Vice President, Audit Issue Validation Manager in London

As part of the EMEA Technology (TEC) function, the Risk & Control pillar partners with the business to ensure technology risks are identified, managed and reported effectively, and that controls are designed and operating to protect our clients, services and data.

Main Purpose of the Role

Lead the end-to-end validation of audit and self-identified issue closures across EMEA TEC. The role ensures that remediation is complete, effective and sustainable, and that closure evidence meets Internal Audit (IA), 2LOD and regulatory standards. The post holder will operate as the independent quality gate for issue closure, providing challenge, coaching and independent review of action plans, artefacts and control performance. The role requires active ongoing engagement with engineering teams and internal audit teams through the issue lifecycle to ensure work is on track, meeting expectations and positioned to successfully mitigate risk.

Key Responsibilities

• Own the independent validation process for technology audit and risk issues, confirming remediation is complete, risks are mitigated and residual risk is acceptable.
• Define and maintain issue validation standards, templates and evidence checklists aligned to IA methodology, 2LOD requirements and relevant regulations (e.g., DORA, SOX).
• Perform detailed evidence reviews (design and operating effectiveness) including sampling, re-performance and walkthroughs; document outcomes in clear working papers.
• Partner with control owners to agree closure criteria up-front; provide challenge to action plans to ensure root causes are addressed and controls are embedded sustainably.
• Track remediation progress on key issues and identify risks to effective closure.
• Support and QA transparent closure packs for IA review.
• Support regulatory interactions and external audits by providing high-quality validation artefacts and concise status reporting.
• Champion a strong risk & control culture across TEC; coach product and engineering teams on effective remediation and durable control design.

Work Experience (Essential)

Risk Management / Internal Audit / External Audit within a highly regulated international organisation; Technology Risk Management, Cyber Security, SOX and other regulations. Preferred: Banking / Finance experience highly preferred.

Skills and Experience

• Deep understanding of IT general controls and application controls, and familiarity with frameworks such as COBIT, NIST, CRI and ISO 27001.
• Demonstrable experience in 1LOD technology risk & controls, Internal Audit, or 2LOD oversight within financial services.
• Hands-on experience within Internal and/or External Audit would be highly beneficial.
• Strong knowledge of regulatory requirements relevant to technology (e.g., DORA, SOX 404, EBA/ECB ICT expectations) and audit standards.
• Hands-on experience validating remediation and control effectiveness, including sampling methods, evidence sufficiency and documentation standards.
• Excellent communication and influencing skills with the confidence to challenge senior stakeholders constructively.
• Superior written skills with the ability to craft concise closure rationales and audit-ready documentation.

Personal Requirements

• Self-motivated, organised and delivery focused; able to manage multiple high-severity issues to tight deadlines.
• Analytical and objective with meticulous attention to detail; applies sound judgement under pressure.
• Data-literate, curious and comfortable learning new tools and technologies for evidence gathering and analysis.
• Collaborative and inclusive; builds strong partnerships with technology, risk and audit teams.
• Strategic thinker who can distil complex technical topics for non-technical audiences.

We are open to considering flexible working requests in line with organisational requirements.

EEO Statement

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership. We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law. At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!