Information Security Risk Analyst, Hybrid - Jersey City, NJ/Tempe, AZ/ Irving, TX

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 6th largest financial group in the world. Across the globe, we're 160,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

• Responsible for risk assessment and resolution follow-up to assure compliance with applicable internal, regulatory, and legal requirements
• Configures enterprise vulnerability assessment tools, performs internal/external scans, analyzes detected vulnerabilities, identifies the relevant threats and eliminates false positives through manual validation
• Conducts formal risk analysis and self-assessments program for various Information Services systems and processes
• Contributes expertise to help determine requirements and functional specifications for entire organization
• Generates reports on assessment findings and summarizes them to facilitate remediation tasks for other operational teams
• Works effectively with cross-functional and/or global teams, readily shares information with others

• Bachelors in information Technology, Computer Science, Cybersecurity or equivalent,
• industry certification preferred [CISSP, CRISC, CISA preferred]
• 1-2+ years' experience in Information Technology Risk Management.
• Possesses strong security/risk/legal knowledge.
• Knowledge of the GRC aspects of information security subject matter including:
• Control assurance design principles and practices
• Knowledge of Information Technology audit practices
• Knowledge of *nix operating systems (admin skill in Linux/AIX a plus).
• Knowledge of Windows networking, windows domains and active directory, GPOs and end-point security
• Knowledge of various compliance regulations - PCI, GLBA, SOX, FFIEC, and ISO 27001
• Knowledge of risk assessment design and delivery
• Knowledge of governance, risk, and compliance systems [RSA Archer a plus] a plus
• Problem solving skills
• Strong experience with MS office
• PMP certification a plus.
• Experience with preparing reports and metrics on the status of completed assessments, progress of remediation actions, and performance of the assessment tools.
• Excellent communications and collaboration skills
• Process analysis skills