Vice President, Privileged Access Management Lead

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with approximately 350 years of history, MUFG is a global network with around 2,300 offices in over 50 countries including the Americas, Europe, the Middle East and Africa, Asia and Oceania, and East Asia The group has over 150,000 employees, offering services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing.As one of the top financial groups globally with a vison to be the world's most trusted, we want to attract, nurture and retain the most talented individuals in the market. The size and range of MUFG's global business creates opportunities for our employees to stretch themselves and reap the rewards, whilst our common values, to behave with integrity and responsibility, and to build a culture which is fair, transparent, and honest, underpin everything that we do.We aim to be the financial partner of choice for our clients, whatever their requirements, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.MUFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: MTU) stock exchanges. The group's operating companies include, but are not limited to, Bank of Tokyo-Mitsubishi UFJ, Mitsubishi UFJ Trust and Banking (Japan's leading trust bank), Mitsubishi UFJ Securities Holdings (one of Japan's largest securities firms), and MUFG Americas Holdings.Please visit our website for more information - Security department covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting Head Office Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department supports and monitors security solutions such as virus protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk.Main Purpose of the Role :We are seeking a highly skilled Privileged Access Management (PAM) Lead with deep expertise in CyberArk to drive the strategy, implementation, and continuous improvement of our enterprise PAM program. The ideal candidate will possess strong technical leadership, hands-on engineering experience, and the ability to collaborate across security, infrastructure, and application teams to secure privileged accounts and reduce organizational risk.Key Responsibilities:In this role, you will be responsible for PAM operational management across MUFG's banking arm and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you. Key responsibilities include but, but not limited to:Key Responsibilities PAM Strategy & Leadership Lead the design, development, and execution of the organization's Privileged Access Management program. Define PAM roadmap, policies, standards, and best practices aligned with security frameworks (NIST, ISO 27001, CIS). Act as the CyberArk subject matter expert and primary technical authority. CyberArk Engineering & Administration Architect, deploy, and manage CyberArk components, including: + PVault, CPM, PSM, PVWA, AIM/CCP, Conjur, PTA Onboard and manage privileged accounts, safes, platforms, and custom connectors. Implement credential rotation, session management, secrets management, and least-privilege access controls. Maintain CyberArk integrations with AD, SIEM, ticketing systems, DevOps pipelines, cloud platforms, and applications. Security Operations & Governance Enforce privileged access controls and monitor compliance with internal and regulatory requirements. Develop runbooks, operational procedures, and documentation for PAM processes. Analyse session recordings, logs, and alerts to identify suspicious privileged activity. Lead audits, risk assessments, and remediation activities related to privileged access. Collaboration & Stakeholder Management Partner with security teams, infrastructure, developers, and business units to onboard applications and automate PAM controls. Provide technical guidance, mentorship, and training to junior team members. Manage vendor relationships and coordinate upgrades, patches, and support activities. Continuous Improvement Identify opportunities to enhance security posture through automation, policy refinement, and new PAM capabilities. Stay updated on PAM trends, CyberArk enhancements, and industry threats.Skills and Experience: Functional / Technical Competencies: Essential Minimum 8+ years of CyberArk experience and good knowledge on other PAM tools. Strong communication skills Strong understanding of: + Privileged account security principles, zero trust, and least privilege. + Windows & Linux authentication, AD/LDAP, networking basics. + Scripting (PowerShell, Python, APIs) for automation. + CyberArk Components like CPM/PSM/PVWA/Vault, CPM Plugin and PSM Connector Development. Proficient within many LDAP directory style platforms Basic understanding of Windows Server Administration Experience in Metrics tools like PowerBI, Tableau etc.(good to have) Good knowledge in PowerShell scripting.(good to have) Basic Unix administration knowledge CyberArk certification or Security related certification. Excellent troubleshooting and problem-solving skills Detailed knowledge of the Access Control and Privileged Access Management domains, including the Tools, Techniques and Procedures used. Extensive knowledge in CyberArk PAM capabilities protecting Hybrid Environments (On-Prem, AWS, Azure) Clear understanding of Operating systems, Database concepts and others potential targets or endpoints for a typical PAM Solution. Experience in defining PAM processes and role definition with knowledge of native access control mechanisms. Understanding of access control mechanism for Operating systems and Databases and other potential target devices. An aptitude and interest for future innovations & technologies as well a willingness to continually learn and nurture those around you Knowledge of compliance frameworks: SOX, HIPAA, PCI-DSS, NIST, CIS. Work Experience: Essential: Experience in working on deliverables with broad scope, ambiguity, and high degree of difficulty Experience in technology projects such as implementation of Cyber infrastructure replacement etc. Demonstrable proficiency in a wide range of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Incident Management Posessing high level of analytical ability where problems are typically unusual and difficult Ability to maintain a working knowledge of cybersecurity principles and elements Understand global program structure, launch plan and timing, and global program ownership