Job Specifications
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
Corporate Technology is accountable for the operation, development and support of all applications across all areas of the business. Corporate Technology ensures IT strategy, architecture and solutions are aligned to business requirements. The BISO role is part of the IT Security team. IT Security are collectively responsible for the following areas: Cyber Support and Engineering, Security Operations Centre covering pen tests, red and blue teams, Cyber and Risk Change portfolio, Threat Intelligence and Vulnerability Management for the Group and Identity and Access Management.
NUMBER OF DIRECT REPORTS
2
MAIN PURPOSE OF THE ROLE
Responsible for providing strategic information security leadership and oversight across all business units in the region. This role bridges global security strategy and regional business execution, ensuring that security, risk, and compliance objectives are effectively implemented, measured, and governed.
The position partners closely with regional executives, technology leadership, and global security functions to embed a culture of security, drive control adoption, and maintain regulatory confidence.
This role will work alongside the EMEA regional CISO on supporting the strategy, initiatives and roadmap for information security in MUFG EMEA. Working with key stakeholders internally to help embed security into the culture, whilst embedding technical controls into the mission critical business systems:
Risk Advisory & Control Adoption
Serve as the trusted advisor to business and technology units on security risks and control implementation.
Support adoption of global security controls and standards within regional operations.
Provide security input on new business initiatives, digital transformation, and third-party relationships.
Security Training & Awareness
Develop, tailor, and oversee delivery of security awareness programs by business line.
Drive execution of phishing simulations and targeted learning interventions.
Measure awareness effectiveness and report to management.
Security Champion Network
Establish and maintain a regional security champion community within business and operations teams.
Promote local ownership of security best practices and risk reduction initiatives.
Provide ongoing engagement, training, and recognition programs for champions.
Security Strategy, Planning & Reporting
Translate global and regional security objectives into actionable EMEA programs.
Develop strategic plans, key risk metrics (KRIs/KPIs), and executive dashboards.
Contribute to quarterly and annual reporting cycles for CISO and business leadership.
Finance, Budgeting & Resourcing
Support regional security budgeting, forecasting, and resource allocation.
Track spend against plan and provide variance analysis.
Assist in developing business cases for new initiatives or investments.
Security Program Governance
Oversee the implementation and governance of global security programs in EMEA.
Ensure adherence to enterprise security policies and frameworks.
Coordinate across multiple stakeholders to maintain governance and accountability.
Risk, Compliance & Audit Coordination
Act as the single point of contact for IT Security related audits and compliance engagements.
Manage audit readiness, evidence coordination, and remediation tracking.
Maintain strong relationships with internal audit, compliance, and regulatory teams.
Reporting & Global/Regional Coordination
Coordinate EMEA security reporting and represent the region in global BISO forums.
Ensure consistency of risk posture and alignment with global metrics and governance.
Provide regional input into global policy updates and program design.
Key Responsibilities
Communication & Training
Manage the Cyber & Risk training program.
Ensuring Cyber integration with the business and technology.
Communicating Risk & Cyber information across Bank EMEA and Securities.
Be an escalation point for concerns about IT Security.
Be a positive collaborator.
People Management
Ensure that the function is appropriately organised and adequately resourced by staff with appropriate skillsets to achieve its strategic objectives.
Lead, direct and
About the Company
MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with over 360 years of history, MUFG has a global network with over 2,100 locations in more than 40 markets including the Americas, Europe, the Middle East and Africa, Asia and Oceania. The Group has over 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. Through close partnerships among our group companies, ...
Know more