Principal Cybersecurity Architect

Job description

About Us:

MUFG Bank, Ltd.

is Japan’s premier bank, with a global network spanning in more than 40 markets.

Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments, and individuals worldwide.

MUFG Bank’s parent, Mitsubishi UFJ Financial Group, Inc.

(MUFG) is one of the world’s leading financial groups.

Headquartered in Tokyo and with over 360 years of history, the Group has about 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.

The Group aims to be the world’s most trusted financial group through close collaboration among our operating companies and flexibly respond to all the financial needs of our customers, serving society, and fostering shared and sustainable growth for a better world.

MUFG’s shares trade on the Tokyo, Nagoya, and New York stock exchanges.

MUFG Global Service Private Limited:

Established in 2020, MUFG Global Service Private Limited (MGS) is 100% subsidiary of MUFG having offices in Bengaluru and Mumbai.

MGS India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC/ AML, Credit, Operations etc.

to MUFG Bank offices globally.

MGS India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFG’s global network across Americas, EMEA and Asia Pacific.

About the Role:

Position Title: Cyber Architect Design SME

Corporate Title: AVP/ Manager

Location: Bengaluru

Job Profile

Position details:

To conduct controls testing of cybersecurity controls against industry security frameworks (e.G., SOX, ISO27001.

NIST Cybersecurity Improvement framework, FFIEC):In this role, you will be responsible for cybersecurity controls testing across MUFG’s banking and securities businesses under a dual-hat arrangement.

Under this arrangement, you will engage stakeholders and review documentation obtained from both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you.

Roles and Responsibilities:

Key responsibilities include, but not limited to:

• Interviewing business and technology stakeholders responsible for controls (technical and non-technical)
• Developing risk and controls matrices
• Assessing technical control design
• Developing a testing strategy for testing operating effectiveness of technical controls
• Identifying and reviewing the relevant evidence required to demonstrate the operating effectiveness
• Arriving at informed conclusions regarding gaps in control operating effectiveness
• Documentation of risks, gaps, findings and recommended actions
• Preparing accurate reports and using tools such as PowerPoint, Word, Excel, SharePoint, Open Pages
• Managing your time to ensure testing is completed in a timely manner

Direct Reports:

None

Job Requirements:

Functional / Technical Competencies:

Essential (Must Have)

• Working knowledge as security architect (or related experience)
• Experience of working as an IT auditor, security auditor or governance, risk and compliance analyst
• Good understanding of cybersecurity/IT control frameworks including but not limited to frameworks from SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, and PCI-DS
• Proven understanding of current best practice approach to security assurance and the application of security frameworks
• Experience in project management
• Planning and prioritizing multiple project work streams in response to rapidly developing and changing portfolios.
• Experience of security risk management
• Broad knowledge of computer, networking and IT security systems including operating systems, databases, firewalls, SIEM, DLP etc
• Ability to handle ambiguity and make decisions and recommendations with limited data
• Solid analytical/problem-solving skills with capability to identify solutions to unusual and complex problems
• Good presentation, documentation and reporting skills

Work Experience:

Essential:

• Experience in managing multiple tasks with broad scope, ambiguity, and high degree of difficulty
• Experience in providing assurance for cybersecurity technologies, policies, standards and procedures
• Demonstrable proficiency in a wide range of information IT security domains such as Security Governance, Identity and Access Management, Access Controls, Threat Intelligence, Asset Management, Risk
• Management, Security Assessment/Testing, Security Incident Management and Vulnerability and Patch Management
• Possessing high level of analytical ability where problems are typically unusual and difficult
• Ability to maintain a working knowledge of cybersecurity principles and elements
• Understand global IT risk management structure
• Exposure Cloud Architecture Designing, Configuration or Review of Security Control that would be relevant
• Demonstrable experience of senior stakeholder management and relevant management reporting.
• Ability to coach team members through knowledge transfer and constructive feedback

Education / Qualifications:

Essential:

• Degree educated and / or equivalent experience.

Personal Requirements:

• You are a leader and an expert in delivery of cyber frameworks and associated key solutions
• A demonstrable passion for cybersecurity
• Excellent communication/leadership/interpersonal skills;
  results driven and withstrong sense of accountability
• You are experienced in engaging and persuading teams to accept and participate in best-in-class security controls
• Data driven, ability to analyze data needed to effectively measure progress against the execution of objectives
• You successfully convey technical information in an understandable way that generates results
• A troubleshooter who proactively removes roadblocks and pursues solutions to problems that stand in the way
• You value and develop trusted relationships at every operational level
• The ability to operate with urgency and priorities work accordingly
• Strong decision making skills, the ability to demonstrate sound judgement
• A structured and logical approach to work;
  Strong problem solving skills
• A creative and innovative approach to work
• Excellent presentation skills and excellent attention to detail and accuracy
• The ability to manage large workloads and tight deadlines
• A calm approach, with the ability to perform well in a pressurized environment

Required Skill Profession

Computer Occupations