Privacy Incident Response - Assistant Vice President
Do you want your voice heard and your actions to count? Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world (as ranked by S&P Global, April 2020).
In the Americas, we're 13,000 colleagues, striving to make a difference for every client, organization, and community we serve.
We stand for our values, developing positive relationships built on integrity and respect.
It's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility.
We're a team that accepts responsibility for the future by asking the tough questions and owning the solutions.
Join MUFG and be empowered to make your voice heard and your actions count.
Job
Summary:
MUFG is seeking an Assistant Vice President to join MUFG's Americas Privacy Incident Response Team (Privacy IRT).
The Americas Privacy IRT is responsible for maintaining the Privacy Incident Response Program and performing incident response and assessment for privacy incidents.
Reporting to the Americas Privacy Incident Response Lead, within the Americas Compliance organization, the candidate will be responsible for supporting the Program, leading incident response, monitoring activities and reporting and metrics.
The Americas Privacy Incident Response Program includes processes for reporting and documenting Privacy Incidents, containing incidents, assessing impact, identifying root cause and remediation measures, evaluating notification obligations and training colleagues.
The Program covers reported Privacy Incidents impacting MUFG in the U.
S, Canada and Latin America.
This role will require incident or strong project management experience, and the ability to effectively collaborate with stakeholders across the enterprise.
Major
Responsibilities:
Lead incident investigations, conduct in-depth analysis and communicate effectively to gather necessary information to identify impact, root cause and remediation measures.
Present accurate and timely information to stakeholders outlining incident details, containment measures, impacts, remediation steps and post-mortem reviews (including lessons learned).
Perform analysis of reported incidents to identify patterns and trends.
Execute compliance monitoring activities related to incident response.
Tracking status of incidents including progress of assessments, open actions and remediation.
Support updates to the Privacy Incident Response Policy, procedures and program documentation.
Create incident reports, dashboards and metrics for meeting, working groups and committees.
Assess and work with Legal partners in the review of state and federal or country-specific regulatory breach notification requirements and preparation of notification letters or other required documentation.
Track new or changed data breach reporting and notification laws and regulations.
Partner with stakeholders from the business, Legal, Risk, Information Security, Human Resources during the lifecycle of an incident.
Lead post-mortem reviews of incidents and identify enhanced controls to mitigate the risk of reoccurrence.
Develop employee training content and awareness messages and continuously educate employees on the Program and reporting and preventing privacy incidents.
Qualifications:
Bachelor's degree required; CIPP/US and/or information technology certifications are highly desirable.
2
years' experience supporting an incident management function, with privacy or cybersecurity incident experience highly desirable or strong project management experience that is relatable to managing incident response.
Experience with investigations and working with cross-functional groups.
Strong writing and presentation skills including the capability to prepare clear and concise incident summaries and reports.
Knowledgeable about U.
S, Canada, Latin America privacy and data protection laws and regulations, and data breach notification laws.
High attention to detail and extremely organized to effectively manage multiple concurrent priorities.
Ability to work in a fast-paced environment with tight deadlines, and to adapt to unexpected changes in priorities.
Demonstrated ability to communicate verbally and in writing complex incidents to stakeholders of varying level.
Strong sense of ownership to drive tasks to completion and to identify opportunities for continuous improvement.
Proficient in working with databases and in Excel to analyze data, develop metrics and produce management ready presentations.
The above statements are intended to describe the general nature and level of the work being performed.
They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business.
We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment.
Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions.
Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made.
Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
In the Americas, we're 13,000 colleagues, striving to make a difference for every client, organization, and community we serve.
We stand for our values, developing positive relationships built on integrity and respect.
It's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility.
We're a team that accepts responsibility for the future by asking the tough questions and owning the solutions.
Join MUFG and be empowered to make your voice heard and your actions count.
Job
Summary:
MUFG is seeking an Assistant Vice President to join MUFG's Americas Privacy Incident Response Team (Privacy IRT).
The Americas Privacy IRT is responsible for maintaining the Privacy Incident Response Program and performing incident response and assessment for privacy incidents.
Reporting to the Americas Privacy Incident Response Lead, within the Americas Compliance organization, the candidate will be responsible for supporting the Program, leading incident response, monitoring activities and reporting and metrics.
The Americas Privacy Incident Response Program includes processes for reporting and documenting Privacy Incidents, containing incidents, assessing impact, identifying root cause and remediation measures, evaluating notification obligations and training colleagues.
The Program covers reported Privacy Incidents impacting MUFG in the U.
S, Canada and Latin America.
This role will require incident or strong project management experience, and the ability to effectively collaborate with stakeholders across the enterprise.
Major
Responsibilities:
Lead incident investigations, conduct in-depth analysis and communicate effectively to gather necessary information to identify impact, root cause and remediation measures.
Present accurate and timely information to stakeholders outlining incident details, containment measures, impacts, remediation steps and post-mortem reviews (including lessons learned).
Perform analysis of reported incidents to identify patterns and trends.
Execute compliance monitoring activities related to incident response.
Tracking status of incidents including progress of assessments, open actions and remediation.
Support updates to the Privacy Incident Response Policy, procedures and program documentation.
Create incident reports, dashboards and metrics for meeting, working groups and committees.
Assess and work with Legal partners in the review of state and federal or country-specific regulatory breach notification requirements and preparation of notification letters or other required documentation.
Track new or changed data breach reporting and notification laws and regulations.
Partner with stakeholders from the business, Legal, Risk, Information Security, Human Resources during the lifecycle of an incident.
Lead post-mortem reviews of incidents and identify enhanced controls to mitigate the risk of reoccurrence.
Develop employee training content and awareness messages and continuously educate employees on the Program and reporting and preventing privacy incidents.
Qualifications:
Bachelor's degree required; CIPP/US and/or information technology certifications are highly desirable.
2
years' experience supporting an incident management function, with privacy or cybersecurity incident experience highly desirable or strong project management experience that is relatable to managing incident response.
Experience with investigations and working with cross-functional groups.
Strong writing and presentation skills including the capability to prepare clear and concise incident summaries and reports.
Knowledgeable about U.
S, Canada, Latin America privacy and data protection laws and regulations, and data breach notification laws.
High attention to detail and extremely organized to effectively manage multiple concurrent priorities.
Ability to work in a fast-paced environment with tight deadlines, and to adapt to unexpected changes in priorities.
Demonstrated ability to communicate verbally and in writing complex incidents to stakeholders of varying level.
Strong sense of ownership to drive tasks to completion and to identify opportunities for continuous improvement.
Proficient in working with databases and in Excel to analyze data, develop metrics and produce management ready presentations.
The above statements are intended to describe the general nature and level of the work being performed.
They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business.
We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment.
Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions.
Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made.
Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
