Head Office. Facilitate the EUC Controls attestation process, including tracking submissions and supporting sample testing of Business Critical EUCs. Contribute to cyber security assurance activities, including assessments related to FFIEC, SWIFT CSP, REP18, CRI Profile, and other regulatory or internal frameworks. Ensure quality and consistency in audit and risk-related deliverables, particularly when preparing responses or data for external stakeholders. … Assist in the execution of the EUC Controls annual attestation and Business Critical EUC sample testing, including evidence collection and stakeholder follow-up. Support regular assessment initiatives related to FFIEC, SWIFT, REP18, CRI Profile, and other cyber security assurance activities, including scheduling, documentation, and stakeholder coordination. Coordinate and support the ISSP Systems Risk Evaluation process, ensuring alignment with MUFG Bank More ❯
PowerShell, Python, SQL, UiPath) to support access attestation, SoD analysis, and exception tracking. Partner with Internal Audit, Compliance, and external regulators to ensure the enterprise meets requirements for SOX, FFIEC, and other control frameworks. Serve as a subject matter expert in access governance, providing oversight on RBAC modeling, policy enforcement, and toxic access combinations. Collaborate with application owners, technology stakeholders … CyberArk and Centrify. Familiarity with data visualization tools such as Power BI, Tableau, or Splunk. Experience working in a regulated financial services environment, with a strong understanding of SOX, FFIEC, and other access-related compliance requirements is a big plus Bachelor's degree in Information Security, Computer Science, or related field or similar professional experience. Please email your resume or More ❯
Onsite Requirements: 3+ years of Cyber Risk 3+ years of RCSA Job Description: Risk Control Self-Assessment Second Line of Defense Execution - Cyber Security Domain Responsibilities: NIST Cybersecurity Framework & FFIEC Information Security Handbook Alignment Program Objective - Execution of comprehensive Risk Control Self-Assessment (RCSA) programs that align organizational cybersecurity controls with NIST Cybersecurity Framework (CSF) requirements and FFIEC Information Security … Handbook guidelines, ensuring regulatory compliance and effective risk mitigation across financial services environments. Challenge and Enhance Framework Integration to NIST CSF and FFIEC Information Security Handbook Challenge and Support Enhancements to Control Framework development Control Design Documentation Remediation Planning: Develop actionable plans for control enhancement and gap closure Stakeholder Engagement & Communication Risk and Governance Reporting: Develop risk reporting and governance … Regulatory Change Management: Monitor and implement emerging regulatory requirements Documentation Standards: Maintain comprehensive audit trails and evidence repositories Expected Deliverables Comprehensive RCSA methodology documentation aligned with NIST CSF and FFIEC requirements Risk and control matrices with clear ownership and accountability structures Control testing procedures and validation frameworks Gap remediation roadmaps with prioritized implementation timelines Training materials and knowledge transfer documentation More ❯
