Systems Office for Asia (ASO) – IT Risk Management Department (IRMD)
This is an individual contributor role under the IT Governance, Risk and Compliance team within the IT Risk Management Department, and is a regional function supporting branches in Asia.
As part of the 1st Line of Defence, the role is responsible for uplifting the IT Governance posture and strengthening the robustness of IT controls by performing due diligence assessments on IT domains in accordance to the organisation’s corporate policies, standards and procedures, as well as local regulatory IT requirements. The role is responsible for developing the IT Assurance Framework, Programme and Plans, as well as performing the assessment.
IT Assurance Framework Development
- Develop the IT Assurance framework, which should include areas such as planning the assurance programme and schedules, executing the assessments, monitoring and tracking, reporting and reviewing the plan.
IT Assurance Programme Development
- Develop the strategy, programme and plans for executing the assessment for the Asian Region.
- Develop the assessment work plans (i.e. topics, scope, control objectives, steps, sample size and request for information package/assistance etc..)
- Establish the assessment and reporting templates.
- Plan and execute the communications to the stakeholders.
IT Assurance Plan Implementation
- Conduct the assessment onsite / offsite according to approved plans and report assessment progress.
- Analyse results of assessments, put forth recommendations for improvement areas.
- Review remediation plans and timeline.
- Monitor the completion of the remediation actions.
- IT-related degree, min.6-8 years of relevant experience in IT Audit, Assurance or Due Diligence would be preferred.
- Able to travel overseas.
- Good interpersonal skills to deal effectively with others.
- Good understanding of IT controls in all disciplines of technology domains.
- Good time management, self-driven and independent, with good attention to detail and quality.
- Develop and maintain strong stakeholder management with key stakeholders both within MUFG and externally. Good communication skills to effectively work in partnership with colleagues globally within MUFG.
- Maintain good working knowledge of relevant laws and regulations, industry trends, and IT security products.
- Certified with CISA or CISSP would be an advantage.
We regret to inform that only shortlisted applicants will be notified.