Information Risk Management - Governance, Risk & Control Tool / Platform - Vice President

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2018) with total assets of over $2.9 trillion (106.2 (JPY) as of March 30, 2018) and 150,000 colleagues in more than 50 countries. In the U.S., we're 13,000 strong, working together to positively impact every customer, organization, and community we serve. At Union Bank, we aim to be the premier and most-trusted West Coast bank, serving customers with high-touch, local delivery and global capabilities as we leverage our rich, 150-year history. This is all part of our inclusive, high-performing culture supported by competitive Total Rewards, including our cash balance pension plan. Join a team that's working to fulfill its vision to be the world's most trusted financial group.

Are you a passionate about your work? Do you want to pursue or continue a career in Information Risk Management? This opportunity might be right for you.

Job Summary:

The Governance, Risk & Control (GRC) Tools Vice President is responsible for supporting and maintaining the GRC tool (platform) and the Information Risk Assessment Methodology (IRAM).

Major Responsibilities:

  • Lead and coordinate the roll-out, onboarding, annual review, and refresh of the GRC tool and IRAM
  • Maintain and update service and procedure documents for the GRC tool and IRAM
  • Define, design, implement, and maintain key performance indicators (KPIs) to support the operational efficiency of the GRC tool and IRAM; generate monthly KPI reporting, including analytical commentary; ensure metrics are meaningful and the reporting process is streamlined
  • Support the integration of IRAM to business processes; support projects building a methodology similar to IRAM
  • Ensures the development of procedures, workflows, communications, and training activities related to the implementation of change initiatives.
  • You define, design, implement and maintain key performance indicators (critical metrics) to support operational efficiency of both IRAM and RTC Library.
  • You drive to enhance the provisioning process and tools to improve the overall productivity and efficiency of the server delivery process.
  • Seek new methods, tools and procedures to deliver quality results, quick delivery and reduced risk.
  • You will lead and coordinate implementation of rollouts.
  • Support projects that build out methodology similar to IRAM
  • You will support IRAM roll out to CUSO and Americas entities
  • Provides guidance and domain expertise to program teams on testing methodologies and processes and educates them on their responsibilities/accountabilities for the purpose of achieving on time and quality work.
  • You support integration of IRAM to business processes
  • You will be able to make recommendations to management on improvements for report content and/or process and enhance existing reports with more meaningful metrics, and streamlining current business processes.
  • Maintain and update services and procedure documents for both the RTC Library and IRAM
  • You will generate/review and publish monthly critical metric reports with analysis.

Are you interested in this exciting role with the bank?


  • Bachelor's Degree or equivalent work experience required.
  • 5 + years' experience in Information Risk Management governance function is highly preferred; preferably experience handling regulator engagement and activities.
  • Bringing at least one security certification is helpful, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP).
  • Bring your knowledge of the financial services industry and applicable rule, laws and regulations.
  • Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business.
  • Understanding of respective industry standard methodologies (e.g., NIST, ISO, COBIT, OWASP, ITIL).
  • Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches.
  • Knowledge of current industry trends in information risk management.
  • You will be highly organized with strong MS Office skills
  • Collaborative with good interpersonal communication skills
  • Able to collaborate well with internal and external partners.
  • Able to implement and communicate related policies, procedures, and guidelines.
  • Able to be an authority on information risk management policies and standards.
  • Analytical thinking and problem solving mindset, able to work-through complex issues and work towards resolution
  • Able to be a leader across the organization, a valued partner, and authority for information risk management governance, policies, libraries, analytics & reporting, and issue management.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses

Back to top