This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

The exclusive website bringing you daily job offers!

To post a job, login or create an account |  Post a Job

MUFG: Operational Risk Crisis And Critical Incident Management (Ccim), Assistant Vp


This is a Full-time position in Vance, NC posted January 12, 2021.

Reporting to the Director of Business Continuity Disaster Recovery Risk Management in the Second Line of Defense (SLoD), the Engagement Manager is responsible for review and challenge over the tactical implementation of Crisis and Critical Incident Management activities of the Business Continuity Risk Management (BCRM) program (and its related components) being performed at the Combined U.S.

Operations (CUSO).

Major Responsibilities: As the AVP, Second Line of Defense (SLoD) Engagement Manager this position supports the BC Risk Management (BCRM) and its related components of the company’s Crisis and Critical Incident Management and Emergency Preparedness functions.

* Performs review and challenge of First Line of Defense (FLoD) for all CUSO entities as it relates to all core activities of Crisis and Critical Incident Management and Emergency Preparedness inclusive of gap risk measurement, mitigation strategies, and material risk identification.

* Ensures BCRM and the CUSO entities’ roles and responsibilities, timelines, and requirements are clear.

* Drives the socialization, adoption, consistent and appropriate.

implementation, and ongoing maintenance of the BCRM framework, policies, standards, methods, etc.

across many entities.

* Provides subject matter expertise on Business Continuity Management regulatory requirements including but not limited to: Financial Services driven by various guidance and agencies e.G.

FFIEC, OCC, Federal Reserve Bank, FINRA, SEC etc.

and defining threats and risk scenarios in order to provide recommendations on changes or program enhancements required to address such requirements and threats.

* Acts as a Business Continuity Management advocate towards the front-line business units ensuring business buy-in and facilitating integration of second line frameworks, policies, standards, and minimum requirements.

* Collaborates and aids BCRM leadership in Board and senior management reporting.

* Provides awareness and training as appropriate relating to BCRM, including new and changing policies, systems, and methodologies.

* Assesses BCRM policy, standards and minimum requirements, as well as risk compliance relating to FLoD controls design, definition and operational procedures.

* Provides support of Internal Audits and Regulatory Exams.

* Ensures FLoD program compliance and maturity through KPI monitoring and performing quality assessment reviews.

Qualifications: * BS in Financial Services or demonstrated equivalent experience * Minimum of 5 years practical Business Continuity, Disaster Recovery, and/or Crisis Management experience; experience in the banking or financial industry preferred * Professional certification from the Disaster Recovery Institute, International or from The Business Continuity Institute (e.G.

ABCP, CBCP, MBCP, MBCI, CRP) and/or other Business Continuity or industry related certifications preferred * Demonstrated skills in applying Business Continuity and Disaster Recovery planning principles to various levels (staff, management and executive) of the company.

* Demonstrated knowledge on DR best practices and regulatory requirements including but not limited to: FFIEC, OCC, FINRA, Federal Reserve, NIST, COBIT, ITIL * Knowledge of Cyber Security practices for virtual environments (ex.

VMWare and OpenStack) and working knowledge of application assessment, application security vulnerabilities, code review methodologies, and secure coding practices.

* Knowledge of security incident response process and methods.

* Knowledge in the following technologies, security methods and topics: firewalls, proxy servers, load balancing, web application firewalls, vulnerability and code testing, application security, web application security, identification & authentication, cryptography, identity and access management, back-up and disaster recovery, continuity of operations, physical security, security training, host-based security techniques, and other security measures.

* Knowledge of Risk Management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches, including third party risk management practices.

* Demonstrated human relation skills to effectively interact with pee