business.

• Working with the Identity and Access Management team to help define key controls for the IAM function. Ensuring that controls are effectively designed to mitigate IAM risks as well as ensuring they meet the requirements for internal and external audit as well as other regulatory initiatives and group standards.

• Developing Key Control Indicators, Key Risk Indicators and continuous control monitoring strategies to assess the performance of key controls.

• Developing a testing strategy to formally test key IAM controls.

• Work with IAM team to develop remediation strategies and monitor this remediation for effectiveness

• Co-ordinating and overseeing the Toxic Combination framework. Ensuring full participation from business and technology stakeholders. Managing the violations process to ensure any identified toxic combinations are managed and escalated.

• Co-ordinating IAM Governance meeting to transparently report the performance of IAM processes and controls and to provide escalation where controls are not being adhered and where any potential violations need to approved

• Being the point of contact to ensure IAM risks are addressed via the SDLC process.

• Engaging with both internal and external audit in relation to identity and access management risk and controls.

• Experience in Identity and Access Management, preferably in financial services sector

• Experience in delivering multi-year remediation Identity and Access Management programs

• Experience working with the business stakeholders to define a Toxic Combination framework

• Very strong understanding of internal, external audit expectations and SOX requirements

• Very strong understanding of Identity and Access Management processes and controls including external audit and SOX requirements

• Good knowledge of control frameworks such as NIST, CRI, DORA, SOX.

• Good understanding of investment banking business processes and applications to allow credible engagement with application owners and business owners on Toxic Combination and segregation of duties topics

• Experience developing continuous control monitoring, key risk indicators and key control indicators, where possible automating reporting and data production

• Experience of developing effective and efficient control testing strategies

• Excellent written and verbal communication skills

• Self-motivated and proactive

• Balance risk with opportunity and ability to prioritise

• Ability to influence up to senior levels of the organisation

• Excellent reporting and presentation skills

• Confident in delivering difficult messages to senior management

• Organised and results focused

• Excellent and innovative communicator with the ability to use data to simplify complex concepts for both technical and non-technical audiences

• Collaborate and build partnerships with technical and non-technical members

• Think strategically, with structured and logical approach to work

• Able to work to tight deadlines

• Logical and objective even under pressure

• Results driven, with a strong sense of accountability

• Strong decision making skills, the ability to demonstrate sound judgement

• Meticulous attention to detail.

We are open to considering flexible working requests in line with organisational requirements.

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.

We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.

At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!

• Client Centric

• People Focused

• Listen Up. Speak Up.

• Innovate & Simplify

• Own & Execute