Cyber Security Technical GRC – VP jobs in United States
cer-icon
Apply on Employer Site
company-logo

MUFG · 15 hours ago

Cyber Security Technical GRC – VP

positionJersey City, NJ
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$144K/yr - $167K/yr
date6+ years exp

MUFG is one of the world’s leading financial groups, striving to make a difference for every client, organization, and community. The selected colleague will be a member of the CISO of America’s team, focusing on Enterprise Information Systems Governance, Risk, and Compliance, with responsibilities including managing cloud security governance and conducting risk assessments.

Financial Services
badNo H1Bnote

Responsibilities

Drive risk management initiatives for multicloud environments; ensure alignment with enterprise security standards and regulatory expectations
Understand the technical architecture and operational setup of cloud servers and provider integrations to evaluate exposure, control effectiveness, and residual
Support internal projects addressing cloud cybersecurity threats; assess the effectiveness and comprehensiveness of first-line cybersecurity controls
Review and challenge risk assessments, scenario analyses, control testing, and remediation plans; assist with issue oversight and escalations
Monitor and analyze risk trends (internal and external) to proactively mitigate potential issues impacting cloud security posture
Promote actions to address root causes of risks
Represent EIS GRC in working groups focused on cloud security and multi levels of reporting
Translate complex cloud and cybersecurity concepts into clear business terms for non-technical stakeholders and senior management across the Combined U.S. Operations
Prepare concise, executive-level reports on risk management activities, control outcomes, and emerging issues for senior leadership
Collaborate on initiatives that strengthen the enterprise cybersecurity program; ensure projects align with the cloud security governance model
Regularly review and update risk frameworks to reflect changes in the cloud threat landscape, including Oracle-specific risks
Lead discussions at all levels to incorporate cloud security risk elements into business strategies and decision-making
Guidelines of business through cloud security assessments, translating technical/security questions into business impact and prioritization
Conduct and/or oversee audits and other assessments of cloud technologies and on-prem technologies, ensuring effectiveness, sustainability, and maturity controls
Ensure adherence to regulatory requirements and internal policies, including coordination on remediation of identified gaps
Support oversight activities related to enforcement agencies, regulatory examinations, and related obligations
Stay current with multiple Cloud platforms for best practices, emerging technologies, and regulatory changes impacting cloud environments
Leverage insights to enhance the security posture and influence strategic roadmaps across business and technology teams
Influence comprehensive and consistent practices to identify, measure, monitor, report, and manage information risks
Ensure metric quality and relevance (e.g., control efficacy, incident trends, misconfiguration rates, vulnerability aging, and remediation timeliness)

Qualification

Cloud Security GovernanceCyber Risk QuantificationCybersecurity ControlsRisk ManagementCloud ArchitectureIT AuditCybersecurity DomainsRegulatory KnowledgeExecutive ReportingCommunication SkillsTeam CollaborationProblem Solving

Required

6–10+ years of experience across risk management, cloud information security governance, and/or IT audit; prior audit experience is a plus
Strong understanding of cloud architecture and provider integrations, including how enterprise servers and services interface with cloud providers
Experience auditing cloud technologies, wearing multiple hats in GRC contexts, writing executive-ready reports, and relaying risk to executives
High technical knowledge across cybersecurity domains (IAM, Data Security, Configuration Management, Log Generation, Incident Response, Security risk Assessment/Testing Methodologies, Secure SDLC), with specific experience evaluating the adequacy and efficiency of Cloud Controls
Knowledge of domestic and international banking regulations (e.g., Reg W, Basel II, FFIEC, GDPR) and experience with enforcement agency oversight activities (e.g., MRAs, consent orders), especially within systemically important financial institutions
Understanding of the regulatory environment and expectations related to technology risk (OCC, FRB, and Cyber Risk Institute (CRI))
Professional certifications in major cloud providers for security
Bachelor's degree in Information Security or a closely related discipline, or equivalent related experience

Benefits

Comprehensive health and wellness benefits
Retirement plans
Educational assistance and training programs
Income replacement for qualified employees with disabilities
Paid maternity and parental bonding leave
Paid vacation
Sick days
Holidays

Company

MUFG

twitter
Glassdoor3.6
company-logo
MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups.
dateFounded in 2001
location
Chiyoda-ku, Tokyo, JP
people-size10001+ employees
web-link
http://www.mufg.jp/english/ourbrand/index.html

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Greidy Puig
Vice President Finance- Business Unit CFO
linkedin
leader-logo
Mark Fernandez
Vice President, Global Markets CFO Office
linkedin

Recent News

mint
Mitsubishi UFJ Financial Group eyes expansive growth in India amidst positive economic outlook: Report | Mint
2024-04-29
Business Wire
MUFG Investor Services Tops $1 Trillion in Assets Under Administration
2024-04-29
Simply Wall St
Mitsubishi UFJ Financial Group's (TSE:8306) 45% CAGR outpaced the company's earnings growth over the same ...
2024-04-29
Company data provided by crunchbase