AVP - SOX First line of Control [T500-23339]

About Us:

MUFG Bank, Ltd. is Japans premier bank, with a global network spanning more than 50 markets. Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to businesses, governments and individuals worldwide.

In Asia, MUFG has a presence across 20 markets Australia, Bangladesh, Cambodia, China, Hong Kong, Indonesia, India, South Korea, Laos, Malaysia, Mongolia, Myanmar, New Zealand, Pakistan, Philippines, Singapore, Sri Lanka, Taiwan, Thailand and Vietnam.

It has also formed strategic partnerships with some of the most prominent banks in Southeast Asia, further augmenting its unrivalled network across the region VietinBank in Vietnam, Krungsri in Thailand, Security Bank in the Philippines and Bank Danamon in Indonesia.

For more information, visit

MUFG Enterprise Solutions India Private Limited:

Established in 2020, MUFG Enterprise Solutions India Private Limited (MES India) is 100% subsidiary of MUFG Bank Ltd having offices in Bengaluru and Mumbai. MES India has been set up as a Global Capability Centre / Centre of Excellence to provide support services across various functions such as IT, KYC / AML, Credit, Operations etc. to MUFG Bank offices globally. MES India has plans to significantly ramp-up its growth over the next 18-24 months while servicing MUFGs global network across Americas, EMEA and Asia Pacific.

About the Role:

Position Title: SOX First line of Control.

Corporate Title: AVP, Finance.

Location: MGS - Bengaluru

Job Profile:

Position details:

The SOX & Finance First line Controls Function manage the SOX Framework for US entities and also plays a critical role in ensuring the effective design and operation of SOX and non-SOX controls.

Roles and Responsibilities:

We are seeking a motivated staff to join our growing controls team. Reporting to the Head of Finance at MGS, this individual will support in enhancing IT Risk & Controls Framework across Americas and assist in control design and operational effectiveness reviews and participate in project and remediation assessments. This role offers the opportunity to work cross-functionally with stakeholders across Front office, OPS, Technology, Finance, and Internal Audit while gaining exposure to end-to-end risk and control processes.

• IT General Controls (ITGC), IT Automated Controls (ITAC) and Entity Level Controls (ELC).
• Perform ITGC, ITAC and Entity Level controls review for SOX in accordance with the annual testing plan for MUSE, MUFG Bank & MBE.
• Perform annual walkthrough (Test of Design) and review test results and evidence to assess operational effectiveness of controls.
• Assist in tracking control deficiencies, validating remediation efforts, and updating documentation.
• Support project-based assessments, including pre-implementation reviews for new systems and processes impacting Internal Control over Financial Reporting.
• Collaborate with control owners and process leads across London and MBE branches to ensure timely testing completion.
• Participate in status meetings with stakeholders, escalating issues or delays proactively.
• Assist with periodic control owner education and awareness initiatives.
• Work closely with the VP to support quality assurance activities and respond to audit queries.
• EUC Controls
• Coordinate the annual EUC self-testing across Finance Division.
• Perform QA review of Finance EUCs on a sample basis and work with the relevant owner to remediate EUC controls where relevant.
• Provide annual refresher training to Finance staff ahead of the annual EUC self-testing and attestation.

Job Requirements:

Experience:

• 8-10 years of relevant experience in IT audit, SOX testing, EUC Controls Review or IT risk & controls (preferably in financial services or Big 4 advisory).
• Strong understanding of IT General Controls: Change Management, Logical Access, and IT Operations.
• Expertise in SOX framework, control testing methodologies, and documentation standards.
• Good understanding of IT infrastructure, IAM, RPA and cloud (Azure & Oracle) technologies
• Basic understanding of Entity Level Controls
• Proficient in Microsoft Excel, PowerPoint, and Governance, Risk & Compliance (GRC) tool.
• Excellent verbal and written communication skills, with the ability to clearly explain testing results and control gaps.

Performance and Duties:

• The role holder will be assessed in accordance with their employing entitys performance framework and process with relevant input obtained from the dual hatting entity as relevant.
• As duties and responsibilities change, the job description will be reviewed and emended in consultation with the role holder. The role holder will carry out other duties as are within the scope, spirit and purpose of the role as requested by their line manager or Department Head.
• Managing conflicts of interest / dual hat status (If Applicable) - The role holder will have responsibilities for both MUFG Bank Americas plc. Additionally, the candidate may be required to manage Finance Function for the rest of Americas region
• The role holder will be required to perform their duties and responsibilities on an entity neutral basis, without favor.
• The role holder is required to follow regulatory requirements applicable to ensure each business is appropriately supported and to maintain the legal entity integrity of each of MUFG Bank and MUFG Securities.

Work Experience (Desirable):

• Exposure to automated controls and End User Computing (EUC) risk.
• Knowledge of ITSM and identity management tools (e.g., ServiceNow, CyberArk, RSA IGL).
• Awareness of Robotics Process Automation (RPA) and system implementation lifecycle controls.
• Experience supporting external or internal audits.

Personal Attributes:

• Proactive, detail-oriented, and committed to meeting deadlines.
• Collaborative mindset with a willingness to learn from senior staff.
• Analytical thinking and sound judgment in identifying control weaknesses.
• Ability to multitask and prioritize in a dynamic, deadline-driven environment.
• Must be comfortable working with hybrid teams across time zones.

Qualifications:

• Relevant professional qualification Eg. CISA, CISM, CISSP would be preferable