Sanctions List Management, VP

About The Position

Requirements

• Proficient with object-oriented and functional languages (e.g. Java, C#, Scala, Python, JavaScript, SQL)
• Experience with major public cloud offerings and how to design solutions that are built around these technologies (AWS, Azure, Google Cloud Platform, and similar)
• Experience leading technical iteration on the design, development, documentation, testing, and deployment of platform user interface features
• Experience integrating APIs with enterprise systems and developing SOAP and REST JSON web services and clients
• Experience using API programming languages and frameworks, Docker, CI/CD, Microservice Architecture, Serverless
• Experience designing, developing, debugging, and operating distributed systems that provide system availability, resilience, and performance
• General understanding of UI design principles and best practices
• Well versed in responsive design and implementation
• Proficient with SDLC project and process management tools and methodologies (Agile, waterfall, and other delivery methodologies)
• Experience creating end to end data pipelines as well as CI/CD pipelines for applications delivery
• Proficient understanding of code versioning tools such as Git
• Recommending system configuration for escalated issues; reviewing operational patterns of applications and services, discerning early warning for potential system problems; Studying system configurations for effective high availability operations, recommending architectures and implementations that provide sufficient automatic redundancy and capacity to avoid service outages due to single, and as risk requires, multiple points of failure;
• Work to address Secure by Design Controls that include activities related to maintenance of all applications environment, interface and all related configurations.
• Work with Team and support Data Backup and document the Business Continuity Plan.
• Work with Vendor on Application Incidents for Functional and Non-Functional Issues, support in investigation and resolution.
• Ensure Application and Infrastructure Security Controls are implemented as per Bank Policy.
• Work with Team for Patch Management and Validation.
• Devising and modifying procedures to solve immediate problems and avoid future problems; Performing monitoring, validation, and maintenance activities including 24x7 operation support of on-premise, cloud, and vendor hosted applications;
• Bachelor's degree in Information Technology or Information Systems or Computer Science or related required
• 2+ years of experience in software development in cross functional teams
• 2+ years of experience implementing technology solutions at banks or financial institutions.
• 2+ years of experience writing complex queries in Oracle, DB2 or SQL Server.
• 2+ years of experience writing Unix shell scripts
• 2+ years of experience writing Power shell scripts
• Any experience implementing and administering Compliance / AML and Trade Surveillance applications.
• Good Understanding of Application Governance Process like Vulnerability Remediation, Disaster Recovery, Business Impact Analysis and others.
• Experience customizing Alert Generation Process modules and Alert Tunning.
• Well organized and demonstrates strong technical proficiency in system analysis and application design.
• Proven ability to learn new technologies quickly.
• Well organized and be able to simultaneously manage several disparate tasks over varying timescales.
• Self-motivated, and able to troubleshoot issues independently.
• Experience with both Agile and Waterfall SDLC methodologies
• In-depth knowledge of Compliance Risks and Risk Management, including Anti-Money Laundering.
• Excellent oral and written communication skills.
• Excellent analytical and troubleshooting skills.
• Experience writing Functional and Technical Design Document.
• Ability to prioritize, meet deadlines and manage changing priorities.

Nice To Haves

• Experience using any BI Tool or other analytic reporting platforms.
• Experience with OneTrust, NAVEX, My Compliance Office is a plus.

Responsibilities

• Application Ownership & Governance Act as end‑to-end application owner for assigned SaaS platforms / applications.
• Ensure applications align with bank IT standards, enterprise architecture, and regulatory requirements
• Maintain application inventories, data classification, and system documentation
• Participate in Architecture Review Boards (ARB) and IT governance forums
• Own application lifecycle: onboarding, enhancement, rationalization, and retirement
• Regulatory Compliance & Risk Management Ensure SaaS applications comply with banking regulations and internal policies, including: Data privacy and data residency Identity & Access Management.
• Support internal audits, regulatory exams, and risk assessments
• Maintain evidence for: Controls testing Access reviews Change management
• Identify, track, and remediate technology and operational risks
• Security & Identity Management Enforce bank‑grade security controls: SSO, MFA, RBAC, least‑privilege access Integration with enterprise IAM solutions
• Partner with InfoSec on: Vendor security assessments Vulnerability management Incident response
• Ensure secure integration with internal systems and data platforms
• Manage periodic user access recertification
• Service Delivery & Resiliency Lead and Deliver Projects related to Core Compliance and deliver solution working with vendors.
• Ensure high availability, disaster recovery readiness, and operational resilience
• Define and manage SLAs, OLAs, SLOs, and uptime commitments
• Lead incident, problem, and change management in line with ITIL
• Perform root‑cause analysis for Sev‑1 / Sev‑2 incidents
• Coordinate failover, DR testing, and business continuity exercises
• Vendor & Contract Management Act as the primary IT contact for SaaS vendors
• Manage: Contractual SOW and SLAs License usage and cost optimization Renewals and exit strategies
• Participate in vendor due diligence, RFPs, and onboarding
• Ensure vendors meet bank risk, security, and compliance standards
• Change & Release Management Plan and coordinate SaaS releases, upgrades, and feature rollouts
• Assess business, security, and operational impact of changes
• Ensure proper testing, approvals, and rollback plans
• Communicate changes to stakeholders and end users
• Maintain configuration baselines and release documentation
• Business Partnership & Enablement Partner with business teams for engagements.
• Translate business requirements into secure, compliant SaaS configurations
• Drive adoption of new features while ensuring controls are not compromised
• Provide training, SOPs, and user documentation
• Act as escalation point for critical business issues

Benefits

• As per MUFG’s Return to Office policy, a candidate must work onsite for 4 days and 1 day remotely out of Jersey City, NJ.
• The typical base pay range for this role is between $138K - $188K depending on job-related knowledge, skills, experience and location.
• This role may also be eligible for certain discretionary performance-based bonus and/or incentive compensation.
• Additionally, our Total Rewards program provides colleagues with a competitive benefits package (in accordance with the eligibility requirements and respective terms of each) that includes comprehensive health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, and paid vacation, sick days, and holidays.
• For more information on our Total Rewards package, please click the link below MUFG Benefits Summary
• We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws (including (i) the San Francisco Fair Chance Ordinance, (ii) the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, (iii) the Los Angeles County Fair Chance Ordinance, and (iv) the California Fair Chance Act) to the extent that (a) an applicant is not subject to a statutory disqualification pursuant to Section 3(a)(39) of the Securities and Exchange Act of 1934 or Section 8a(2) or 8a(3) of the Commodity Exchange Act, and (b) they do not conflict with the background screening requirements of the Financial Industry Regulatory Authority (FINRA) and the National Futures Association (NFA).