Director - Technology Transformation - Design & Assessment
- Charlotte, NC
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2018). In the Americas, we're 14,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, developing positive relationships built on integrity and respect. It's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. We're a team that accepts responsibility for the future by asking the tough questions and owning the solutions. Join MUFG and be empowered to make your voice heard and your actions count.
Director - Technology Transformation - Design and Assessment
A member of the Operations and Technology for the Americas (OTA) Risk & Controls Office (RCO), the Technology Transformation - Design and Assessment Director is a key member of a first line risk and controls leadership team dedicated to the OTA Transformation Program. This individual will lead RCO's assessment of the design and implementation of key risk and control elements included in Transformation technology projects. This leader and his/her team will be responsible for advising and assessing the technology risk and control environment incorporated into tech projects, identifying improvement opportunities, reporting and monitoring key risk metrics and providing governance with respect to all risk and control matters. The role reports to the Director, Transformation Risk.
- Design and assist in implementation of key controls, industry standards, policies and/or procedures within the Transformation technology environment
- Lead assessment of risk and control alignment with specific technology control frameworks and the internal risk, threat and control library
- Partner with Transformation to continuously improve the overall risk posture of delivered features, functions and capabilities
- Participate in the development, design and implementation of control testing and risk monitoring programs
- Collaborate with the business partners to facilitate remediation of identified risk and control issues
- Lead RCO engagement with multiple stakeholders; collaborate with key business partners, risk management and Internal Audit
- Bachelor's degree in technology, engineering, risk management, computer science, information systems or equivalent experience in working in the field
- 12+ years of technology, risk and control experience, including managing teams, preferably in a financial institution or other highly regulated environment
- Strong and diverse modern technology background and experience across diverse domains, illustrating the candidates ability to drive transformation outcomes with specific focus on how to 'enable' them in a highly regulated Enterprise industry context including:
- Expertise with Cloud Service Providers (CSP) such as AWS and the cloud-based products, services and capabilities
- Conceptual / working understanding of scripting languages such as Bash, Ruby, Perl and Python
- Conceptual / working understanding with continuous integration and continuous deployment (CI/CD) concepts, tools and technologies including code repositories (e.g. Git), Jenkins and Maven
- Conceptual / working understanding of infrastructure orchestration, service registry/discovery, and configuration management tools, (eg. Cloudformation, Terraform, Ansible/Puppet)
- Conceptual / working understanding of software containerization platforms/container orchestration tools such as Docker, Kubernetes, AWS EKS and Red Hat OpenShift
- Conceptual / working understanding of modern master data management, big data platforms, data streaming, analytics and reporting solutions (e.g. AWS EMR)
- Experience with information security risks, regulations or regulatory bodies and security program frameworks, including COSO, COBIT, FFIEC, NIST, AWS Well-Architected and ITIL
- Deep understanding of information security best practices and implementation of security principles across global organizations, to meet business goals and legal/regulatory requirements
- Knowledge of current and emerging cloud security trends. "as a Service" security and architecture concepts, including network segmentation, perimeter security, event monitoring; remediation methods to bring cloud infrastructures into compliance for security compliance
- Understanding of risk management, including experience executing risk assessments, testing and evaluating processes and controls
- Strong project management skills; includes an ability to independently drive work, and pragmatically solve problems
- Outstanding leadership, management and communication skills; able to foster close and collaborative productive working relationships across the organization.
- Experience in working in an Agile, Scrum or DevSecOps methodology including the Atlassian stack (Jira/Confluence) is preferred
- Strong work ethic, ability to make decisions and work under tight deadlines; achievement oriented and takes initiative
- Cloud Service Provider (CSP) Certifications desired (i.e. AWS Cloud Practitioner, AWS Specialty - Security), relevant professional certifications a plus
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.
Back to top