Network Security & Risk Manager (Risk Testing or Control Testing)

Job Requirements:

• Proven success in overseeing all elements of the risk and controls in similar financial institutions.
• Exceptional writing and editing skills, combined with strong presentation and public speaking skills.
• Good verbal and written communication and able to manage key stakeholders i.e. project team, security, compliance and IT operations.
• Analytical mindset with the ability to identify subtleties and patterns in complex data sets and provide practical solutions for effective risk management.
• Collaborative team player who can also work independently and make critical decisions.
• Highly organized and detail-oriented, with the ability to juggle multiple priorities simultaneously.
• Resilient and adaptive to a fast-paced, evolving environment.
• Experienced team player with the ability to work independently to organise, manage and complete projects within tight deadline.
• Good understanding of IT Governance, Risk and Compliance principles, IT controls in all disciplines of technology domains, as well as Cyber Security related risks.
• Good working knowledge of relevant IT-related laws and regulations of the Asian Pacific region, understanding of industry trends, knowledge on technology like Cloud, Cryptography and IT security products etc..
• Experience managing a first-, second-, or third-line function responsible for technology and information security related risks and controls.
• Good interpersonal skills to effectively work in partnership with colleagues globally.
• Self-driven and independent, able to work well cross-functionally, to think rigorously and make hard decisions and trade-offs when required.
• Good knowledge of people and project management and infrastructure operations
• Willing to take on new tasks and initiatives to contribute towards continuous improvement.
• Preferably Certified in Risk and Information System Controls (CRISC), or Certified Information Systems Auditor (CISA) or Certified Information Systems Manager (CISM).

Skills:

• Preferred Bachelors degree in information technology, Finance, or a related field. Masters degree or certifications in Risk Management are a plus.
• Demonstrable in-depth knowledge in cloud-based network solutions.
• Technical certifications like in prime vendor (AWS or MS Azure) solutions and cloud-based products. Excellent people/influencing skill
• Excellent analytical and troubleshooting skills
• Good verbal and written communication and able to manage key stakeholders i.e. project team, security, compliance and IT operations.
• Experience on Network Security across a variety of enterprise systems and applications.
• Experience with deployment of Network Security / perimeter security controls/solutions for enterprise.
• Experience with firewall administration, intrusion detection/prevention systems, VPNs, DDOS, WAF, NAC, Proxies and secure access controls

Qualifications:

• Minimum 8 to 14 years of experience in risk management, within a banking or financial services environment.
• Experience on Network Security across a variety of enterprise systems and applications.
• Experience with deployment of Network Security / perimeter security controls/solutions for enterprise.
• Experience with firewall administration, intrusion detection/prevention systems, VPNs, DDOS, WAF, NAC, Proxies and secure access controls
• Experience in project and portfolio management.
• Experience in modern banking technologies and the associated risks.
• Exceptional communication skills, both written and verbal.
• PMP, ITIL, Cloud (AWS/Azure), etc certification is added advantage.
• Regional exposure to other regulators is a definite plus.
• Experience in quality Assurance Testing and Controls Models (e.g., COBIT, COSO.)
• Experience in managing a team.
• Experience in IT Standards, Procedures, Policies and SDLC

Equal Opportunity Employer: The MUFG Group is committed to providing equal employment opportunities to all applicants and employees and does not discriminate on the basis of race, colour, national origin, physical appearance, religion, gender expression, gender identity, sex, age, ancestry, marital status, disability, medical condition, sexual orientation, genetic information, or any other protected status of an individual or that individual's associates or relatives, or any other classification protected by the applicable laws.