Access Management & Cyber Engineer

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

Overview Of The Department/Section

Technology EMEA currently consists of the following departments:

• EMEA Markets Engineering
• Corporate Investment & Transaction Banking Technology
• Middle & Back Office Technology
• Planning, Reporting, Administration & Head Office Liaison
• Service Management
• Infrastructure Architecture, Middleware, Data Management & Enterprise Services
• IT Risk, Security & Control (RSC)
• Delivery for EMEA Branches
• Technology Innovation Management

The Access Management, Policy & Reporting team sits within the IT Risk, Security & Control Department. The team is responsible for the following:

• Provision of access for IT systems across MUFG Bank & EMEA Offices and MUFG Securities EMEA
• Identity Access management process including Joiner, Mover, Leaver of identities and access reviews.
• Folder access management.
• Management and maintenance of all Technology core documentation (Bank and Securities Policies, Technical Standards, Procedures and Processes).
• Submitting data to the Quarterly Business Review (QBR) Global Leads for selected regions and producing IT reports for senior management and the Board.

The Team reports directly to the Head of IT Risk, Security & Control.

Main Purpose of the Role:

In this role, you will be responsible for enforcing company policies and procedures related to identity and access management across MUFG’s banking arm and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you.

The candidate should have a good understanding of governance structures within the financial technology sector as well as knowledge of the key technical frameworks and audit requirements. In addition, the candidate is expected to have demonstrable communication and team-working skills. The candidate should also be willing to provide ad-hoc support to the wider RSC teams.

Key Responsibilities:

• Provide engineering support for Privileged Access Management (CyberArk) and Identity Access Management (RSA IGL) application.
• Create and mature access reviews in the Identity Access Management application.
• Represent the team in meetings to gather business requirements and lead on solutions as required.
• Develop and mature folder access process.
• Mature and implement privileged access controls.
• Investigate and close raised incidents assigned to the team.
• Manage queries relating to application operations including password and access issues.
• Follow up with required approvers/stakeholders for approvals or clarifications through phone, email or tickets.
• Contribute to the Knowledge Management Database.
• Record events and problems and their resolution in knowledge base/SOP.
• Read and review the standard operating procedures and required training materials.
• Create additional documentation, as needed to support processes.
• Identify and suggest possible improvements on procedures.
• Engage in knowledge transfer sessions for any newly onboarded application that comes under the scope of user access management.
• Follow-up and update relevant trackers and systems.
• Define and communicate access role ownership accountabilities for business applications.
• Identify vulnerabilities and gaps in identity access management operations and privileged access management operation process.
• Create KPIs for BAU processes.
• Experience with active directory management of accounts and groups.
• Experience in enforcing ‘least privilege’ methodology for all access provisioning.
• Ability to create reports with custom SQL queries.
• Investigate workflow errors including API issues with ServiceNow.

Essential Qualifications & Experience:

• Minimum Overall experience of 3-4 years in Access Management area.
• Practical experience of CyberArk and RSA IGL or other applications.
• Experience using SQL/PSQ and Oracle.
• Practical experience with web services protocols REST/SOAP.
• Practical experience with JAVA/JSP.
• Practical experience with web development basics like HTML, CSS, JS.
• Maintain and upgrade Linux/Windows servers and databases SQL/Oracle.
• Excellent attention to detail and accuracy.
• Excellent communication skills, both written and spoken (Proficiency in English).
• Excellent interpersonal skills.
• The ability to multitask, manage large workloads and tight deadlines.
• A proactive, motivated approach.
• The ability to operate with urgency and prioritise work accordingly.
• Strong decision-making skills, the ability to demonstrate sound judgement.
• Incident management/resolution processes.
• Good to excellent understanding of computer systems and other tech products.
• Good to excellent practical experience of Microsoft Office (Inc Visio).
• Knowledge and experience of scripting in PowerShell.
• Knowledge of IAM tool preferably RSA IGL.
• Results driven, with a strong sense of accountability.
• Process driven.
• A calm approach, with the ability to perform well in a pressurised environment.
• Experience working in IAM team.
• Participate in IAM audit and review access control reports to identify potential risks.
• Business facing experience.

Desirable:

• Knowledge of Technical/Cyber Security risk frameworks (e.g. ISO27001, NIST, FFIEC).
• Experience of documenting IAM processes and procedures.
• Flexibility in working in a 24/7 shift model.
• Risk Management processes.
• Incident management.
• Splunk experience.
• ServiceNow experience.
• Technical graduate.

We are open to considering flexible working requests in line with organisational requirements.

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.

We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.