Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
OVERVIEW OF THE DEPARTMENT/SECTION
IT Risk, Security & Control department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting the global Information Security Standards and Procedures (ISSP) requirements and local security requirements.
The department deploys, supports and monitors security solutions such as virus protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk.
NUMBER OF DIRECT REPORTS
None
MAIN PURPOSE OF THE ROLE
To manage the technical delivery of various cybersecurity projects and contribute to the overall success of the Cybersecurity programme function by:
Ensuring that projects are delivered according to scope, on time and within budgetAssisting the programme manager by providing programme support activities - hygiene, project steerco, finance etcKEY RESPONSIBILITIES
Key responsibilities include, but not limited to:
Interpret cybersecurity relevant regulatory and other requirements or best practices and translate these to business aligned cybersecurity programme requirements.Manage the delivery of cybersecurity projects within agreed scope, cost and timescale across Bank and Securities.The delivery manager will be responsible for support and execution of the following deliverables as required: charter and roadmap, role matrix, status reports, programme schedules, issues and risk log, communication protocol and escalation plan, scope change assessment and change requests. Also business requirements specification and requirements traceability matrix.Assisting the programme manager by providing programme support activities - hygiene, project steerco, finance etcWORK EXPERIENCE
Work Experience:
Essential:
Experience in managing multiple projects with broad scope, ambiguity, and high degree of difficultyExperience in managing cybersecurity technology projects such as implementation of DLP, Cyber infrastructure replacement, Cloud monitoring tools etc.Demonstrable proficiency in a wide range of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Threat Intelligence, Risk Evaluation, Security Assessment/Testing, Incidence Management and Vendor/Cloud products assessmentPossessing high level of analytical ability where problems are typically unusual and difficultAbility to maintain a working knowledge of cybersecurity principles and elementsUnderstand global program structure, launch plan and timing, and global program ownershipDemonstrable experience of senior stakeholder management and relevant management reporting.Ability to coach team members through knowledge transfer and constructive feedbackEducation / Qualifications:
Essential:
Degree educated and / or equivalent experience.SKILLS AND EXPERIENCE
Functional / Technical Competencies:
Essential (Must Have)
Experience of working within Cybsersecurity team as a Technical Delivery Manager or within core Cybersecurity BAU functionMastery of Project Delivery Life Cycle (PDLC) ControlsProven understanding of current best practice approach to security assurance and the application of security frameworksExperience in project and development methodologies covering; architecture pattern development, requirements analysis, design review and project risk assessment.Planning and prioritizing multiple project work streams in response to rapidly developing and changing portfolios.Turning business problems into optimal technical security designs, aligning user needs with systems requirements and organizational goals.Experience of supplier and third party risk managementStructured project management experience in deploying security-related initiativesBroad experience in computer and network systems, including IT securityAbility to handle ambiguity and make decisions and recommendations with limited dataUnderstanding of various Cyber/IT Security frameworks e.g. NIST; ISO-27001; PCI-DSS; EBA-ICT and FFIECSolid analytical/problem-solving skills with capability to identify solutions to unusual and complex problemsMUFG operate a hybrid working policy with 3 days per week in the office.
We are open to considering flexible working requests in line with organisational requirements.
MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.
We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.