IT Audit Lead

About Us:

MUFG Bank, Ltd. is Japan’s premier bank, with a global network spanning in more than 40 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide. MUFG Bank’s parent, Mitsubishi UFJ Financial Group, Inc. (MUFG) is one of the world’s leading financial groups. Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. The Group aims to be the world’s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world. MUFG’s shares trade on the Tokyo, Nagoya, and New York stock exchanges.

MUFG Global Service Private Limited:

Established in 2020, MUFG Global Service Private Limited (MGS) is 100% subsidiary of MUFG having offices in Bengaluru and Mumbai. MGS India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC/ AML, Credit, Operations etc. to MUFG Bank offices globally. MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFG’s global network across Americas, EMEA and Asia Pacific.

About the Role:

Position Title:

Corporate Title: Associate / Assistant Vice President, Internal Audit

Location: MGS - Bengaluru

Job Profile:

Position details / Job summary:

The AVP role within the Internal Audit function is responsible for executing independent, objective assurance and consulting activities designed to assess and evaluate the effectiveness of the Bank’s governance, risk management and control processes. It reports to either a VP, Audit Lead or a Director, Sr. Audit Lead. This role includes, but is not limited to, execution of end-to-end audit processes (e.G. planning, fieldwork testing, reporting, issues validation, etc.) and independently owning audit administration activities and project deliverables across the organization.

Roles and Responsibilities:

• Maintain compliance with audit methodology, while also operating within industry best practices, applicable regulations, and internal and external professional practice expectations.
• Act as a leader and role model and continuously improve self and department.
• Build relationships with peers and clients within the organization and exhibit a high standard of performance and professional conduct that will create a culture of integrity and inclusion, where all individual and departmental choices are rooted in good judgment and support MUFG's Principal of Ethics and Conduct.
• Operate with an innovative and flexible mindset by continuously identifying ways to enhance consistency, efficiency, quality and/or value.
• Demonstrate professional skepticism and personal accountability.
• Lead walkthrough meetings and interviews with business stakeholders to develop an understanding of business processes.
• Lead formal discussions with business stakeholders throughout the duration of audit engagements to communicate status or concerns.
• Identify potential risks and controls and assist in developing scope and work programs.
• Evaluate design and operational effectiveness of internal controls and identify control weaknesses.
• Generate insightful, meaningful observations that effectively convey significance and impact on risk and/or risk management practices, reporting findings and audit issues to Audit Management.
• Prepare workpapers and audit reports with documented results that adhere to methodology, applicable standards and regulatory requirements, using appropriate business and technical language.
• Document workpapers demonstrating the work was appropriately performed (e.G., detailed lead sheets describing the control attributes that were tested, and the results were documented in a manner to support the conclusions reached, effectiveness and sustainable controls are evident in documentation). Documentation should stand alone to enable re-performance.
• Identify control weaknesses and escalate and discuss findings with Audit Management and business stakeholders as appropriate.
• Complete work on a timely basis and deliver work products that meet objectives and standards of methodology, applicable standards and regulatory requirements.

Education, Licensure, Year of Experience (and type of work experience):

• A bachelor’s degree, preferably in Computer Science, Information Systems, Engineering or related business discipline at an accredited college or university.
• Relevant certifications, such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) preferred.

Skills and Experience:

• Minimum of 5 years and/or equivalent of experience of internal audit and/or equivalent of experience with the financial services industry, related markets, and related regulatory agencies.
• Experience preferred in IT audit.
• Working Knowledge in one or more of the following area:
• IP networks infrastructure (network topology, switches, routers, firewalls, intrusion detection / prevention)
• Windows Active Directory, Azure and LDAP (policies, structure, elements)
• Databases (SQL, Oracle, DB2, monitoring tools)
• Mobile and DLP technologies (Data Leakage Prevention, BYOD security)
• Cloud Computing
• Standards / Frameworks (e.G., CoBIT 5, ITIL, NIST series 800 guidance, FFIEC)
• Exhibits effective communication (both verbal and written), negotiation and presentation skills;
  strong interpersonal skills;
  and ability to engage with all levels of internal audit and business line management.
• Strong analytical and problem-solving skills.
• Employs critical thinking skills to identify pragmatic recommendations within an evolving and increasingly complex regulatory and risk management environment.
• Proficiency in technology as required for assigned areas (MS Office, audit data analytics, etc.).