Job Description

Company Description

Company Description

Experience something Brilliantly Different with a career at MUFG Investor Services.

Who are we? In a nutshell, MUFG Investor Services is part of the Mitsubishi UFJ Financial Group, and we partner with over 480 loyal global investment firms to provide them with administration, asset services, banking and fund financing.

We\'re in 14 global locations and provide an exceptional hub of Brilliantly Different talent to thrive.

#LI-Hybrid



The Role

Our philosophy is to evaluate complex business processes utilizing a risk-based approach, and to provide the greatest value to our internal clients. We strive to apply tailored and progressive audit procedures and to avoid standard check the box auditing.

This IT Cloud Auditor role will deliver a diverse array of information technology and information security audits that include in-depth analysis and understanding of supporting business processes. This position will have the opportunity to evaluate numerous technology platforms and apply process, technology and security risk considerations. Specifically, the role will have the opportunity to evaluate technology risks and controls within major cloud technology provider environments (Amazon AWS and Microsoft Azure) as the company continues cloud technology strategic initiatives.

You will be responsible for assisting with audits of cloud environments, information systems, and security tools to ensure adherence to applicable frameworks, laws, and regulations. Additionally, you will be supporting comprehensive assessments of the management, operational, and technical security controls deployed within MUFG IS\'s cloud environments to determine the overall effectiveness of the controls (i.e. the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements).

The candidate should have experience with a wide array of technology processes, such as infrastructure design and management, information security operations, service management, software development lifecycle, disaster recovery planning, etc. This role will be based in either Ireland or Ontario with an emphasis on Hybrid working. We have offices in both Dublin and Toronto and these would be considered your office.

Key Responsibilities

• Assist with documenting control objectives and procedures in areas such as cyber security, cloud security, cloud governance and compliance, DevOps, cloud data protection, cloud monitoring and incident response, enterprise security architecture, and technology risk management.
• Assist with assessing controls within multi-cloud environments and the ability to effectively communicate results to key stakeholders through written and verbal communication.
• Assist with assessment engagements that focus on review, design and / or implementation of Cloud infrastructure / platform / software security controls.
• Assist with identifying and communicating control gaps and process inefficiencies to key stakeholders.

Qualifications

Technical Requirements

• A minimum of 1-3 years of experience in any of the following areas: information technology audit, cloud security assessment and strategy, cloud compliance, security operations, or IT risk management.
• Experience implementing and / or assessing IT security controls required to meet security, compliance, and audit requirements.
• Knowledge of compliance frameworks and industry standards such as COBIT, ITIL, ISO27001, NIST 800-171, NIST 800-53, and SSAE18 (SOC 2).
• Familiarity and understanding of technology control applications in on-premise environments vs. increased automation of controls within cloud service provider (CSP) environments.
• Understanding of IT managed processes, including technology architecture, system build and provisioning, configuration management, performance monitoring, incident management, change management, user access management, disaster recovery, etc.
• Evaluate key information security risks including confidentiality, integrity and availability of technology components through review of security operational processes, such as vulnerability management, penetration testing, security logging and monitoring, security incident response, and defense in depth strategies.
• Evaluate root cause factors for audit testing exceptions and recommend practical solutions that reduce risk and strengthen business processes and controls.
• Ensure audit testing work papers are documented in a consistent and high-quality manner while executing project tasks in adherence to established timelines.
• Open to a certain level of international travel (5 to 10% of the year).
• CISA, CISM, CRISC, CISSP or other relevant certifications are preferred.

Knowledge, Skills and Responsibilities

Audit and/or hands-on IT experience in the following areas:

• Technology control application within cloud environments and usage of automated processes and cloud architectures such as CI / CD deployment pipelines, infrastructure-as-code, containerization, etc.
• Application security, including segregation of duties and least privileged access.
• Technology infrastructure security, including UNIX/LINUX, Windows, SQL Server, PostgreSQL and Oracle database.
• Systems development, project management and change management.
• IT infrastructure design, management and operations
• Business continuity and technology resiliency including high availability and disaster recovery architecture.
• Integration of business process controls with supporting technologies. Business process workflow documentation, including identification of key risks and the corresponding business and technology controls.
• Ability to work in a complex and evolving environment.
• Demonstrate strong project management and execution skills, including: prioritizing tasks, balancing workload, anticipating next steps, and adapting to change.
• Tailor audit approaches based on areas of key risks. Critically evaluate audit procedures to maximize the value of each audit.
• Strong communication and presentation skills with an ability to tailor communications to different audiences.
• Pursue work with enthusiasm, energy, drive and team collaboration.
• Establish and build effective relationships.
• Collaborate with management and senior leadership to improve internal controls and processes.
• Demonstrates ability to consider all team member\'s input prior to decision making.

Additional Information

What\'s in it for you to join MUFG Investor Services?

Take a look at our careers site and you\'ll find everything you\'d expect from a career with the fastest-growing business at one of the world\'s largest financial groups. Now take another look. Because it\'s how we defy expectations that really defines us. You\'ll feel that difference in all kinds of ways. Our vibrant CULTURE. Connected team. Love of innovation, laser client focus, and next-level LEARNING & DEVELOPMENT. Oh, and we really walk the talk when it comes to HYBRID WORKING.

So, why settle for the ordinary? Apply now for a Brilliantly Different career.

We thank all candidates for applying; however, only those proceeding to the interview stage will be contacted.

MUFG Investor Services