Vice President, Privileged Access Management Lead

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long‑term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with approximately 350 years of history, MUFG is a global network with around 2,300 offices in over 50 countries including the Americas, Europe, the Middle East and Africa, Asia and Oceania, and East Asia. The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.

As one of the top financial groups globally with a vison to be the world's most trusted, we want to attract, nurture and retain the most talented individuals in the market. The size and range of MUFG’s global business creates opportunities for our employees to stretch themselves and reap the rewards, whilst our common values, to behave with integrity and responsibility, and to build a culture which is fair, transparent, and honest, underpin everything that we do.We aim to be the financial partner of choice for our clients, whatever their requirements, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

MUFG’s shares trade on the Tokyo, Nagoya, and New York (NYSE: MTU) stock exchanges. The group’s operating companies include, but are not limited to, Bank of Tokyo-Mitsubishi UFJ, Mitsubishi UFJ Trust and Banking (Japan’s leading trust bank), Mitsubishi UFJ Securities Holdings (one of Japan’s largest securities firms), and MUFG Americas Holdings.

Please visit our website for more information - mufgemea.com.

IT Security department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting Head Office Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department supports and monitors security solutions such as virus protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk.

We are seeking a highly skilled Privileged Access Management (PAM) Lead with deep expertise in CyberArk to drive the strategy, implementation, and continuous improvement of our enterprise PAM program. The ideal candidate will possess strong technical leadership, hands‑on engineering experience, and the ability to collaborate across security, infrastructure, and application teams to secure privileged accounts and reduce organizational risk.

In this role, you will be responsible for PAM operational management across MUFG’s banking arm and securities business under a dual‑hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you. Key responsibilities include but, not limited to:

• Lead the design, development, and execution of the organization’s Privileged Access Management program.
• Define PAM roadmap, policies, standards, and best practices aligned with security frameworks (NIST, ISO 27001, CIS).
• Act as the CyberArk subject matter expert and primary technical authority.

• Architect, deploy, and manage CyberArk components, including:
  • PVault, CPM, PSM, PVWA, AIM/CCP, Conjur, PTA
• Onboard and manage privileged accounts, safes, platforms, and custom connectors.
• Implement credential rotation, session management, secrets management, and least‑privilege access controls.
• Maintain CyberArk integrations with AD, SIEM, ticketing systems, DevOps pipelines, cloud platforms, and applications.

• Enforce privileged access controls and monitor compliance with internal and regulatory requirements.
• Develop runbooks, operational procedures, and documentation for PAM processes.
• Analyse session recordings, logs, and alerts to identify suspicious privileged activity.
• Lead audits, risk assessments, and remediation activities related to privileged access.

• Partner with security teams, infrastructure, developers, and business units to onboard applications and automate PAM controls.
• Provide technical guidance, mentorship, and training to junior team members.
• Manage vendor relationships and coordinate upgrades, patches, and support activities.

• Identify opportunities to enhance security posture through automation, policy refinement, and new PAM capabilities.
• Stay updated on PAM trends, CyberArk enhancements, and industry threats.

Functional / Technical Competencies:

Essential

• Minimum 8+ years of CyberArk experience and good knowledge on other PAM tools.
• Strong communication skills
• Strong understanding of:
  • Privileged account security principles, zero trust, and least privilege.
  • Windows & Linux authentication, AD/LDAP, networking basics.
  • Scripting (PowerShell, Python, APIs) for automation.
  • CyberArk Components like CPM/PSM/PVWA/Vault, CPM Plugin and PSM Connector Development.
• Proficient within many LDAP directory style platforms
• Basic understanding of Windows Server Administration
• Experience in Metrics tools like PowerBI, Tableau etc. (good to have)
• Good knowledge in PowerShell scripting. (good to have)
• Basic Unix administration knowledge
• CyberArk certification or Security related certification.
• Excellent troubleshooting and problem‑solving skills
• Detailed knowledge of the Access Control and Privileged Access Management domains, including the Tools, Techniques and Procedures used.
• Extensive knowledge in CyberArk PAM capabilities protecting Hybrid Environments (On‑Prem, AWS, Azure)
• Clear understanding of Operating systems, Database concepts and others potential targets or endpoints for a typical PAM Solution.
• Experience in defining PAM processes and role definition with knowledge of native access control mechanisms.
• Understanding of access control mechanism for Operating systems and Databases and other potential target devices.
• An aptitude and interest for future innovations & technologies as well a willingness to continually learn and nurture those around you
• Knowledge of compliance frameworks: SOX, HIPAA, PCI‑DSS, NIST, CIS.

Essential:

• Experience in working on deliverables with broad scope, ambiguity, and high degree of difficulty
• Experience in technology projects such as implementation of Cyber infrastructure replacement etc.
• Demonstrable proficiency in a wide range of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Incident Management possessing high level of analytical ability where problems are typically unusual and difficult
• Ability to maintain a working knowledge of cybersecurity principles and elements
• Understand global program structure, launch plan and timing, and global program ownership
• Demonstrable experience of senior stakeholder management and relevant management reporting.
• Ability to coach team members through knowledge transfer and constructive feedback

• Minimum 8 years’ experience in the above‑mentioned skillset
• Minimum 8+ years of CyberArk experience and good knowledge on other PAM tools.

• You are a leader and an expert in delivery of cyberframeworks and associated key solutions
• A demonstrable passion for cybersecurity
• Excellent communication/leadership/interpersonal skills; results driven and with strong sense of accountability
• You are experienced in engaging and persuading teams to accept and participate in best‑in‑class security architecture and operations
• Data driven, ability to analyse data needed to effectively measure progress against the execution of objectives
• You successfully convey technical information in an understandable way that generates results
• A troubleshooter who proactively removes roadblocks and pursues solutions to problems that stand in the way
• You value and develop trusted relationships at every operational level
• The ability to operate with urgency and prioritise work accordingly
• Strong decision making skills, the ability to demonstrate sound judgement
• A structured and logical approach to work; Strong problem solving skills
• A creative and innovative approach to work
• Excellent presentation skills and excellent attention to detail and accuracy
• The ability to manage large workloads and tight deadlines
• A calm approach, with the ability to perform well in a pressurised environment

We are open to considering flexible working requests in line with organisational requirements.

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.

We make our recruitment decisions in a non‑discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.