Cyber Security Technical GRC - VPMUFG Bank, Ltd. • Hoboken, New Jersey, United States

This job offer is no longer available

Cyber Security Technical GRC - VP

MUFG Bank, Ltd.

Hoboken, New Jersey, United States

Hoboken, New Jersey, United States

About

Job Summary Member of the CISO of America’s team focused on the Enterprise Information Systems (EIS) Governance, Risk, and Compliance (GRC) team. Acts as an individual contributor in the first line of defense, addressing Cloud Security Governance, Policy Management, Cybersecurity Controls & Reporting, and Cyber Risk Quantification across hybrid (cloud and on‑premise) environments. Work Location Four days per week at an MUFG office or client site and one remote day. Responsibilities Drive risk management initiatives for multicloud environments; ensure alignment with enterprise security standards and regulatory expectations. Understand technical architecture and operational setup of cloud servers and provider integrations to evaluate exposure, control effectiveness, and residual risk. Support internal projects addressing cloud cybersecurity threats; assess the effectiveness and comprehensiveness of first‑line security controls. Review and challenge risk assessments, scenario analyses, control testing, and remediation plans; assist with issue oversight and escalations. Monitor and analyze risk trends (internal and external) to proactively mitigate potential issues impacting cloud security posture. Promote actions to address root causes of risks. Represent EIS GRC in working groups focused on cloud security and multi‑level reporting. Translate complex cloud and cybersecurity concepts into clear business terms for non‑technical stakeholders and senior management across the Combined U.S. Operations. Prepare concise, executive‑level reports on risk management activities, control outcomes, and emerging issues for senior leadership. Collaborate on initiatives that strengthen the enterprise cybersecurity program; ensure projects align with the cloud security governance model. Regularly review and update risk frameworks to reflect changes in the cloud threat landscape, including Oracle‑specific risks. Lead discussions at all levels to incorporate cloud security risk elements into business strategies and decision‑making. Conduct and/or oversee audits and other assessments of cloud technologies and on‑prem technologies, ensuring effectiveness, sustainability, and maturity of controls. Ensure adherence to regulatory requirements and internal policies, including coordination on remediation of identified gaps. Support oversight activities related to enforcement agencies, regulatory examinations, and related obligations. Stay current with multiple cloud platforms for best practices, emerging technologies, and regulatory changes impacting cloud environments. Leverage insights to enhance the security posture and influence strategic roadmaps across business and technology teams. Influence comprehensive and consistent practices to identify, measure, monitor, report, and manage information risks. Ensure metric quality and relevance (e.g., control efficacy, incident trends, misconfiguration rates, vulnerability aging, and remediation timeliness). Qualifications 6–10+ years of experience across risk management, cloud information security governance, and/or IT audit; prior audit experience is a plus. Strong understanding of cloud architecture and provider integrations, including how enterprise servers and services interface with cloud providers. Experience auditing cloud technologies, wearing multiple hats in GRC contexts, writing executive‑ready reports, and relaying risk to executives. High technical knowledge across cybersecurity domains (IAM, Data Security, Configuration Management, Log Generation, Incident Response, Security risk Assessment/Testing Methodologies, Secure SDLC), with specific experience evaluating the adequacy and efficiency of Cloud Controls. Knowledge of domestic and international banking regulations (e.g., RegW, BaselII, FFIEC, GDPR) and experience with enforcement agency oversight activities (e.g., MRAs, consent orders), especially within systemically important financial institutions. Understanding of the regulatory environment and expectations related to technology risk (OCC, FRB, and Cyber Risk Institute (CRI)). Professional certifications in major cloud providers for security. Education & Certifications Bachelor’s degree in Information Security or a closely related discipline, or equivalent related experience. Compensation The typical base pay range for this role is $151K–$203K, depending on job‑related knowledge, skills, experience, and location. The role may also be eligible for discretionary performance‑based bonus and/or incentive compensation. Benefits Our Total Rewards program provides a comprehensive package that includes health and wellness benefits, retirement plans, educational assistance and training programs, income replacement for qualified employees with disabilities, paid maternity and parental bonding leave, paid vacation, sick days, and holidays. EEO Statement We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with applicable state and local laws. The Company is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, religion, gender expression, gender identity, sex, age, ancestry, marital status, protected veteran and military status, disability, medical condition, sexual orientation, genetic information, or any other status protected under federal, state, or local law. Visa Sponsorship Visa sponsorship/support is based on business needs. We do not anticipate providing visa sponsorship/support for this position.
#J-18808-Ljbffr

Hoboken, New Jersey, United States

Languages

English

Notice for Users

This job was posted by one of our partners. You can view the original job source here.

Find similar jobs