Cyber Security Governance, Risk, Compliance Manager Vice President

Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 7th largest financial group in the world. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world. With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded. The selected colleague will work at an MUFG office or client sites four days per week and work remotely one day. This role is for a member of the CISO of America's team and will provide leadership and support within the Cybersecurity Governance, Risk, and Compliance (GRC) function to ensure measurement and enforcement of Information Security requirements, implementation and maintenance of policies, standards, and a comprehensive controls framework ensuring technical systems and information assets are appropriately protected. The scope includes, but is not limited to, interacting with internal and external teams across various levels within the organization, Audit & IT Controls teams, internal risk committees, and external state and federal agencies (e.g., OCC, FRB). You will maintain a high degree of knowledge with current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance, leveraging technological solutions to meet enterprise needs. You will drive implementation, sustainability, and maturity of the firm's Information Security control framework, leading team members who assess and benchmark technology process execution against industry standards such as NIST 800-53, NIST CSF, FFIEC CAT, CRI Profile, CIS Benchmarks, and OWASP in conjunction with MUFG policies and standards. Additionally, you will assess control design, operating effectiveness, and sustainability in support of Information Security commitments to align with all applicable laws, regulations, internal policies, and procedures. You will ensure gaps are addressed via remediation plans with timely resolution which address the root cause of control failures, compile and distribute program level reporting to relevant stakeholders, and support Information Security oversight and governance by ensuring our control environment is monitored through relevant KRI/KPIs. You will monitor and evaluate emerging risk, internal operational trends, and external risk events for potential impact to the control environment, leading discussions at all levels of the organization to incorporate and manage security risk elements as part of the overall strategy of the business line. You will influence executives within aligned business units by demonstrating how security efforts align to strategic objectives, establish and drive a clear risk picture to the lines of business through daily contact on risk and security issues, and provide clear and consistent communications to lines of business related to cybersecurity-related topics. Finally, you will guide the lines of business through assessments, translating the technology/security questions so that they can be understood by the business, and support complex initiatives designed to improve MUFG America's overall information security program, ensuring projects are executed as planned and align with the cybersecurity governance model.