It Governance Risk And Compliance

About MUFG Global Service MGS MUFG Bank Ltd is Japan s premier bank with a global network spanning in more than 40 markets Outside of Japan the bank offers an extensive scope of commercial and investment banking products and services to businesses governments and individuals worldwide MUFG Bank s parent Mitsubishi UFJ Financial Group Inc MUFG is one of the world s leading financial groups Headquartered in Tokyo and with over 360 years of history the Group has about 120 000 employees and offers services including commercial banking trust banking securities credit cards consumer finance asset management and leasing The Group aims to be the world s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers serving society and fostering shared and sustainable growth for a better world MUFG s shares trade on the Tokyo Nagoya and New York stock exchanges For more informat About Us MUFG Bank Ltd is Japans premier bank with a global network spanning in more than 40 markets Outside of Japan the bank offers an extensive scope of commercial and investment banking products and services to businesses governments and individuals worldwide MUFG Banks parent Mitsubishi UFJ Financial Group Inc MUFG is one of the worlds leading financial groups Headquartered in Tokyo and with over 360 years of history the Group has about 120 000 employees and offers services including commercial banking trust banking securities credit cards consumer finance asset management and leasing The Group aims to be the worlds most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers serving society and fostering shared and sustainable growth for a better world MUFGs shares trade on the Tokyo Nagoya and New York stock exchanges MUFG Global Service Private Limited Established in 2020 MUFG Global Service Private Limited MGS is 100 subsidiary of MUFG having offices in Bengaluru and Mumbai MGS India has been set up as a Global Capability Centre Centre of Excellence to provide support services across various functions such as IT KYC AML Credit Operations etc to MUFG Bank offices globally MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFGs global network across Americas EMEA and Asia Pacific Position Title AVP IT Governance Risk and Compliance Corporate Title Assistant Vice President Location MUFG Global Services Pvt Ltd Bhartiya Centre for Information Technology Thani Sandra Main Road Bengaluru Karnataka Shift Timing 9 AM -5 PM IST Need to be flexible Hybrid Mode 2-3 Days WFO in a week Job Profile Position details IRMD is a regional first line of defense function supporting MUFG Banks branches in Asia Pacific region This role is a team member and is a subject matter expert in the principles processes and technical aspects of domains related to IT Governance Risk and Compliance IT GRC and is responsible for establishing and maintaining first line governance and oversight on the management of IT risks within the Bank Roles and Responsibilities IT Governance Support the development review and reporting of key IT risk exposures and metrics e g KRIs KCIs and KPIs and provide independent reporting on the IT risk posture or activities to the management team and stakeholders e g second line of defense Support the development review and maintenance of regional IT risk management framework standards and procedures to ensure that they are relevant up to date and aligned with Head Office and regulatory standards Support the roll out and provide guidance to the regional IT teams and branches on global and regional IT risk management methodologies ISO NIST CSF COBIT COSO SOX SOC etc and tools to enable them to manage their IT risks in a standardized and systematic manner IT Risk Audit Conduct IT risk assessments identify and assess IT risks evaluate countermeasures and recommend effective controls to mitigate IT risks Monitor IT risks map risk profiles and manage the IT risk register as well as enhance Key Risk Indicators for reporting to the second line of defense and risk management committees Manage audit end to end collaboration with all relevant parties including Head Office regulators internal external auditors and subject matter experts Assist with the management and coordination of audits regulatory responses and assessments focusing on a broad scope of technology and information security topics This includes understanding International Auditing Standards as well as understanding processes for documenting self-assessment evidence and records retention practices IT Compliance Execute manage improve and implement processes to comply with IT regulatory and corporate requirements Conduct manage and drive IT Compliance assessments and reviews on IT regulatory and corporate requirements at the regional level Ensure gaps are addressed via remediation plans that adhere to open issues management requirements including timely issue and corrective action plan submission accurate root cause identification corrective action monitoring on time closure and no failed validations Risk and Control Self-Assessment Design facilitate and oversee RCSA activities ensuring comprehensive identification documentation and assessment of key technology controls Ensure RCSA outcomes are integrated into the broader risk management framework and used to inform control testing priorities Third Party Management for Inter-Affiliates Support the implementation of the Third-Party Risk Management TPRM framework for the region Provide oversight to ASO and Branches IT Risk and Control assessment Ensure compliance with regulatory requirements General Work in partnership with the Head Office various branches and departments to support the implementation of global regional and local projects Provide advisory for technology compliance and risk management activities Develop and maintain strong stakeholder management with all key stakeholders Job Requirements At least bachelor s in computing or similar fields Experienced team player with the ability to work independently to organize manage and complete projects within tight deadlines Good understanding of IT Governance Risk and Compliance principles IT controls in all disciplines of technology domains as well as Cyber Security related risks Good working knowledge of relevant IT-related laws and regulations of the Asian Pacific region understanding of industry trends knowledge on technology like Cloud Cryptography and IT security products etc Strong experience in Risk Control Self-Assessment Experience managing a first- second- or third-line function responsible for technology and information security related risks and controls Good interpersonal skills to effectively work in partnership with colleagues globally Excellent written and verbal communication skills strong attention to detail Analytical skills with the ability to provide practical solutions for effective risk management Self-driven and independent able to work well cross-functionally to think rigorously and make hard decisions and trade-offs when required Good knowledge of people and project management and infrastructure operations Willing to take on new tasks and initiatives to contribute towards continuous improvement Preferably possesses Certified in Risk and Information Systems Controls CRISC Certified Information Systems Auditor CISA Certified Information Systems Manager CISM etc certification Minimum 5 years of relevant experience