Assistant Vice President, IT Risk and Control

Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long‑term relationships, serving society, and fostering shared and sustainable growth for a better world. With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career. Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The IT Risk and Control department partners across Technology to strengthen risk culture, drive innovation, and deliver meaningful impact by ensuring operational risks are effectively identified, managed, and kept within appetite. The team is responsible for implementing and maintaining the firm’s risk and control framework, including risk and control self‑assessments (RCSA), key control testing, key risk indicators, governance and reporting, and oversight of internal and external audits.

MAIN PURPOSE OF THE ROLE

In this role, you will be embedded within the technology division, using your analytical and technical expertise to provide meaningful insights into the effectiveness of controls that manage technology and cybersecurity risks. You will operate in an environment focused on building a leading‑edge control assurance and testing capability, with strong support from technology leadership and the opportunity to work closely with senior decision‑makers to influence and strengthen technology controls.

Key Responsibilities

• Develop and execute best‑in‑class control testing methodologies and guidelines to evaluate the design and operating effectiveness of key cybersecurity and technology controls.
• Partner with stakeholders to assess control gaps, identify process improvements, and enhance overall control performance.
• Recommend solutions—spanning both technology and business outcomes—based on root cause analysis, cost–benefit evaluation, feasibility assessment, and research of industry good practices.
• Support delivery of initiatives across the IT Risk & Control strategic roadmap, ensuring our framework continues to mature and meets all material regulatory expectations.
• Contribute actively to monthly governance and reporting cycles, including materials presented to the IT Risk Management Committee.
• Apply industry frameworks, leading practices, and sector developments to strengthen the management of technology risk and controls.

Work Experience

• Experience in IT security and risk management, ideally within financial services or professional services environments.
• Background in IT controls assurance or audit.
• Experience producing high‑quality reporting for senior and executive stakeholders.
• Professional certifications such as CRISC, CISA, or equivalent qualifications are desirable.

Personal Requirements

• Excellent communication skills, with the ability to convey complex information clearly to diverse audiences.
• Strong analytical capability and the ability to identify key insights from data.
• Applies sound judgement, prioritises effectively, and demonstrates a commitment to continuous improvement.
• Shows optimism, resilience, adaptability, and openness to new perspectives.
• Makes effective use of technology to drive efficiency and deliver strong outcomes.
• Values learning and professional development as an ongoing commitment.
• Always acts with integrity and professionalism.
• Serves as a trusted advisor to stakeholders.

We are open to considering flexible working requests in line with organisational requirements. MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership. We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.