MUFG Investor Services
Financial Services
TechnologyRisk&ResilienceManager(SecondLine)
Neural analysis suggests this role is
optimal for mid candidates.
“Technology Risk & Resilience Manager (Second Line) at MUFG Investor Services. Skills: Technology Risk, Risk Oversight, Operational Resilience, Information Security. Provide independent second line oversight. Provide credible challenge of Technology Risk”
Industry & Context.
Root cause analysis; Impact analysis; Risk assessment; Control assessment
What They're Looking For.
Must Have
Post-secondary degree in technology, business or related discipline, CRISC qualification, CISSP qualification, CISM qualification, NIST CSF fluency, ISO 27001 / 27002 fluency, COBIT fluency, 10+ years experience in second line risk oversight, Experience in IT Architecture governance, Experience in Application development governance, Experience in EUC development and deployment governance, Knowledge of technology risk concepts, Knowledge of information security risk, Knowledge of third-party technology risk, Knowledge of operational resilience principles, Knowledge of corporate insurance, Experience with DORA, Experience with operational resilience, Experience with regulated financial services, Experience in multi-entity regulatory environments, Experience in cross-jurisdictional regulatory environments, Written communication skills, Verbal communication skills
Nice to Have
Professional qualification in risk or related discipline, Advanced proficiency in Microsoft Excel, Experience onboarding new systems / technology, Proficiency in Power BI, Proficiency in Tableau, Proficiency in Power Apps, Experience with Excel for workflow automation, Experience with SharePoint for workflow automation, Experience with Microsoft 365 for workflow automation
What You'll Do.
Provide independent second line oversight
Provide credible challenge of Technology Risk
Ensure effective integration of technology risk
and provide assurance over technology risks
Define and embed Technology Risk within Operational Risk
Ensure clear delineation of 1LOD vs 2LOD accountability
Provide independent 2LOD oversight of Technology Risk Management
Assess alignment with first-line control frameworks
Ensure coherence with second line Operational Risk and
Support maturation of service-based view of technology risk
Challenge 1LOD mapping of applications
infrastructure and third-party
Review and challenge first line identification and assessment
and consistency of Technology Risk
and consistency of control inventories
and consistency of incident remediation
and consistency of impact analysis
Provide credible 2LOD challenge on risk assessments
Provide credible 2LOD challenge on residual risk conclusions
Support integration of technology risk into Operational Risk
Map technology dependencies to important business services
Assess ICT/technology-related incidents and materiality thresholds
Align on incident classification and escalation decisions
Provide second line review and challenge of technology
Contribute and support with resilience testing
Contribute and support with scenario analysis
Provide 2LOD oversight of technology-related third-party risks
Ensure appropriate risk identification for externally procured applications
Ensure appropriate risk identification for externally procured infrastructure
Ensure alignment between Technology Risk and Third-Party Risk
Review dependency and concentration risk associated with critical
Provide oversight and challenge of technology-related change activities
Oversee IT BAU change
Oversee technology elements of business change
Oversee changes impacting critical services
Oversee changes impacting client-facing platforms
Conduct thematic reviews of incidents
Conduct thematic reviews of audit findings
Conduct thematic reviews of control weaknesses
Assess systemic risk or control gaps
Draft committee papers
Peer review committee papers
Support delivery of periodic reporting to management
Support delivery of periodic reporting to governance forums
Deliver annual requirement to report and present second
Contribute risk reporting on technology risk themes
Translate technical risk information into business-relevant risk insights
Support Head of Risk in setting technology-related risk
Support Head of Risk in monitoring technology-related risk
Support Head of Risk in challenging technology-related risk
Partner with senior first line leaders
Partner with control functions
Oversee development of technology risk reporting
Support development of technology risk reporting
How You'll Work.
Team & Collaboration
Senior first line leaders; Control functions; Parent company structure; Cross-collaboration within Risk; Enterprise Risk; Data Risk; Operational Risk; Resilience Risk
Communication Scope
Translate technical risk; Business-relevant insights; Senior management reporting; Governance forums reporting
Full Job Description
MUFG Investor Services is a trusted partner to many of the world’s largest public and private funds, providing asset servicing and operational solutions built for alternatives. With over $1 trillion in client assets under administration, we offer fund administration, banking, payments, fund financing, foreign exchange overlay, corporate and regulatory services, custody, business consulting, and more. Operating from 17 locations worldwide, we help clients mitigate risk, enhance efficiency, and navigate the operational complexities of today’s investment management landscape. As a division of Mitsubishi UFJ Financial Group (MUFG), one of the world’s largest financial institutions with approximately $3 trillion in assets, we combine deep expertise with the strength and stability of a leading financial institution. To learn more, visit us at [www.mufg-investorservices.com](http://www.mufg-investorservices.com/). We're looking for an experienced Technology Risk & Resilience Manager to join our second line risk in London, United Kingdom or Dublin, Ireland. In this pivotal role, you will: * Provide independent second line oversight and credible challenge of Technology Risk (Information Technology and Information Security) within the firm, ensuring effective integration of technology risk into the overarching second line Risk Management Framework, including alignment with DORA, third-party risk, and service resilience expectations. * The role will not own or operate technology risk controls, but will assess, challenge, and provide assurance over how technology risks are identified, managed, and reported by the first line. Key Roles & Responsibilities Second Line Oversight & Framework Integration * Define and embed Technology Risk (IT & Information Security) appropriately within the Operational Risk Taxonomy and Framework, ensuring clear, documented delineation of 1LOD vs 2LOD accountability in line with company’s governance models. * Provide independent 2LOD oversight of the
Applying for this Technology Risk & Resilience Manager (Second Line) role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on SmartRecruiters
- SmartRecruiters often includes a video screening step — check camera and mic permissions.
- Link your GitHub or portfolio directly in the profile section for technical roles.
- Applications may be reviewed by AI scoring before reaching a recruiter — use keywords from the job description.
ANONYMOUS · UNFILTERED
What do employees actually say about MUFG Investor Services?
Real rants from real employees. Read before you apply.